diff options
| author | Tomas Mraz <tm@t8m.info> | 2007-02-01 21:54:58 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2007-02-01 21:54:58 +0000 |
| commit | e8f5cd4ad89acb19a5be34ea24ab56857528a59c (patch) | |
| tree | aac85b6b8ec478b00cd31407492e60f459806ccd /modules/pam_unix/unix_chkpwd.c | |
| parent | b12b648d8357e5baa5c607ca6703380b1e77b013 (diff) | |
| download | pam-e8f5cd4ad89acb19a5be34ea24ab56857528a59c.tar.gz pam-e8f5cd4ad89acb19a5be34ea24ab56857528a59c.tar.bz2 pam-e8f5cd4ad89acb19a5be34ea24ab56857528a59c.zip | |
Relevant BUGIDs:
Purpose of commit: bugfix
Commit summary:
---------------
2007-02-01 Tomas Mraz <t8m@centrum.cz>
* xtests/tst-pam_unix3.c: Fix typos in comments.
* modules/pam_unix/support.c (_unix_verify_password): Explicitly
disallow '!' in the beginning of password hash. Treat only
13 bytes password hash specifically. (Suggested by Solar Designer.)
Fix a warning and test for allocation failure.
* modules/pam_unix/unix_chkpwd.c (_unix_verify_password): Likewise.
Diffstat (limited to 'modules/pam_unix/unix_chkpwd.c')
| -rw-r--r-- | modules/pam_unix/unix_chkpwd.c | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c index 87d29256..0ef2ccd8 100644 --- a/modules/pam_unix/unix_chkpwd.c +++ b/modules/pam_unix/unix_chkpwd.c @@ -144,7 +144,7 @@ static int _unix_verify_password(const char *name, const char *p, int nullok) char *salt = NULL; char *pp = NULL; int retval = PAM_AUTH_ERR; - int salt_len; + size_t salt_len; /* UNIX passwords area */ setpwent(); @@ -189,6 +189,8 @@ static int _unix_verify_password(const char *name, const char *p, int nullok) return (nullok == 0) ? PAM_AUTH_ERR : PAM_SUCCESS; } if (p == NULL || strlen(p) == 0) { + _pam_overwrite(salt); + _pam_drop(salt); return PAM_AUTHTOK_ERR; } @@ -196,11 +198,13 @@ static int _unix_verify_password(const char *name, const char *p, int nullok) retval = PAM_AUTH_ERR; if (!strncmp(salt, "$1$", 3)) { pp = Goodcrypt_md5(p, salt); - if (strcmp(pp, salt) == 0) { + if (pp && strcmp(pp, salt) == 0) { retval = PAM_SUCCESS; } else { + _pam_overwrite(pp); + _pam_drop(pp); pp = Brokencrypt_md5(p, salt); - if (strcmp(pp, salt) == 0) + if (pp && strcmp(pp, salt) == 0) retval = PAM_SUCCESS; } } else if (*salt == '$') { @@ -209,10 +213,10 @@ static int _unix_verify_password(const char *name, const char *p, int nullok) * libcrypt nows about it? We should try it. */ pp = x_strdup (crypt(p, salt)); - if (strcmp(pp, salt) == 0) { + if (pp && strcmp(pp, salt) == 0) { retval = PAM_SUCCESS; } - } else if ((*salt == '*') || (salt_len < 13)) { + } else if (*salt == '*' || *salt == '!' || salt_len < 13) { retval = PAM_AUTH_ERR; } else { pp = bigcrypt(p, salt); @@ -223,24 +227,21 @@ static int _unix_verify_password(const char *name, const char *p, int nullok) * have been truncated for storage relative to the output * of bigcrypt here. As such we need to compare only the * stored string with the subset of bigcrypt's result. - * Bug 521314: the strncmp comparison is for legacy support. + * Bug 521314. */ - if (strncmp(pp, salt, salt_len) == 0) { + if (salt_len == 13 && strlen(pp) > salt_len) { + _pam_overwrite(pp+salt_len); + } + + if (strcmp(pp, salt) == 0) { retval = PAM_SUCCESS; } } p = NULL; /* no longer needed here */ /* clean up */ - { - char *tp = pp; - if (pp != NULL) { - while (tp && *tp) - *tp++ = '\0'; - free(pp); - } - pp = tp = NULL; - } + _pam_overwrite(pp); + _pam_drop(pp); return retval; } |