Import Debian changes 0.69.0-2

[hcoop/debian/courier-authlib.git] / checkpassword.c

diff --git a/checkpassword.c b/checkpassword.c
index f403188..9f7896a 100644 (file)
--- a/checkpassword.c
+++ b/checkpassword.c
@@ -16,7 +16,6 @@
 #include       "auth.h"
 #include       "courierauthdebug.h"
 
-static const char rcsid[]="$Id: checkpassword.c,v 1.19 2008/12/18 12:08:25 mrsam Exp $";
 
 #if HAVE_CRYPT
 #if NEED_CRYPT_PROTOTYPE
@@ -27,8 +26,16 @@ extern char *crypt(const char *, const char *);
 extern int authcheckpasswordmd5(const char *, const char *);
 extern int authcheckpasswordsha1(const char *, const char *);
 
+static int safe_strcmp(const char *a, const char *nullable_b)
+{
+       if (!nullable_b)
+               return -1;
+       return strcmp(a, nullable_b);
+}
+
 static int do_authcheckpassword(const char *password, const char *encrypted_password)
 {
+       char *cpass;
        if (strncmp(encrypted_password, "$1$", 3) == 0
            || strncasecmp(encrypted_password, "{MD5}", 5) == 0
            || strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0
@@ -47,14 +54,17 @@ static int do_authcheckpassword(const char *password, const char *encrypted_pass
                encrypted_password += 7;
 #endif
 
-       return (
 #if    HAVE_CRYPT
-               strcmp(encrypted_password,
-                       crypt(password, encrypted_password))
+
+       cpass = crypt(password, encrypted_password);
+       if (cpass == NULL) {
+               return 1;
+       } else {
+               return safe_strcmp(encrypted_password, cpass);
+       }
 #else
-               strcmp(encrypted_password, password)
+       return safe_strcmp(encrypted_password, password)
 #endif
-                               );
 }
 
 int authcheckpassword(const char *password, const char *encrypted_password)