Bug #3080 ยป 0001-Fix-additional-cases-of-seg-faults-on-crypt-3-failur.patch
| contrib/opie/opieftpd.c | ||
|---|---|---|
|
VOIDRET pass FUNCTION((passwd), char *passwd)
|
||
|
{
|
||
|
int legit = askpasswd + 1, i;
|
||
|
char *cryptpw;
|
||
|
if (logged_in || askpasswd == 0) {
|
||
|
reply(503, "Login with USER first.");
|
||
| ... | ... | |
|
if (!guest) { /* "ftp" is only account allowed no password */
|
||
|
#endif /* DOANONYMOUS */
|
||
|
i = opieverify(&opiestate, passwd);
|
||
|
if (legit && i && pwok)
|
||
|
i = strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd);
|
||
|
if (legit && i && pwok) {
|
||
|
cryptpw = crypt(passwd, pw->pw_passwd);
|
||
|
i = (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0);
|
||
|
}
|
||
|
if (!legit || i) {
|
||
|
reply(530, "Login incorrect.");
|
||
|
pw = NULL;
|
||
| contrib/opie/opiesu.c | ||
|---|---|---|
|
struct passwd *pwd;
|
||
|
char *p = getlogin();
|
||
|
char buf[32];
|
||
|
char *cryptpw;
|
||
|
if ((pwd = getpwuid(getuid())) == NULL) {
|
||
|
syslog(LOG_CRIT, "'%s' failed for unknown uid %d on %s", argvbuf, getuid(), ttyname(2));
|
||
| ... | ... | |
|
if (console) {
|
||
|
/* Try regular password check, if allowed */
|
||
|
if (!strcmp(crypt(pbuf, thisuser.pw_passwd), thisuser.pw_passwd))
|
||
|
cryptpw = crypt(pbuf, thisuser.pw_passwd);
|
||
|
if (cryptpw != NULL && !strcmp(cryptpw, thisuser.pw_passwd))
|
||
|
goto ok;
|
||
|
} else {
|
||
|
int i = opiegetsequence(&opie);
|
||
| contrib/pam_passwdqc/pam_passwdqc.c | ||
|---|---|---|
|
static int check_pass(struct passwd *pw, const char *pass)
|
||
|
{
|
||
|
char *cryptpw;
|
||
|
#ifdef HAVE_SHADOW
|
||
|
struct spwd *spw;
|
||
|
const char *hash;
|
||
| ... | ... | |
|
#else
|
||
|
hash = crypt(pass, spw->sp_pwdp);
|
||
|
#endif
|
||
|
retval = strcmp(hash, spw->sp_pwdp) ? -1 : 0;
|
||
|
retval = (hash == NULL || strcmp(hash, spw->sp_pwdp)) ? -1 : 0;
|
||
|
memset(spw->sp_pwdp, 0, strlen(spw->sp_pwdp));
|
||
|
return retval;
|
||
|
}
|
||
|
#endif
|
||
|
return strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd) ? -1 : 0;
|
||
|
cryptpw = crypt(pass, pw->pw_passwd);
|
||
|
return (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd)) ? -1 : 0;
|
||
|
}
|
||
|
static int am_root(pam_handle_t *pamh)
|
||
| lib/pam_module/pam_unix/pam_unix.c | ||
|---|---|---|
|
struct passwd *pwd;
|
||
|
int retval;
|
||
|
const char *pass, *user, *realpw, *prompt;
|
||
|
char *cryptpw;
|
||
|
if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {
|
||
|
pwd = getpwnam(getlogin());
|
||
| ... | ... | |
|
if (retval != PAM_SUCCESS)
|
||
|
return (retval);
|
||
|
PAM_LOG("Got password");
|
||
|
if (strcmp(crypt(pass, realpw), realpw) == 0)
|
||
|
cryptpw = crypt(pass, realpw);
|
||
|
if (cryptpw != NULL && strcmp(cryptpw, realpw) == 0)
|
||
|
return (PAM_SUCCESS);
|
||
|
PAM_VERBOSE_ERROR("UNIX authentication refused");
|
||
| ... | ... | |
|
if (old_pass[0] == '\0' &&
|
||
|
!openpam_get_option(pamh, PAM_OPT_NULLOK))
|
||
|
return (PAM_PERM_DENIED);
|
||
|
if (strcmp(encrypted, pwd->pw_passwd) != 0)
|
||
|
if (encrypted == NULL || strcmp(encrypted, pwd->pw_passwd) != 0)
|
||
|
return (PAM_PERM_DENIED);
|
||
|
}
|
||
|
else if (flags & PAM_UPDATE_AUTHTOK) {
|
||
| usr.sbin/pppd/auth.c | ||
|---|---|---|
|
struct passwd *pw;
|
||
|
struct utmp utmp;
|
||
|
struct timeval tp;
|
||
|
char *tty;
|
||
|
char *tty, *cryptpw;
|
||
|
#ifdef HAS_SHADOW
|
||
|
struct spwd *spwd;
|
||
| ... | ... | |
|
/*
|
||
|
* If no passwd, don't let them login.
|
||
|
*/
|
||
|
if (pw->pw_passwd == NULL || *pw->pw_passwd == '\0'
|
||
|
|| strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0)
|
||
|
if (pw->pw_passwd == NULL || *pw->pw_passwd == '\0' || passwd == NULL)
|
||
|
return (UPAP_AUTHNAK);
|
||
|
cryptpw = crypt(passwd, pw->pw_passwd);
|
||
|
if (cryptpw == NULL || strcmp(cryptpw, pw->pw_passwd) != 0)
|
||
|
return (UPAP_AUTHNAK);
|
||
|
if (pw->pw_expire) {
|
||