]> git.pld-linux.org Git - packages/pam.git/blob - pam-unix-nullcheck.patch
projects / packages / pam.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- add failok option to pam_exec to ignore exit code from command
[packages/pam.git] / pam-unix-nullcheck.patch
1 diff -urN Linux-PAM-0.99.7.1.orig/modules/pam_unix/support.c Linux-PAM-0.99.7.1/modules/pam_unix/support.c
2 --- Linux-PAM-0.99.7.1.orig/modules/pam_unix/support.c  2007-01-23 10:41:21.000000000 +0100
3 +++ Linux-PAM-0.99.7.1/modules/pam_unix/support.c       2007-02-04 20:00:16.992352631 +0100
4 @@ -694,13 +695,13 @@
5             } else {
6                 if (!strncmp(salt, "$1$", 3)) {
7                     pp = Goodcrypt_md5(p, salt);
8 -                   if (strcmp(pp, salt) != 0) {
9 +                   if (pp && strcmp(pp, salt) != 0) {
10                         _pam_delete(pp);
11                         pp = Brokencrypt_md5(p, salt);
12                     }
13                 } else if (*salt != '$' && salt_len >= 13) {
14                     pp = bigcrypt(p, salt);
15 -                   if (strlen(pp) > salt_len) {
16 +                   if (pp && strlen(pp) > salt_len) {
17                         pp[salt_len] = '\0';
18                     }
19                 } else {
20 @@ -715,7 +718,7 @@
21                 /* the moment of truth -- do we agree with the password? */
22                 D(("comparing state of pp[%s] and salt[%s]", pp, salt));
23  
24 -               if (strcmp(pp, salt) == 0) {
25 +               if (pp && strcmp(pp, salt) == 0) {
26                     retval = PAM_SUCCESS;
27                 } else {
28                     retval = PAM_AUTH_ERR;
29 diff -urN Linux-PAM-0.99.7.1.orig/modules/pam_unix/unix_chkpwd.c Linux-PAM-0.99.7.1/modules/pam_unix/unix_chkpwd.c
30 --- Linux-PAM-0.99.7.1.orig/modules/pam_unix/unix_chkpwd.c      2006-10-24 12:01:49.000000000 +0200
31 +++ Linux-PAM-0.99.7.1/modules/pam_unix/unix_chkpwd.c   2007-02-04 19:53:39.269687706 +0100
32 @@ -196,20 +197,20 @@
33         retval = PAM_AUTH_ERR;
34         if (!strncmp(salt, "$1$", 3)) {
35                 pp = Goodcrypt_md5(p, salt);
36 -               if (strcmp(pp, salt) == 0) {
37 +               if (pp && strcmp(pp, salt) == 0) {
38                         retval = PAM_SUCCESS;
39                 } else {
40                         pp = Brokencrypt_md5(p, salt);
41 -                       if (strcmp(pp, salt) == 0)
42 +                       if (pp && strcmp(pp, salt) == 0)
43                                 retval = PAM_SUCCESS;
44                 }
45         } else if (*salt == '$') {
46                 /*
47                  * Ok, we don't know the crypt algorithm, but maybe
48                  * libcrypt nows about it? We should try it.
49                  */
50                 pp = x_strdup (crypt(p, salt));
51 -               if (strcmp(pp, salt) == 0) {
52 +               if (pp && strcmp(pp, salt) == 0) {
53                         retval = PAM_SUCCESS;
54                 }
55         } else if ((*salt == '*') || (salt_len < 13)) {
56 @@ -225,7 +230,7 @@
57                  * stored string with the subset of bigcrypt's result.
58                  * Bug 521314: the strncmp comparison is for legacy support.
59                  */
60 -               if (strncmp(pp, salt, salt_len) == 0) {
61 +               if (pp && strncmp(pp, salt, salt_len) == 0) {
62                         retval = PAM_SUCCESS;
63                 }
64         }
Pluggable Authentication Modules: modular, incremental authentication
This page took 0.074032 seconds and 3 git commands to generate.