aboutsummaryrefslogtreecommitdiff
path: root/system/gdm/patches/gdm-2.20.11-crypt.diff
diff options
context:
space:
mode:
Diffstat (limited to 'system/gdm/patches/gdm-2.20.11-crypt.diff')
-rw-r--r--system/gdm/patches/gdm-2.20.11-crypt.diff150
1 files changed, 0 insertions, 150 deletions
diff --git a/system/gdm/patches/gdm-2.20.11-crypt.diff b/system/gdm/patches/gdm-2.20.11-crypt.diff
deleted file mode 100644
index 57860d39e6902..0000000000000
--- a/system/gdm/patches/gdm-2.20.11-crypt.diff
+++ /dev/null
@@ -1,150 +0,0 @@
-From cb04d3cb6b3899b5386f940a385d08c66dcd0da1 Mon Sep 17 00:00:00 2001
-From: mancha <mancha1@hush.com>
-Date: Fri, 31 Jan 2014
-Subject: Handle new crypt() behavior in glibc 2.17+
-
-Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
-(w/ NULL return) if the salt violates specifications. Additionally,
-on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
-passed to crypt() fail with EPERM (w/ NULL return).
-
-If using glibc's crypt(), check return value to avoid a possible
-NULL pointer dereference.
-
-Note: gdm 2.20.11 is the last version that support non-PAM
- authentication which is why it is the latest stable
- maintained for Slackware Linux via slackbuilds.org.
-
----
- daemon/verify-crypt.c | 13 ++++++++++---
- daemon/verify-shadow.c | 13 ++++++++++---
- 2 files changed, 20 insertions(+), 6 deletions(-)
-
---- a/daemon/verify-crypt.c
-+++ b/daemon/verify-crypt.c
-@@ -104,7 +104,7 @@ gdm_verify_user (GdmDisplay *d,
- const char *username,
- gboolean allow_retry)
- {
-- gchar *login, *passwd, *ppasswd;
-+ gchar *login, *passwd, *ppasswd, *cpasswd;
- struct passwd *pwent;
- #if defined (HAVE_PASSWDEXPIRED) && defined (HAVE_CHPASS) \
- || defined (HAVE_LOGINRESTRICTIONS)
-@@ -190,8 +190,10 @@ gdm_verify_user (GdmDisplay *d,
- }
-
- /* Check whether password is valid */
-- if (ppasswd == NULL || (ppasswd[0] != '\0' &&
-- strcmp (crypt (passwd, ppasswd), ppasswd) != 0)) {
-+ cpasswd = ppasswd ? g_strdup(crypt (passwd, ppasswd)) : NULL;
-+ if (ppasswd == NULL || cpasswd == NULL ||
-+ (ppasswd[0] != '\0' &&
-+ strcmp (cpasswd, ppasswd) != 0)) {
- gdm_sleep_no_signal (gdm_daemon_config_get_value_int (GDM_KEY_RETRY_DELAY));
- gdm_debug ("Couldn't authenticate user");
-
-@@ -200,6 +202,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -217,6 +220,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -233,6 +237,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- if (message != NULL)
- free (message);
- return NULL;
-@@ -259,6 +264,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -266,6 +272,7 @@ gdm_verify_user (GdmDisplay *d,
-
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
-
- if ( ! gdm_slave_check_user_wants_to_log_in (login)) {
- g_free (login);
---- a/daemon/verify-shadow.c
-+++ b/daemon/verify-shadow.c
-@@ -105,7 +105,7 @@ gdm_verify_user (GdmDisplay *d,
- const char *username,
- gboolean allow_retry)
- {
-- gchar *login, *passwd, *ppasswd;
-+ gchar *login, *passwd, *ppasswd, *cpasswd;
- struct passwd *pwent;
- struct spwd *sp;
- #if defined (HAVE_PASSWDEXPIRED) && defined (HAVE_CHPASS) \
-@@ -211,8 +211,10 @@ gdm_verify_user (GdmDisplay *d,
- }
-
- /* Check whether password is valid */
-- if (ppasswd == NULL || (ppasswd[0] != '\0' &&
-- strcmp (crypt (passwd, ppasswd), ppasswd) != 0)) {
-+ cpasswd = ppasswd ? g_strdup(crypt (passwd, ppasswd)) : NULL;
-+ if (ppasswd == NULL || cpasswd == NULL ||
-+ (ppasswd[0] != '\0' &&
-+ strcmp (cpasswd, ppasswd) != 0)) {
- gdm_sleep_no_signal (gdm_daemon_config_get_value_int (GDM_KEY_RETRY_DELAY));
- gdm_debug ("Couldn't authenticate user");
-
-@@ -221,6 +223,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -238,6 +241,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -254,6 +258,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- if (message != NULL)
- free (message);
- return NULL;
-@@ -280,6 +285,7 @@ gdm_verify_user (GdmDisplay *d,
- g_free (login);
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
- return NULL;
- }
-
-@@ -287,6 +293,7 @@ gdm_verify_user (GdmDisplay *d,
-
- g_free (passwd);
- g_free (ppasswd);
-+ g_free (cpasswd);
-
- if ( ! gdm_slave_check_user_wants_to_log_in (login)) {
- g_free (login);