From f92940aef28c98145ecddeff05b4aa4be7a6c5e5 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Wed, 14 Apr 2010 10:22:10 +0000 Subject: Relevant BUGIDs: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Purpose of commit: bugfix Commit summary: --------------- 2010-04-13 Thorsten Kukuk * modules/pam_pwhistory/opasswd.c: Fix compilation if cyprt_r() is not available. * configure.in: check for getutent_r. * modules/pam_timestamp/pam_timestamp.c: Use getutent() if getutent_r() does not exist. Patch from Diego Elio "Flameeyes" Pettenò. --- modules/pam_pwhistory/opasswd.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'modules/pam_pwhistory') diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c index 3c8e5cff..f045555f 100644 --- a/modules/pam_pwhistory/opasswd.c +++ b/modules/pam_pwhistory/opasswd.c @@ -94,6 +94,23 @@ parse_entry (char *line, opwd *data) return 0; } +static int +compare_password(const char *newpass, const char *oldpass) +{ + char *outval; +#ifdef HAVE_CRYPT_R + struct crypt_data output; + + output.initialized = 0; + + outval = crypt_r (newpass, oldpass, &output); +#else + outval = crypt (newpass, oldpass); +#endif + + return strcmp(outval, oldpass) == 0; +} + /* Check, if the new password is already in the opasswd file. */ int check_old_password (pam_handle_t *pamh, const char *user, @@ -167,12 +184,9 @@ check_old_password (pam_handle_t *pamh, const char *user, if (found) { const char delimiters[] = ","; - struct crypt_data output; char *running; char *oldpass; - memset (&output, 0, sizeof (output)); - running = strdupa (entry.old_passwords); if (running == NULL) return PAM_BUF_ERR; @@ -180,7 +194,7 @@ check_old_password (pam_handle_t *pamh, const char *user, do { oldpass = strsep (&running, delimiters); if (oldpass && strlen (oldpass) > 0 && - strcmp (crypt_r (newpass, oldpass, &output), oldpass) == 0) + compare_password(newpass, oldpass) ) { if (debug) pam_syslog (pamh, LOG_DEBUG, "New password already used"); -- cgit v1.2.3