Attachment #187159 for bug #222999

View | Details | Raw Unified | Return to bug 222999
Collapse All | Expand All

Lines 524-529 Link Here

(-)contrib/opie/opieftpd.c (-2 / +5 lines)
524	VOIDRET pass FUNCTION((passwd), char *passwd)	524	VOIDRET pass FUNCTION((passwd), char *passwd)
525	{	525	{
526	int legit = askpasswd + 1, i;	526	int legit = askpasswd + 1, i;
		527	char *cryptpw;
527		528
528	if (logged_in \|\| askpasswd == 0) {	529	if (logged_in \|\| askpasswd == 0) {
529	reply(503, "Login with USER first.");	530	reply(503, "Login with USER first.");
Lines 535-542 Link Here
535	if (!guest) { /* "ftp" is only account allowed no password */	536	if (!guest) { /* "ftp" is only account allowed no password */
536	#endif /* DOANONYMOUS */	537	#endif /* DOANONYMOUS */
537	i = opieverify(&opiestate, passwd);	538	i = opieverify(&opiestate, passwd);
538	if (legit && i && pwok)	539	if (legit && i && pwok) {
539	i = strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd);	540	cryptpw = crypt(passwd, pw->pw_passwd);
		541	i = (cryptpw == NULL \|\| strcmp(cryptpw, pw->pw_passwd) != 0);
		542	}
540	if (!legit \|\| i) {	543	if (!legit \|\| i) {
541	reply(530, "Login incorrect.");	544	reply(530, "Login incorrect.");
542	pw = NULL;	545	pw = NULL;

Lines 309-314 Link Here

(-)contrib/opie/opiesu.c (-1 / +3 lines)
309	struct passwd *pwd;	309	struct passwd *pwd;
310	char *p = getlogin();	310	char *p = getlogin();
311	char buf[32];	311	char buf[32];
		312	char *cryptpw;
312		313
313	if ((pwd = getpwuid(getuid())) == NULL) {	314	if ((pwd = getpwuid(getuid())) == NULL) {
314	syslog(LOG_CRIT, "'%s' failed for unknown uid %d on %s", argvbuf, getuid(), ttyname(2));	315	syslog(LOG_CRIT, "'%s' failed for unknown uid %d on %s", argvbuf, getuid(), ttyname(2));
Lines 425-431 Link Here
425		426
426	if (console) {	427	if (console) {
427	/* Try regular password check, if allowed */	428	/* Try regular password check, if allowed */
428	if (!strcmp(crypt(pbuf, thisuser.pw_passwd), thisuser.pw_passwd))	429	cryptpw = crypt(pbuf, thisuser.pw_passwd);
		430	if (cryptpw != NULL && strcmp(cryptpw, thisuser.pw_passwd) == 0)
429	goto ok;	431	goto ok;
430	} else {	432	} else {
431	int i = opiegetsequence(&opie);	433	int i = opiegetsequence(&opie);




#endif
	pam_item_t item;
	lo_const char *user, *oldpass, *curpass;
	char *newpass, *randompass, *cryptpw;
	const char *reason;
	int ask_oldauthtok;
	int randomonly, enforce, retries_left, retry_wanted;

				spw = getspnam(user);
				endspent();
				if (spw) {
					cryptpw = crypt(oldpass, spw->sp_pwdp);
					if (cryptpw == NULL || strcmp(cryptpw,
					    spw->sp_pwdp) != 0)
						status = PAM_AUTH_ERR;
					memset(spw->sp_pwdp, 0,
					    strlen(spw->sp_pwdp));

					status = PAM_AUTH_ERR;
			} else
#endif
			cryptpw = crypt(oldpass, pw->pw_passwd);
			if (cryptpw == NULL || strcmp(cryptpw,
			    pw->pw_passwd) != 0)
				status = PAM_AUTH_ERR;
		}
		memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));

Lines 46-51 Link Here

(-)crypto/heimdal/lib/roken/verify.c (-1 / +3 lines)
46	unix_verify_user(char user, char password)	46	unix_verify_user(char user, char password)
47	{	47	{
48	struct passwd *pw;	48	struct passwd *pw;
		49	char *cryptpw;
49		50
50	pw = k_getpwnam(user);	51	pw = k_getpwnam(user);
51	if(pw == NULL)	52	if(pw == NULL)
Lines 52-58 Link Here
52	return -1;	53	return -1;
53	if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0)	54	if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0)
54	return 0;	55	return 0;
55	if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0)	56	cryptpw = crypt(password, pw->pw_passwd);
		57	if(cryptpw != NULL && strcmp(cryptpw, pw->pw_passwd) == 0)
56	return 0;	58	return 0;
57	return -1;	59	return -1;
58	}	60	}




	struct passwd *pwd;
	int retval;
	const char *pass, *user, *realpw, *prompt;
	char *cryptpw;

	if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {
		user = getlogin();

	if (retval != PAM_SUCCESS)
		return (retval);
	PAM_LOG("Got password");
	cryptpw = crypt(pass, realpw);
	if (cryptpw != NULL && strcmp(cryptpw, realpw) == 0)
		return (PAM_SUCCESS);

