pam_unix: use correct number of rounds - pam.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Tobias Stoeckmann <tobias@stoeckmann.org>	2023-12-11 14:36:49 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2023-12-11 13:36:49 +0000
commit	bf9ebc84c091f9f2d018aac2f9c2c4c4933e319e (patch)
tree	18d1d346b56112db642d946145af43f399e717f3 /modules/pam_unix/passverify.c
parent	d611afcbd52bc13c2455375d5c4fb20839f09f4a (diff)
download	pam-bf9ebc84c091f9f2d018aac2f9c2c4c4933e319e.tar.gz pam-bf9ebc84c091f9f2d018aac2f9c2c4c4933e319e.tar.bz2 pam-bf9ebc84c091f9f2d018aac2f9c2c4c4933e319e.zip

pam_unix: use correct number of rounds

It is possible to have a mismatch between ENCRYPT_METHOD in login.defs and an argument given specifically to pam_unix.so. If pam_unix.so receives the argument "yescrypt" but ENCRYPT_METHOD is set to SHA512, then SHA_CRYPT_MAX_ROUNDS is parsed from login.defs and used as rounds for yescrypt -- except if rounds are specificially given as an argument to pam_unix.so as well. Read the correct rounds from login.defs after all arguments are parsed and no rounds were specified to figure out which one will eventually be used. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

Diffstat (limited to 'modules/pam_unix/passverify.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: