From 670a1ff8f97962efd6b27436b50fc51b62683c25 Mon Sep 17 00:00:00 2001
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Sun, 1 Sep 2019 17:25:49 +0200
Subject: Fix password checking with as-needed linking

Newer gcc toolchains tend to enable as-needed by default, so runtime
detection of libcrypt will fail.  We can just explicitly link against
libcrypt anyway.

* configure.ac: Check for `crypt()' in libcrypt.
* config.make.in: Substitute HAVE_LIBCRYPT.
* libshouldbeinlibc/idvec-verify.c: Include <crypt.h> only when libcrypt
is available.  Replace weak reference with explicit call and fallback
macro.
* utils/x.c: Likewise.
* libshouldbeinlibc/Makefile (LDLIBS): Add -lcrypt when libcrypt is
available.
---
 libshouldbeinlibc/Makefile       |  2 ++
 libshouldbeinlibc/idvec-verify.c | 15 +++++++--------
 2 files changed, 9 insertions(+), 8 deletions(-)

(limited to 'libshouldbeinlibc')

diff --git a/libshouldbeinlibc/Makefile b/libshouldbeinlibc/Makefile
index 04c085bb..2edf15f4 100644
--- a/libshouldbeinlibc/Makefile
+++ b/libshouldbeinlibc/Makefile
@@ -38,6 +38,8 @@ installhdrs = idvec.h timefmt.h maptime.h \
 
 installhdrsubdir = .
 
+LDLIBS += $(and $(HAVE_LIBCRYPT),-lcrypt)
+
 OBJS = $(SRCS:.c=.o)
 
 include ../Makeconf
diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c
index a7d95761..1c4bc494 100644
--- a/libshouldbeinlibc/idvec-verify.c
+++ b/libshouldbeinlibc/idvec-verify.c
@@ -27,12 +27,15 @@
 #include <grp.h>
 #include <pwd.h>
 #include <shadow.h>
+#ifdef HAVE_LIBCRYPT
 #include <crypt.h>
+#else
+#warning "No crypt on this system!  Using plain-text passwords."
+#define crypt(password, encrypted) password
+#endif
 
 #define SHADOW_PASSWORD_STRING	"x" /* pw_passwd contents for shadow passwd */
 
-#pragma weak crypt
-
 static error_t verify_id (); /* FWD */
 
 /* Get a password from the user, returning it in malloced storage.  */
@@ -71,12 +74,8 @@ verify_passwd (const char *password,
   if (sys_encrypted[0] == '\0')
     return 0;			/* No password.  */
 
-  if (crypt)
-    /* Encrypt the password entered by the user (SYS_ENCRYPTED is the salt). */
-    encrypted = crypt (password, sys_encrypted);
-  else
-    /* No crypt on this system!  Use plain-text passwords.  */
-    encrypted = password;
+  /* Encrypt the password entered by the user (SYS_ENCRYPTED is the salt). */
+  encrypted = crypt (password, sys_encrypted);
 
   if (! encrypted)
     /* Crypt failed.  */
-- 
cgit v1.2.3