From b518a3bfe91bb157948dde85e42f63f42b00da58 Mon Sep 17 00:00:00 2001 From: Guan-Zhong Huang Date: Sat, 9 Mar 2013 12:51:35 +0800 Subject: Fix password authentication to handle different encryption algorithms --- sesman/verify_user.c | 42 ++++-------------------------------------- 1 file changed, 4 insertions(+), 38 deletions(-) (limited to 'sesman') diff --git a/sesman/verify_user.c b/sesman/verify_user.c index 81ddc0a8..85e614d3 100644 --- a/sesman/verify_user.c +++ b/sesman/verify_user.c @@ -50,12 +50,9 @@ auth_account_disabled(struct spwd *stp); long DEFAULT_CC auth_userpass(char *user, char *pass, int *errorcode) { - char salt[13] = "$1$"; - char hash[35] = ""; - char *encr = 0; + const char *encr; struct passwd *spw; struct spwd *stp; - int saltcnt = 0; spw = getpwnam(user); @@ -80,46 +77,15 @@ auth_userpass(char *user, char *pass, int *errorcode) return 0; } - g_strncpy(hash, stp->sp_pwdp, 34); + encr = stp->sp_pwdp; } else { /* old system with only passwd */ - g_strncpy(hash, spw->pw_passwd, 34); - } - - hash[34] = '\0'; - - if (g_strncmp(hash, "$1$", 3) == 0) - { - /* gnu style crypt(); */ - saltcnt = 3; - - while ((hash[saltcnt] != '$') && (saltcnt < 11)) - { - salt[saltcnt] = hash[saltcnt]; - saltcnt++; - } - - salt[saltcnt] = '$'; - salt[saltcnt + 1] = '\0'; - } - else - { - /* classic two char salt */ - salt[0] = hash[0]; - salt[1] = hash[1]; - salt[2] = '\0'; - } - - encr = crypt(pass, salt); - - if (g_strncmp(encr, hash, 34) != 0) - { - return 0; + encr = spw->pw_passwd; } - return 1; + return (strcmp(encr, crypt(pass, encr)) == 0); } /******************************************************************************/ -- cgit v1.2.1