On Wed, 2013-02-06 at 09:13 -0500, Leon P Smith wrote:

From: Leon P Smith leon@melding-monads.com

As it was, this module was nearly useless, as it assumed DES-crypted passwords. Now it can make use of 18-year old technology.

---

modules/pam_userdb/pam_userdb.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index c075c4b..de8b5b1 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -214,17 +214,13 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode, /* crypt(3) password storage */

 char *cryptpw;

•  char salt[2];
  
  

•  if (data.dsize != 13) {
  

•  if (data.dsize < 13) {
   compare = -2;
  

  } else if (ctrl & PAM_ICASE_ARG) { compare = -2; } else {

•    salt[0] = *data.dptr;
  

•    salt[1] = *(data.dptr + 1);
  

•    cryptpw = crypt (pass, salt);
  

•    cryptpw = crypt (pass, data.dptr);
  
   if (cryptpw) {
     compare = strncasecmp (data.dptr, cryptpw, data.dsize);
  

Yes, this is fine and I will commit it to the repository.