libmisc: fix default value in SHA_get_salt_rounds()

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch

@@ -0,0 +1,60 @@
+From 234e8fa7b134d1ebabfdad980a3ae5b63c046c62 Mon Sep 17 00:00:00 2001
+From: Mike Gilbert <floppym@gentoo.org>
+Date: Sat, 14 Aug 2021 13:24:34 -0400
+Subject: [PATCH] libmisc: fix default value in SHA_get_salt_rounds()
+
+If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
+use SHA_ROUNDS_DEFAULT.
+
+Previously, the code fell through, calling shadow_random(-1, -1). This
+ultimately set rounds = (unsigned long) -1, which ends up being a very
+large number! This then got capped to SHA_ROUNDS_MAX later in the
+function.
+
+The new behavior matches BCRYPT_get_salt_rounds().
+
+Bug: https://bugs.gentoo.org/808195
+Fixes: https://github.com/shadow-maint/shadow/issues/393
+---
+ libmisc/salt.c | 21 +++++++++++----------
+ 1 file changed, 11 insertions(+), 10 deletions(-)
+
+diff --git a/libmisc/salt.c b/libmisc/salt.c
+index 91d528fd..30eefb9c 100644
+--- a/libmisc/salt.c
++++ b/libmisc/salt.c
+@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre
+ 		if ((-1 == min_rounds) && (-1 == max_rounds)) {
+ 			rounds = SHA_ROUNDS_DEFAULT;
+ 		}
++		else {
++			if (-1 == min_rounds) {
++				min_rounds = max_rounds;
++			}
+ 
+-		if (-1 == min_rounds) {
+-			min_rounds = max_rounds;
+-		}
++			if (-1 == max_rounds) {
++				max_rounds = min_rounds;
++			}
+ 
+-		if (-1 == max_rounds) {
+-			max_rounds = min_rounds;
+-		}
++			if (min_rounds > max_rounds) {
++				max_rounds = min_rounds;
++			}
+ 
+-		if (min_rounds > max_rounds) {
+-			max_rounds = min_rounds;
++			rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
+ 		}
+-
+-		rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
+ 	} else if (0 == *prefered_rounds) {
+ 		rounds = SHA_ROUNDS_DEFAULT;
+ 	} else {
+-- 
+2.31.1
+

shadow-utils.spec

@@ -1,7 +1,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.9
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 2
 URL: https://github.com/shadow-maint/shadow
 Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
@@ -48,8 +48,10 @@ Patch13: shadow-4.8-ignore-login-prompt.patch
 Patch14: shadow-4.9-newuidmap-libeconf-dependency.patch
 # https://github.com/shadow-maint/shadow/commit/e481437ab9ebe9a8bf8fbaabe986d42b2f765991
 Patch15: shadow-4.9-usermod-allow-all-group-types.patch
-# https://github.com/shadow-maint/shadow/pull/399
+# https://github.com/shadow-maint/shadow/commit/9dd720a28578eef5be8171697aae0906e4c53249
 Patch16: shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
+# https://github.com/shadow-maint/shadow/commit/234e8fa7b134d1ebabfdad980a3ae5b63c046c62
+Patch17: shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
 
 License: BSD and GPLv2+
 BuildRequires: make
@@ -114,6 +116,7 @@ Development files for shadow-utils-subid.
 %patch14 -p1 -b .newuidmap-libeconf-dependency
 %patch15 -p1 -b .usermod-allow-all-group-types
 %patch16 -p1 -b .useradd-avoid-generating-empty-subid-range
+%patch17 -p1 -b .libmisc-fix-default-value-in-SHA_get_salt_rounds
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
 cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -284,6 +287,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
 %{_libdir}/libsubid.so
 
 %changelog
+* Tue Aug 17 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-3
+- libmisc: fix default value in SHA_get_salt_rounds()
+
 * Mon Aug  9 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-2
 - useradd: avoid generating an empty subid range (#1990653)