diff options
| author | Charl Botha <cpbotha@cpbotha.net> | 2000-11-11 22:52:41 +0000 | 
|---|---|---|
| committer | Charl Botha <cpbotha@cpbotha.net> | 2000-11-11 22:52:41 +0000 | 
| commit | fc9d6df599183b27792a8ddf3fda4c12f8792e4b (patch) | |
| tree | 47d5bcb53dff751beef02f9ff688450ee5770f5e | |
| parent | 5b6f270f1df97437ca706ddfd004dd9bc66af748 (diff) | |
| download | libpam-pwdfile-fc9d6df599183b27792a8ddf3fda4c12f8792e4b.tar.gz | |
Fixed DES bug (I introduced when integrating MD5 patch)
| -rw-r--r-- | changelog | 7 | ||||
| -rw-r--r-- | pam_pwdfile.c | 16 | 
2 files changed, 16 insertions, 7 deletions
| @@ -1,7 +1,12 @@  changelog for pam_pwdfile PAM module - Charl P. Botha <cpbotha@ieee.org> -$Id: changelog,v 1.4 2000-11-08 00:44:19 cpbotha Exp $ +$Id: changelog,v 1.5 2000-11-11 22:52:41 cpbotha Exp $  --------------------------------------------------------------------------- +0.6: Sat Nov 11 23:51:32 CET 2000 + +* fixed a stupid bug I introduced when integrating Warwick's patch; tested +  fine with both DES and MD5 crypts +  0.5: Wed Nov  8 01:39:22 CET 2000  * added patch by Warwick Duncan <warwick@chemeng.uct.ac.za> to support MD5  diff --git a/pam_pwdfile.c b/pam_pwdfile.c index 17b925d..33b4da6 100644 --- a/pam_pwdfile.c +++ b/pam_pwdfile.c @@ -1,12 +1,12 @@  /* pam_pwdfile.c copyright 1999 by Charl P. Botha <cpbotha@ieee.org>   * - * $Id: pam_pwdfile.c,v 1.7 2000-11-08 00:54:16 cpbotha Exp $ + * $Id: pam_pwdfile.c,v 1.8 2000-11-11 22:52:41 cpbotha Exp $   *    * pam authentication module that can be pointed at any username/crypted   * text file so that pam using application can use an alternate set of   * passwords than specified in system password database   *  - * version 0.5 + * version 0.6   *   * Copyright (c) Charl P. Botha, 1999. All rights reserved   * @@ -69,7 +69,9 @@ extern char *crypt(const char *key, const char *salt);  #define PWDF_PARAM "pwdfile"  #define FLOCK_PARAM "flock"  #define PWDFN_LEN 256 -#define CRYPTEDPWD_LEN 34 +#define CRYPTED_DESPWD_LEN 13 +#define CRYPTED_MD5PWD_LEN 34 +  #ifdef DEBUG  # define D(a) a; @@ -203,7 +205,8 @@ static int fgetpwnam(FILE *stream, const char *name, char *password) {  	    /* get the password and put it in its place */  	    curpass = strsep(&tpointer,":");  	    if (curpass != NULL) { -	       strncpy(password,curpass,CRYPTEDPWD_LEN+1); +	       /* we use md5 pwd len, as this is just a safe maximum */ +	       strncpy(password,curpass,CRYPTED_MD5PWD_LEN+1);  	       pwdfound = 1;  	    } /* if (curpass... */  	 } /* if (strcmp(curname... */ @@ -219,7 +222,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,     const char *name;     char *password;     char pwdfilename[PWDFN_LEN]; -   char salt[12], crypted_password[CRYPTEDPWD_LEN+1]; +   char salt[12], crypted_password[CRYPTED_MD5PWD_LEN+1];     FILE *pwdfile;     int use_flock = 0; @@ -326,11 +329,12 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,     if (strncmp(crypted_password, "$1$", 3) == 0) {        strncpy(salt, crypted_password, 11);        salt[11] = '\0'; +      crypted_password[CRYPTED_MD5PWD_LEN] = '\0';     } else {        strncpy(salt, crypted_password, 2);        salt[2] = '\0'; +      crypted_password[CRYPTED_DESPWD_LEN] = '\0';           } -   crypted_password[CRYPTEDPWD_LEN] = '\0';     /* DEBUG */     D(_pam_log(LOG_ERR,"user password crypted is %s", crypt(password,salt))); | 
