From ae98cc4985bd3a19bbcadb5c4b77c5e01819e8ac Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 21 Aug 2018 13:59:33 +0200
Subject: [PATCH] SYSDB: Prepend cached hash with the salt identifier if it's
 not there

This is a downstream-only patch for
https://bugzilla.redhat.com/show_bug.cgi?id=1561105#c13

Reviewed-by: Michal Židek <mzidek@redhat.com>
---
 src/db/sysdb_ops.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index df0fb83c5546809a2d643e2e585153ad61a6a334..3a7e8fed507e9d96301f97112f9230e031cb5896 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -4516,6 +4516,7 @@ int sysdb_cache_auth(struct sss_domain_info *domain,
     time_t expire_date = -1;
     time_t delayed_until = -1;
     int ret;
+    const char *salt_prefix = "$6$";
 
     if (name == NULL || *name == '\0') {
         DEBUG(SSSDBG_CRIT_FAILURE, "Missing user name.\n");
@@ -4601,6 +4602,14 @@ int sysdb_cache_auth(struct sss_domain_info *domain,
         goto done;
     }
 
+    if (strncmp(userhash, salt_prefix, strlen(salt_prefix)) != 0) {
+        userhash = talloc_asprintf(tmp_ctx, "%s%s", salt_prefix, userhash);
+        if (userhash == NULL) {
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
     ret = s3crypt_sha512(tmp_ctx, password, userhash, &comphash);
     if (ret) {
         DEBUG(SSSDBG_CONF_SETTINGS, "Failed to create password hash.\n");
-- 
2.14.4