2 files changed, 17 insertions, 4 deletions

diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index b695b8db..e2a30646 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -689,7 +689,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
 		    D(("user has empty password - access denied"));
 		    retval = PAM_AUTH_ERR;
 		}
-	    } else if (!p || (*salt == '*') || (salt_len < 13)) {
+	    } else if (!p || (*salt == '*')) {
 		retval = PAM_AUTH_ERR;
 	    } else {
 		if (!strncmp(salt, "$1$", 3)) {
@@ -698,6 +698,12 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
 			_pam_delete(pp);
 			pp = Brokencrypt_md5(p, salt);
 		    }
+		} else if (*salt == '$') {
+                    /*
+		     * Ok, we don't know the crypt algorithm, but maybe
+		     * libcrypt nows about it? We should try it.
+		     */
+		    pp = x_strdup (crypt(p, salt));
 		} else {
 		    pp = bigcrypt(p, salt);
 		}
diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c
index 407909a4..87d29256 100644
--- a/modules/pam_unix/unix_chkpwd.c
+++ b/modules/pam_unix/unix_chkpwd.c
@@ -40,9 +40,7 @@ static int selinux_enabled=-1;
 #include <security/_pam_macros.h>
 
 #include "md5.h"
-
-extern char *crypt(const char *key, const char *salt);
-extern char *bigcrypt(const char *key, const char *salt);
+#include "bigcrypt.h"
 
 /* syslogging function for errors and other information */
 
@@ -205,6 +203,15 @@ static int _unix_verify_password(const char *name, const char *p, int nullok)
 			if (strcmp(pp, salt) == 0)
 				retval = PAM_SUCCESS;
 		}
+	} else if (*salt == '$') {
+	        /*
+		 * Ok, we don't know the crypt algorithm, but maybe
+		 * libcrypt nows about it? We should try it.
+		 */
+	        pp = x_strdup (crypt(p, salt));
+		if (strcmp(pp, salt) == 0) {
+			retval = PAM_SUCCESS;
+		}
 	} else if ((*salt == '*') || (salt_len < 13)) {
 	    retval = PAM_AUTH_ERR;
 	} else {