From: aland <aland>
Date: Thu, 6 Jun 2002 15:03:30 +0000 (+0000)
Subject: 	crypt() may fail, so we check for that.
X-Git-Tag: release_0_6_0~87
X-Git-Url: http://www.project-moonshot.org/gitweb/?a=commitdiff_plain;h=062da122de8cd5b87bc49ab8eaf04a63e3bac2f4;p=freeradius.git

	crypt() may fail, so we check for that.

	Based on a patch from Josh Wilsdon
---

diff --git a/src/main/auth.c b/src/main/auth.c
index 8498f25..4465576 100644
--- a/src/main/auth.c
+++ b/src/main/auth.c
@@ -211,6 +211,7 @@ int rad_check_password(REQUEST *request)
 	VALUE_PAIR *password_pair;
 	VALUE_PAIR *auth_item;
 	char string[MAX_STRING_LEN];
+	const char *crypted_password;
 	int auth_type = -1;
 	int result;
 	int auth_type_count = 0;
@@ -296,10 +297,17 @@ int rad_check_password(REQUEST *request)
 				return -1;
 			}
 					
+			crypted_password = crypt((char *)auth_item->strvalue,
+						 (char *)password_pair->strvalue);
+			if (!crypted_password) {
+				rad_authlog("Login incorrect "
+					    "(system failed to supply an encrypted password for comparison)", request, 0);
+				return -1;
+			}
 			if (strcmp((char *)password_pair->strvalue,
-				   crypt((char *)auth_item->strvalue,
-					 (char *)password_pair->strvalue)) != 0)
-				result = -1;
+				   crypted_password) != 0) {
+				return -1;
+			}
 			break;
 		case PW_AUTHTYPE_LOCAL:
 			DEBUG2("auth: type Local");