ITS#8719 add crypt_r() support

2025-01-30 13:30:57 +08:00 · 2017-09-06 21:25:16 +01:00 · 2017-09-06 21:25:16 +01:00 · afa861bf22
commit afa861bf22
parent b65e0b5731
3 changed files with 39 additions and 1 deletions
--- a/configure.in
+++ b/configure.in
@ -2242,10 +2242,16 @@ if test $ol_enable_crypt != no ; then
 		AC_CHECK_LIB(crypt, crypt, [LUTIL_LIBS="$LUTIL_LIBS -lcrypt"
 			have_crypt=yes], [have_crypt=no])])

+	LIBS="$TLS_LIBS $LIBS"
+	AC_CHECK_LIB(crypt, crypt_r, [have_crypt_r=yes], [have_crypt_r=no])
+
 	LIBS="$save_LIBS"

 	if test $have_crypt = yes ; then
 		AC_DEFINE(HAVE_CRYPT,1, [define if crypt(3) is available])
+		if test $have_crypt_r = yes ; then
+			AC_DEFINE(HAVE_CRYPT_R, 1, [define if crypt_r() is also available])
+		fi
 	else
 		AC_MSG_WARN([could not find crypt])
 		if test $ol_enable_crypt = yes ; then
--- a/include/portable.hin
+++ b/include/portable.hin
@ -117,6 +117,9 @@
 /* define if crypt(3) is available */
 #undef HAVE_CRYPT

+/* define if crypt_r(3) is available */
+#undef HAVE_CRYPT_R
+
 /* Define to 1 if you have the <crypt.h> header file. */
 #undef HAVE_CRYPT_H

--- a/servers/slapd/passwd.c
+++ b/servers/slapd/passwd.c
@ -23,8 +23,11 @@
 #include <ac/unistd.h>

 #ifdef SLAPD_CRYPT
+#ifdef HAVE_CRYPT_R
+#define __USE_GNU
+#endif /* HAVE_CRYPT_R */
 #include <ac/crypt.h>
-#endif
+#endif /* SLAPD_CRYPT */

 #include "slap.h"

@ -590,6 +593,30 @@ slap_passwd_hash(
 static ldap_pvt_thread_mutex_t passwd_mutex;
 static lutil_cryptfunc slapd_crypt;

+#ifdef HAVE_CRYPT_R
+static int slapd_crypt( const char *key, const char *salt, char **hash )
+{
+	char *cr;
+	int rc;
+	struct crypt_data data;
+
+	data.initialized = 0;
+	cr = crypt_r( key, salt, &data );
+	if ( cr == NULL || cr[0] == '\0' ) {
+		/* salt must have been invalid */
+		rc = LUTIL_PASSWD_ERR;
+	} else {
+		if ( hash ) {
+			*hash = ber_strdup( cr );
+			rc = LUTIL_PASSWD_OK;
+		} else {
+			rc = strcmp( salt, cr ) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
+		}
+	}
+
+    return rc;
+}
+#else
 static int slapd_crypt( const char *key, const char *salt, char **hash )
 {
 	char *cr;
@ -614,6 +641,8 @@ static int slapd_crypt( const char *key, const char *salt, char **hash )
 	ldap_pvt_thread_mutex_unlock( &passwd_mutex );
 	return rc;
 }
+#endif /* HAVE_CRYPT_R */
+
 #endif /* SLAPD_CRYPT */

 void slap_passwd_init()