summaryrefslogtreecommitdiff
path: root/auth-passwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'auth-passwd.c')
-rw-r--r--auth-passwd.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/auth-passwd.c b/auth-passwd.c
index 63ccf3cab..530b5d4f7 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -193,7 +193,7 @@ int
193sys_auth_passwd(Authctxt *authctxt, const char *password) 193sys_auth_passwd(Authctxt *authctxt, const char *password)
194{ 194{
195 struct passwd *pw = authctxt->pw; 195 struct passwd *pw = authctxt->pw;
196 char *encrypted_password; 196 char *encrypted_password, *salt = NULL;
197 197
198 /* Just use the supplied fake password if authctxt is invalid */ 198 /* Just use the supplied fake password if authctxt is invalid */
199 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; 199 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
@@ -202,9 +202,13 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
202 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) 202 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
203 return (1); 203 return (1);
204 204
205 /* Encrypt the candidate password using the proper salt. */ 205 /*
206 encrypted_password = xcrypt(password, 206 * Encrypt the candidate password using the proper salt, or pass a
207 (pw_password[0] && pw_password[1]) ? pw_password : "xx"); 207 * NULL and let xcrypt pick one.
208 */
209 if (authctxt->valid && pw_password[0] && pw_password[1])
210 salt = pw_password;
211 encrypted_password = xcrypt(password, salt);
208 212
209 /* 213 /*
210 * Authentication is accepted if the encrypted passwords 214 * Authentication is accepted if the encrypted passwords
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-22 03:22:15 +0000