From: Zbigniew Jędrzejewski-Szmek Date: Fri, 11 Sep 2020 06:27:43 +0000 (+0200) Subject: shared/libcrypt-util: do not refuse passwords if some other hash is unsupported X-Git-Tag: v247-rc1~204^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=35e22827a9b74321e5ad13c5b9c9b7cff1fb0b96;p=thirdparty%2Fsystemd.git shared/libcrypt-util: do not refuse passwords if some other hash is unsupported --- diff --git a/src/shared/libcrypt-util.c b/src/shared/libcrypt-util.c index 66f345ee5f7..c5d98671bd6 100644 --- a/src/shared/libcrypt-util.c +++ b/src/shared/libcrypt-util.c @@ -182,8 +182,12 @@ int test_password_one(const char *hashed_password, const char *password) { errno = 0; k = crypt_ra(password, hashed_password, &cd_data, &cd_size); - if (!k) - return errno_or_else(EINVAL); + if (!k) { + if (errno == ENOMEM) + return -ENOMEM; + /* Unknown or unavailable hashing method or string too short */ + return 0; + } return streq(k, hashed_password); } diff --git a/src/test/test-libcrypt-util.c b/src/test/test-libcrypt-util.c index 90abfa7b81e..1c570784f4e 100644 --- a/src/test/test-libcrypt-util.c +++ b/src/test/test-libcrypt-util.c @@ -40,10 +40,18 @@ static void test_hash_password_full(void) { hashed, "$y$j9T$SAayASazWZIQeJd9AS02m/$"), i) == true); + assert_se(test_password_many(STRV_MAKE("$W$j9T$dlCXwkX0GC5L6B8Gf.4PN/$VCyEH", /* no such method exists... */ + hashed, + "$y$j9T$SAayASazWZIQeJd9AS02m/$"), + i) == true); assert_se(test_password_many(STRV_MAKE("$y$j9T$dlCXwkX0GC5L6B8Gf.4PN/$VCyEH", hashed, "$y$j9T$SAayASazWZIQeJd9AS02m/$"), "") == false); + assert_se(test_password_many(STRV_MAKE("$W$j9T$dlCXwkX0GC5L6B8Gf.4PN/$VCyEH", /* no such method exists... */ + hashed, + "$y$j9T$SAayASazWZIQeJd9AS02m/$"), + "") == false); } }