234e8fa7b1
If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified, use SHA_ROUNDS_DEFAULT. Previously, the code fell through, calling shadow_random(-1, -1). This ultimately set rounds = (unsigned long) -1, which ends up being a very large number! This then got capped to SHA_ROUNDS_MAX later in the function. The new behavior matches BCRYPT_get_salt_rounds(). Bug: https://bugs.gentoo.org/808195 Fixes: https://github.com/shadow-maint/shadow/issues/393
14 KiB
14 KiB