From edcd6ce3a097c9b813909186dcb4accc35e604ef Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 7 Apr 2015 10:52:16 +0200 Subject: Use crypt_r if available in pam_userdb and in pam_unix. * modules/pam_unix/passverify.c (create_password_hash): Call crypt_r() instead of crypt() if available. * modules/pam_userdb/pam_userdb.c (user_lookup): Call crypt_r() instead of crypt() if available. --- modules/pam_userdb/pam_userdb.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'modules/pam_userdb') diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index ba36ebf2..8df1a40c 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -213,15 +213,23 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode, /* crypt(3) password storage */ - char *cryptpw; + char *cryptpw = NULL; if (data.dsize < 13) { compare = -2; } else if (ctrl & PAM_ICASE_ARG) { compare = -2; } else { +#ifdef HAVE_CRYPT_R + struct crypt_data *cdata = NULL; + cdata = malloc(sizeof(*cdata)); + if (cdata != NULL) { + cdata->initialized = 0; + cryptpw = crypt_r(pass, data.dptr, cdata); + } +#else cryptpw = crypt (pass, data.dptr); - +#endif if (cryptpw && strlen(cryptpw) == (size_t)data.dsize) { compare = memcmp(data.dptr, cryptpw, data.dsize); } else { @@ -232,9 +240,11 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode, else pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); } - }; - - }; + } +#ifdef HAVE_CRYPT_R + free(cdata); +#endif + } } else { -- cgit v1.2.1