newrole: check for crypt(3) failure
Depending on the implementation crypt(3) can fail either by returning NULL, or returning a pointer to an invalid hash and setting errno. Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
Christian Göttsche
James Carter
parent
29e167a448
commit
1af8089824
1 changed files with 5 additions and 0 deletions
|
|
@ -368,9 +368,14 @@ static int authenticate_via_shadow_passwd(const char *uname)
|
|||
}
|
||||
|
||||
/* Use crypt() to encrypt user's input password. */
|
||||
errno = 0;
|
||||
encrypted_password_s = crypt(unencrypted_password_s,
|
||||
p_shadow_line->sp_pwdp);
|
||||
memset(unencrypted_password_s, 0, strlen(unencrypted_password_s));
|
||||
if (errno || !encrypted_password_s) {
|
||||
fprintf(stderr, _("Cannot encrypt password.\n"));
|
||||
return 0;
|
||||
}
|
||||
return (!strcmp(encrypted_password_s, p_shadow_line->sp_pwdp));
|
||||
}
|
||||
#endif /* if/else USE_PAM */
|
||||
|
|
|
|||
Loading…
Reference in a new issue