summaryrefslogtreecommitdiff
path: root/modules/pam_unix/support.c
diff options
context:
space:
mode:
authorBjörn Esser <besser82@fedoraproject.org>2018-11-15 15:58:56 +0100
committerTomáš Mráz <t8m@users.noreply.github.com>2018-11-22 15:17:55 +0100
commitdce80b3f11b3c3aa137d18f22699809094dd64b6 (patch)
treede1b607e79bdf720dbade2a14e4c23cbe95dc73f /modules/pam_unix/support.c
parent8eaf5570cf011148a0b55c53570df5edaafebdb0 (diff)
pam_unix: Prefer a gensalt function, that supports auto entropy.
* modules/pam_unix/pam_unix_passwd.c: Initialize rounds parameter to 0. * modules/pam_unix/passverify.c: Prefer gensalt with auto entropy. * modules/pam_unix/support.c: Fix sanitizing of rounds parameter.
Diffstat (limited to 'modules/pam_unix/support.c')
-rw-r--r--modules/pam_unix/support.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index f2e28d35..753e5f89 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -175,6 +175,7 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
if (val) {
*rounds = strtol(val, NULL, 10);
+ set(UNIX_ALGO_ROUNDS, ctrl);
free (val);
}
}
@@ -254,11 +255,13 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
if (*rounds < 4 || *rounds > 31)
*rounds = 5;
} else if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
- if ((*rounds < 1000) || (*rounds == INT_MAX))
+ if ((*rounds < 1000) || (*rounds == INT_MAX)) {
/* don't care about bogus values */
+ *rounds = 0;
unset(UNIX_ALGO_ROUNDS, ctrl);
- if (*rounds >= 10000000)
+ } else if (*rounds >= 10000000) {
*rounds = 9999999;
+ {
}
}