23 lines
874 B
Diff
23 lines
874 B
Diff
|
diff -uriN dbmail-3.2.5.orig/src/dm_db.c dbmail-3.2.5/src/dm_db.c
|
||
|
--- dbmail-3.2.5.orig/src/dm_db.c 2020-08-03 08:26:31.000000000 -0500
|
||
|
+++ dbmail-3.2.5/src/dm_db.c 2021-11-07 06:24:48.000000000 -0600
|
||
|
@@ -3705,7 +3705,7 @@
|
||
|
char salt[13], cryptres[35];
|
||
|
volatile int t = FALSE;
|
||
|
char dbpass[COLUMN_WIDTH+1];
|
||
|
- char encode[COLUMN_WIDTH+1];
|
||
|
+ char encode[COLUMN_WIDTH+1];
|
||
|
char hashstr[FIELDSIZE];
|
||
|
Connection_T c; ResultSet_T r;
|
||
|
|
||
|
@@ -3753,8 +3753,7 @@
|
||
|
|
||
|
if (SMATCH(encode, "crypt")) {
|
||
|
TRACE(TRACE_DEBUG, "validating using crypt() encryption");
|
||
|
- strncpy(salt, dbpass, 2);
|
||
|
- is_validated = (strcmp((const char *) crypt(password, salt), dbpass) == 0) ? 1 : 0;
|
||
|
+ is_validated = (strcmp((const char *) crypt(password, dbpass), dbpass) == 0) ? 1 : 0;
|
||
|
} else if (SMATCH(encode, "md5")) {
|
||
|
/* get password */
|
||
|
if (strncmp(dbpass, "$1$", 3)) { // no match
|