diff options
Diffstat (limited to 'source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch')
| -rw-r--r-- | source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch deleted file mode 100644 index ce9b5e25..00000000 --- a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch +++ /dev/null @@ -1,86 +0,0 @@ -diff -up cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c ---- cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt 2012-01-28 00:31:36.000000000 +0100 -+++ cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c 2012-12-20 17:00:14.614580310 +0100 -@@ -31,7 +31,7 @@ char *pwcheck(userid, password) - char *userid; - char *password; - { -- char* r; -+ char* r, *cryptbuf; - struct passwd *pwd; - - pwd = getpwnam(userid); -@@ -41,11 +41,13 @@ char *password; - else if (pwd->pw_passwd[0] == '*') { - r = "Account disabled"; - } -- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { -- r = "Incorrect password"; -- } - else { -- r = "OK"; -+ cryptbuf = crypt(password, pwd->pw_passwd); -+ if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) { -+ r = "Incorrect password"; -+ } else { -+ r = "OK"; -+ } - } - - endpwent(); -diff -up cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c ---- cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt 2012-10-12 16:05:48.000000000 +0200 -+++ cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c 2012-12-20 17:03:17.940793653 +0100 -@@ -78,6 +78,7 @@ auth_getpwent ( - /* VARIABLES */ - struct passwd *pw; /* pointer to passwd file entry */ - int errnum; -+ char *cryptbuf; - /* END VARIABLES */ - - errno = 0; -@@ -105,7 +106,8 @@ auth_getpwent ( - } - } - -- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { -+ cryptbuf = crypt(password, pw->pw_passwd); -+ if ((cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); - } -diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_shadow.c ---- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt 2012-12-20 17:00:14.000000000 +0100 -+++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c 2012-12-20 17:16:44.190360006 +0100 -@@ -214,8 +214,8 @@ auth_shadow ( - RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)"); - } - -- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); -- if (strcmp(sp->sp_pwdp, cpw)) { -+ cpw = crypt(password, sp->sp_pwdp); -+ if ((cpw == NULL) || strcmp(sp->sp_pwdp, cpw)) { - if (flags & VERBOSE) { - /* - * This _should_ reveal the SHADOW_PW_LOCKED prefix to an -@@ -225,10 +225,8 @@ auth_shadow ( - syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", - sp->sp_pwdp, cpw); - } -- free(cpw); - RETURN("NO Incorrect password"); - } -- free(cpw); - - /* - * The following fields will be set to -1 if: -@@ -290,7 +288,8 @@ auth_shadow ( - RETURN("NO Invalid username"); - } - -- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { -+ cpw = crypt(password, upw->upw_passwd); -+ if ((cpw == NULL) || strcmp(upw->upw_passwd, cpw) != 0) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", - password, upw->upw_passwd); |