pam/pam-0.99.8.1-unix-hpux-aging.patch

diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h
--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging	2008-01-08 14:43:36.000000000 +0100
+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h	2008-01-08 15:49:43.000000000 +0100
@@ -13,7 +13,7 @@
 #define OLD_PASSWORDS_FILE      "/etc/security/opasswd"
 
 int
-verify_pwd_hash(const char *p, const char *hash, unsigned int nullok);
+verify_pwd_hash(const char *p, char *hash, unsigned int nullok);
 
 int
 is_pwd_shadowed(const struct passwd *pwd);
diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c
--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging	2008-01-08 14:43:36.000000000 +0100
+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c	2008-01-08 15:49:02.000000000 +0100
@@ -44,14 +44,32 @@
 # include "./lckpwdf.-c"
 #endif
 
+static void
+strip_hpux_aging(char *p)
+{
+	const char *valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+			    "abcdefghijklmnopqrstuvwxyz"
+			    "0123456789./";
+	if ((*p != '$') && (strlen(p) > 13)) {
+		for (p += 13; *p != '\0'; p++) {
+			if (strchr(valid, *p) == NULL) {
+				*p = '\0';
+				break;
+			}
+		}
+	}
+}
+
 int
-verify_pwd_hash(const char *p, const char *hash, unsigned int nullok)
+verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
 {
-	size_t hash_len = strlen(hash);
+	size_t hash_len;
 	char *pp = NULL;
 	int retval;
 	D(("called"));
 
+	strip_hpux_aging(hash);
+	hash_len = strlen(hash);
 	if (!hash_len) {
 		/* the stored password is NULL */
 		if (nullok) { /* this means we've succeeded */
- support for sha256 and sha512 password hashes - account expiry checks moved to unix_chkpwd helper 2008-01-08 18:56:11 +00:00			`diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h`
			`--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h.unix-hpux-aging 2008-01-08 14:43:36.000000000 +0100`
			`+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.h 2008-01-08 15:49:43.000000000 +0100`
			`@@ -13,7 +13,7 @@`
			`#define OLD_PASSWORDS_FILE "/etc/security/opasswd"`

			`int`
			`-verify_pwd_hash(const char p, const char hash, unsigned int nullok);`
			`+verify_pwd_hash(const char p, char hash, unsigned int nullok);`

			`int`
			`is_pwd_shadowed(const struct passwd *pwd);`
			`diff -up Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c`
			`--- Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c.unix-hpux-aging 2008-01-08 14:43:36.000000000 +0100`
			`+++ Linux-PAM-0.99.8.1/modules/pam_unix/passverify.c 2008-01-08 15:49:02.000000000 +0100`
			`@@ -44,14 +44,32 @@`
			`# include "./lckpwdf.-c"`
			`#endif`

			`+static void`
			`+strip_hpux_aging(char *p)`
			`+{`
			`+ const char *valid = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"`
			`+ "abcdefghijklmnopqrstuvwxyz"`
			`+ "0123456789./";`
			`+ if ((*p != '$') && (strlen(p) > 13)) {`
			`+ for (p += 13; *p != '\0'; p++) {`
			`+ if (strchr(valid, *p) == NULL) {`
			`+ *p = '\0';`
			`+ break;`
			`+ }`
			`+ }`
			`+ }`
			`+}`
			`+`
			`int`
			`-verify_pwd_hash(const char p, const char hash, unsigned int nullok)`
			`+verify_pwd_hash(const char p, char hash, unsigned int nullok)`
			`{`
			`- size_t hash_len = strlen(hash);`
			`+ size_t hash_len;`
			`char *pp = NULL;`
			`int retval;`
			`D(("called"));`

			`+ strip_hpux_aging(hash);`
			`+ hash_len = strlen(hash);`
			`if (!hash_len) {`
			`/* the stored password is NULL */`
			`if (nullok) { /* this means we've succeeded */`