	PAM_VERBOSE_ERROR("UNIX authentication refused");

		if (old_pass[0] == '\0' &&
		    !openpam_get_option(pamh, PAM_OPT_NULLOK))
			return (PAM_PERM_DENIED);
		if (encrypted == NULL || strcmp(encrypted, pwd->pw_passwd) != 0)
			return (PAM_PERM_DENIED);
	}
	else if (flags & PAM_UPDATE_AUTHTOK) {

Return to bug 222999

Lines 318-324 Link Here

(-)contrib/pam_modules/pam_passwdqc/pam_passwdqc.c (-5 / +7 lines)
318	#endif	318	#endif
319	pam_item_t item;	319	pam_item_t item;
320	lo_const char user, oldpass, *curpass;	320	lo_const char user, oldpass, *curpass;
321	char newpass, randompass;	321	char newpass, randompass, *cryptpw;
322	const char *reason;	322	const char *reason;
323	int ask_oldauthtok;	323	int ask_oldauthtok;
324	int randomonly, enforce, retries_left, retry_wanted;	324	int randomonly, enforce, retries_left, retry_wanted;
Lines 388-395 Link Here
388	spw = getspnam(user);	388	spw = getspnam(user);
389	endspent();	389	endspent();
390	if (spw) {	390	if (spw) {
391	if (strcmp(crypt(oldpass, spw->sp_pwdp),	391	cryptpw = crypt(oldpass, spw->sp_pwdp);
392	spw->sp_pwdp))	392	if (cryptpw == NULL \|\| strcmp(cryptpw,
		393	spw->sp_pwdp) != 0)
393	status = PAM_AUTH_ERR;	394	status = PAM_AUTH_ERR;
394	memset(spw->sp_pwdp, 0,	395	memset(spw->sp_pwdp, 0,
395	strlen(spw->sp_pwdp));	396	strlen(spw->sp_pwdp));
Lines 397-404 Link Here
397	status = PAM_AUTH_ERR;	398	status = PAM_AUTH_ERR;
398	} else	399	} else
399	#endif	400	#endif
400	if (strcmp(crypt(oldpass, pw->pw_passwd),	401	cryptpw = crypt(oldpass, pw->pw_passwd);
401	pw->pw_passwd))	402	if (cryptpw == NULL \|\| strcmp(cryptpw,
		403	pw->pw_passwd) != 0)
402	status = PAM_AUTH_ERR;	404	status = PAM_AUTH_ERR;
403	}	405	}
404	memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));	406	memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));

Lines 92-97 Link Here

(-)lib/libpam/modules/pam_unix/pam_unix.c (-2 / +4 lines)
92	struct passwd *pwd;	92	struct passwd *pwd;
93	int retval;	93	int retval;
94	const char pass, user, realpw, prompt;	94	const char pass, user, realpw, prompt;
		95	char *cryptpw;
95		96
96	if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {	97	if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) {
97	user = getlogin();	98	user = getlogin();
Lines 125-131 Link Here
125	if (retval != PAM_SUCCESS)	126	if (retval != PAM_SUCCESS)
126	return (retval);	127	return (retval);
127	PAM_LOG("Got password");	128	PAM_LOG("Got password");
128	if (strcmp(crypt(pass, realpw), realpw) == 0)	129	cryptpw = crypt(pass, realpw);
		130	if (cryptpw != NULL && strcmp(cryptpw, realpw) == 0)
129	return (PAM_SUCCESS);	131	return (PAM_SUCCESS);
130		132
131	PAM_VERBOSE_ERROR("UNIX authentication refused");	133	PAM_VERBOSE_ERROR("UNIX authentication refused");
Lines 345-351 Link Here
345	if (old_pass[0] == '\0' &&	347	if (old_pass[0] == '\0' &&
346	!openpam_get_option(pamh, PAM_OPT_NULLOK))	348	!openpam_get_option(pamh, PAM_OPT_NULLOK))
347	return (PAM_PERM_DENIED);	349	return (PAM_PERM_DENIED);
348	if (strcmp(encrypted, pwd->pw_passwd) != 0)	350	if (encrypted == NULL \|\| strcmp(encrypted, pwd->pw_passwd) != 0)
349	return (PAM_PERM_DENIED);	351	return (PAM_PERM_DENIED);
350	}	352	}
351	else if (flags & PAM_UPDATE_AUTHTOK) {	353	else if (flags & PAM_UPDATE_AUTHTOK) {