From: Andrew G. Morgan Date: Tue, 9 Jul 2002 04:44:18 +0000 (+0000) Subject: Relevant BUGIDs: 521314 X-Git-Tag: Linux-PAM-0-76 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=067affee9267fa0d1c21835182ba639ba33e820f;p=linux-pam Relevant BUGIDs: 521314 Purpose of commit: bugfix Commit summary: --------------- bigcrypt does not match crypt when password length is too long. This led to a pam_unix problem when the module had not set the password in bigcrypt mode, but was trying to compare with bigcrypt output. The fix is to use the stored password as a guide to how much of the encrypted password to compare against. --- diff --git a/CHANGELOG b/CHANGELOG index 085abc87..03d6045a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -55,6 +55,8 @@ bug report - outstanding bugs are listed here: 0.76: please submit patches for this section with actual code/doc patches! +* pam_unix: fix for legacy crypt() support when the password entered + was long. (Bug 521314 - agmorgan). * pam_access no longer include gethostname() prototype complained from David Lee (Bug 415423 - agmorgan). * make pam_nologin more secure by default, added two new module diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index fcfe187e..6b51a6b2 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -965,6 +965,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, /* * to avoid using the _extensions_ of the bigcrypt() * function we truncate the newly entered password + * [Problems that followed from this are fixed as per + * Bug 521314.] */ char *temp = malloc(9); diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 9b6b19a2..5998c7db 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -617,7 +617,16 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name /* the moment of truth -- do we agree with the password? */ D(("comparing state of pp[%s] and salt[%s]", pp, salt)); - if (strcmp(pp, salt) == 0) { + /* + * Note, we are comparing the bigcrypt of the password with + * the contents of the password field. If the latter was + * encrypted with regular crypt (and not bigcrypt) it will + * have been truncated for storage relative to the output + * of bigcrypt here. As such we need to compare only the + * stored string with the subset of bigcrypt's result. + * Bug 521314: The strncmp comparison is for legacy support. + */ + if (strncmp(pp, salt, strlen(salt)) == 0) { retval = PAM_SUCCESS; } else { retval = PAM_AUTH_ERR; diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c index 9581d046..9ba11041 100644 --- a/modules/pam_unix/unix_chkpwd.c +++ b/modules/pam_unix/unix_chkpwd.c @@ -149,7 +149,16 @@ static int _unix_verify_password(const char *name, const char *p, int opt) } } else { pp = bigcrypt(p, salt); - if (strcmp(pp, salt) == 0) { + /* + * Note, we are comparing the bigcrypt of the password with + * the contents of the password field. If the latter was + * encrypted with regular crypt (and not bigcrypt) it will + * have been truncated for storage relative to the output + * of bigcrypt here. As such we need to compare only the + * stored string with the subset of bigcrypt's result. + * Bug 521314: the strncmp comparison is for legacy support. + */ + if (strncmp(pp, salt, strlen(salt)) == 0) { retval = UNIX_PASSED; } }