summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCharl Botha <cpbotha@cpbotha.net>2000-11-11 22:52:41 +0000
committerCharl Botha <cpbotha@cpbotha.net>2000-11-11 22:52:41 +0000
commitfc9d6df599183b27792a8ddf3fda4c12f8792e4b (patch)
tree47d5bcb53dff751beef02f9ff688450ee5770f5e
parent5b6f270f1df97437ca706ddfd004dd9bc66af748 (diff)
downloadlibpam-pwdfile-fc9d6df599183b27792a8ddf3fda4c12f8792e4b.tar.gz
Fixed DES bug (I introduced when integrating MD5 patch)
-rw-r--r--changelog7
-rw-r--r--pam_pwdfile.c16
2 files changed, 16 insertions, 7 deletions
diff --git a/changelog b/changelog
index 38d406e..be1dd9a 100644
--- a/changelog
+++ b/changelog
@@ -1,7 +1,12 @@
changelog for pam_pwdfile PAM module - Charl P. Botha <cpbotha@ieee.org>
-$Id: changelog,v 1.4 2000-11-08 00:44:19 cpbotha Exp $
+$Id: changelog,v 1.5 2000-11-11 22:52:41 cpbotha Exp $
---------------------------------------------------------------------------
+0.6: Sat Nov 11 23:51:32 CET 2000
+
+* fixed a stupid bug I introduced when integrating Warwick's patch; tested
+ fine with both DES and MD5 crypts
+
0.5: Wed Nov 8 01:39:22 CET 2000
* added patch by Warwick Duncan <warwick@chemeng.uct.ac.za> to support MD5
diff --git a/pam_pwdfile.c b/pam_pwdfile.c
index 17b925d..33b4da6 100644
--- a/pam_pwdfile.c
+++ b/pam_pwdfile.c
@@ -1,12 +1,12 @@
/* pam_pwdfile.c copyright 1999 by Charl P. Botha <cpbotha@ieee.org>
*
- * $Id: pam_pwdfile.c,v 1.7 2000-11-08 00:54:16 cpbotha Exp $
+ * $Id: pam_pwdfile.c,v 1.8 2000-11-11 22:52:41 cpbotha Exp $
*
* pam authentication module that can be pointed at any username/crypted
* text file so that pam using application can use an alternate set of
* passwords than specified in system password database
*
- * version 0.5
+ * version 0.6
*
* Copyright (c) Charl P. Botha, 1999. All rights reserved
*
@@ -69,7 +69,9 @@ extern char *crypt(const char *key, const char *salt);
#define PWDF_PARAM "pwdfile"
#define FLOCK_PARAM "flock"
#define PWDFN_LEN 256
-#define CRYPTEDPWD_LEN 34
+#define CRYPTED_DESPWD_LEN 13
+#define CRYPTED_MD5PWD_LEN 34
+
#ifdef DEBUG
# define D(a) a;
@@ -203,7 +205,8 @@ static int fgetpwnam(FILE *stream, const char *name, char *password) {
/* get the password and put it in its place */
curpass = strsep(&tpointer,":");
if (curpass != NULL) {
- strncpy(password,curpass,CRYPTEDPWD_LEN+1);
+ /* we use md5 pwd len, as this is just a safe maximum */
+ strncpy(password,curpass,CRYPTED_MD5PWD_LEN+1);
pwdfound = 1;
} /* if (curpass... */
} /* if (strcmp(curname... */
@@ -219,7 +222,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
const char *name;
char *password;
char pwdfilename[PWDFN_LEN];
- char salt[12], crypted_password[CRYPTEDPWD_LEN+1];
+ char salt[12], crypted_password[CRYPTED_MD5PWD_LEN+1];
FILE *pwdfile;
int use_flock = 0;
@@ -326,11 +329,12 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
if (strncmp(crypted_password, "$1$", 3) == 0) {
strncpy(salt, crypted_password, 11);
salt[11] = '\0';
+ crypted_password[CRYPTED_MD5PWD_LEN] = '\0';
} else {
strncpy(salt, crypted_password, 2);
salt[2] = '\0';
+ crypted_password[CRYPTED_DESPWD_LEN] = '\0';
}
- crypted_password[CRYPTEDPWD_LEN] = '\0';
/* DEBUG */
D(_pam_log(LOG_ERR,"user password crypted is %s", crypt(password,salt)));