From a92c17bccef85519917b91e4c181154559ecec96 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Fri, 26 Jun 2009 09:55:25 +0000 Subject: Relevant BUGIDs: Purpose of commit: bugfix Commit summary: --------------- Fix blowfish support 009-06-25 Thorsten Kukuk * configure.in: Rename crypt_gensalt_rn to crypt_gensalt_r * modules/pam_unix/passverify.c: Likewise. --- ChangeLog | 5 +++++ configure.in | 4 ++-- modules/pam_unix/passverify.c | 14 +++++++------- 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index f3de7a84..9842331f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2009-06-25 Thorsten Kukuk + + * configure.in: Rename crypt_gensalt_rn to crypt_gensalt_r + * modules/pam_unix/passverify.c: Likewise. + 2009-06-19 Thorsten Kukuk * release version 1.1.0 diff --git a/configure.in b/configure.in index ba522a5a..3e03b5aa 100644 --- a/configure.in +++ b/configure.in @@ -363,8 +363,8 @@ AM_CONDITIONAL([HAVE_AUDIT_TTY_STATUS], AC_CHECK_HEADERS(xcrypt.h crypt.h) BACKUP_LIBS=$LIBS AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="") -AC_CHECK_FUNCS(crypt_r crypt_gensalt_rn) -LIBS=$BACKUP_LIBS +AC_CHECK_FUNCS(crypt_r crypt_gensalt_r) +Libs=$BACKUP_LIBS AC_SUBST(LIBCRYPT) if test "$LIBCRYPT" = "-lxcrypt" -a "$ac_cv_header_xcrypt_h" = "yes" ; then AC_DEFINE([HAVE_LIBXCRYPT], 1, [Define to 1 if xcrypt support should be compiled in.]) diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index 8cf95c33..489e8560 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -274,7 +274,7 @@ PAMH_ARG_DECL(int check_shadow_expiry, } if ((curdays - spent->sp_lstchg < spent->sp_min) && (spent->sp_min != -1)) { - /* + /* * The last password change was too recent. This error will be ignored * if no password change is attempted. */ @@ -403,11 +403,11 @@ PAMH_ARG_DECL(char * create_password_hash, return crypted; } -#ifdef HAVE_CRYPT_GENSALT_RN +#ifdef HAVE_CRYPT_GENSALT_R if (on(UNIX_BLOWFISH_PASS, ctrl)) { char entropy[17]; crypt_make_salt(entropy, sizeof(entropy) - 1); - sp = crypt_gensalt_rn(algoid, rounds, + sp = crypt_gensalt_r (algoid, rounds, entropy, sizeof(entropy), salt, sizeof(salt)); } else { @@ -420,7 +420,7 @@ PAMH_ARG_DECL(char * create_password_hash, /* For now be conservative so the resulting hashes * are not too long. 8 bytes of salt prevents dictionary * attacks well enough. */ -#ifdef HAVE_CRYPT_GENSALT_RN +#ifdef HAVE_CRYPT_GENSALT_R } #endif sp = crypt(password, salt); @@ -684,7 +684,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, D(("fflush or fsync error writing entries to old passwords file: %m")); err = 1; } - + if (fclose(pwfile)) { D(("fclose error writing entries to old passwords file: %m")); err = 1; @@ -804,7 +804,7 @@ PAMH_ARG_DECL(int unix_update_passwd, D(("fflush or fsync error writing entries to password file: %m")); err = 1; } - + if (fclose(pwfile)) { D(("fclose error writing entries to password file: %m")); err = 1; @@ -930,7 +930,7 @@ PAMH_ARG_DECL(int unix_update_shadow, D(("fflush or fsync error writing entries to shadow file: %m")); err = 1; } - + if (fclose(pwfile)) { D(("fclose error writing entries to shadow file: %m")); err = 1; -- cgit v1.2.3