From: Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Date: Tue, 8 Jul 2025 22:46:53 +0000 (-0400)
Subject: Double checked authentication with crypted password OK
X-Git-Tag: tag-0.13~16
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=a25d3a4b63e1d8c53239bd715e291da908aee399;p=jmp%2Fmailleur

Double checked authentication with crypted password OK
---

diff --git a/lib/lvleml.c b/lib/lvleml.c
index 0702fdc..edf8f26 100644
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -400,12 +400,22 @@ while (proceed==true) {
         if (givenpass!=(char *)0) 
           *rmtpass=strdup(givenpass);
         if (usr->passwd[0]=='$') {
-          if ((givenpass=crypt(givenpass,usr->passwd))==(char *)0) {
-            (void) rou_alert(0,"%s Trouble to crypt (Bug?) pass=<%s> "
-                               "user=<%s> (error=<%s>)",
-                                OPEP,givenpass,usr->passwd,strerror(errno));
-            givenpass=data[2];      //trying to overcome
+          char *ptr;
+          char idsalt[100];
+         
+          (void) memset(idsalt,'\000',sizeof(idsalt));
+          (void) strncpy(idsalt,usr->passwd,sizeof(idsalt)-1);
+          if ((ptr=strrchr(idsalt,'$'))!=(char *)0) {
+            ptr++;
+            *ptr='\000';
             }
+          if ((ptr=crypt(givenpass,idsalt))==(char *)0) {
+            (void) rou_alert(0,"%s Trouble to crypt (Bug?) givenpass=<%s> "
+                               "salt=<%s> (error=<%s>)",
+                                OPEP,givenpass,idsalt,strerror(errno));
+            ptr=data[2]; //trying to overcome
+            }
+          givenpass=ptr;
           }
         isok=(strcmp(givenpass,usr->passwd)==0);
         usr=sql_freeusr(usr);