diff options
| author | Nathan Du <nathandu@outlook.com> | 2023-11-27 22:42:46 +0800 |
|---|---|---|
| committer | Nathan Du <nathandu@outlook.com> | 2023-11-27 22:42:46 +0800 |
| commit | 8d082da1bc993b5b061ae81a9743891328e04ce6 (patch) | |
| tree | 37476f902db1b9049d6de328dc0454cdee1858cb | |
| parent | 6619819487f9da20a0e6f70aaa92c422d1e6f124 (diff) | |
| download | pam-8d082da1bc993b5b061ae81a9743891328e04ce6.tar.gz pam-8d082da1bc993b5b061ae81a9743891328e04ce6.tar.bz2 pam-8d082da1bc993b5b061ae81a9743891328e04ce6.zip | |
pam_unix: read yescrypt rounds from login.defs
Retrieves YESCRYPT_COST_FACTOR from /etc/login.defs for yescrypt
in a similar fashion to reading number of rounds for SHA-2.
Resolves #607.
Signed-off-by: Nathan Du <nathandu@outlook.com>
| -rw-r--r-- | modules/pam_unix/support.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 31c5ecb6..cfc3003c 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -99,8 +99,13 @@ unsigned long long _set_ctrl(pam_handle_t *pamh, int flags, int *remember, free (val); /* read number of rounds for crypt algo */ - if (rounds && (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl))) { - val = pam_modutil_search_key(pamh, LOGIN_DEFS, "SHA_CRYPT_MAX_ROUNDS"); + if (rounds) { + val = NULL; + if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) { + val = pam_modutil_search_key(pamh, LOGIN_DEFS, "SHA_CRYPT_MAX_ROUNDS"); + } else if (on(UNIX_YESCRYPT_PASS, ctrl)) { + val = pam_modutil_search_key(pamh, LOGIN_DEFS, "YESCRYPT_COST_FACTOR"); + } if (val) { *rounds = strtol(val, NULL, 10); |