pam_userdb: Allow also modern password hashes supported by crypt().

modules/pam_userdb/pam_userdb.c (user_lookup): Allow password hashes
longer than 13 characters and long salt.

diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c
index c075c4b5825c19e4062dfff81bd4eeaa5c015dce..de8b5b1e919f62826bb7d591cba81222b68246c2 100644 (file)
--- a/modules/pam_userdb/pam_userdb.c
+++ b/modules/pam_userdb/pam_userdb.c
@@ -214,17 +214,13 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode,
          /* crypt(3) password storage */
 
          char *cryptpw;
-         char salt[2];
 
-         if (data.dsize != 13) {
+         if (data.dsize < 13) {
            compare = -2;
          } else if (ctrl & PAM_ICASE_ARG) {
            compare = -2;
          } else {
-           salt[0] = *data.dptr;
-           salt[1] = *(data.dptr + 1);
-
-           cryptpw = crypt (pass, salt);
+           cryptpw = crypt (pass, data.dptr);
 
            if (cryptpw) {
              compare = strncasecmp (data.dptr, cryptpw, data.dsize);