Apple-2gs-SW/hush
1
0
Fork 0
mirror of https://github.com/sheumann/hush.git synced 2025-01-03 00:31:16 +00:00
Code Issues Projects Releases Wiki Activity

- passwd doesnt use salt with md5 passwords; bug #604 thanks taviso

Browse Source
This commit is contained in:
Ned Ludd 2006-04-21 00:40:35 +00:00
parent f162183527
commit 791976490b
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
loginutils/passwd.c
View File

@ -322,6 +322,7 @@ static int new_password(const struct passwd *pw, int amroot, int algo)
char *clear; char *clear;
char *cipher; char *cipher;
char *cp; char *cp;
char salt[12]; /* "$N$XXXXXXXX" or "XX" */
char orig[200]; char orig[200];
char pass[200]; char pass[200];
@ -376,11 +377,18 @@ static int new_password(const struct passwd *pw, int amroot, int algo)
} }
memset(cp, 0, strlen(cp)); memset(cp, 0, strlen(cp));
memset(orig, 0, sizeof(orig)); memset(orig, 0, sizeof(orig));
memset(salt, 0, sizeof(salt));
if (algo == 1) { if (algo == 1) {
cp = pw_encrypt(pass, "$1$"); strcpy(salt, "$1$");
} else strcat(salt, crypt_make_salt());
cp = pw_encrypt(pass, crypt_make_salt()); strcat(salt, crypt_make_salt());
strcat(salt, crypt_make_salt());
}
strcat(salt, crypt_make_salt());
cp = pw_encrypt(pass, salt);
memset(pass, 0, sizeof pass); memset(pass, 0, sizeof pass);
safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd)); safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
return 0; return 0;