37 lines
1.4 KiB
Diff
37 lines
1.4 KiB
Diff
Binary files dbmail-3.2.5.orig/src/.dm_db.c.swp and dbmail-3.2.5/src/.dm_db.c.swp differ
|
|
diff -uriN dbmail-3.2.5.orig/src/dm_db.c dbmail-3.2.5/src/dm_db.c
|
|
--- dbmail-3.2.5.orig/src/dm_db.c 2020-08-03 08:26:31.000000000 -0500
|
|
+++ dbmail-3.2.5/src/dm_db.c 2021-11-07 06:16:57.000000000 -0600
|
|
@@ -3705,7 +3705,8 @@
|
|
char salt[13], cryptres[35];
|
|
volatile int t = FALSE;
|
|
char dbpass[COLUMN_WIDTH+1];
|
|
- char encode[COLUMN_WIDTH+1];
|
|
+ char dbgpass[COLUMN_WIDTH+1];
|
|
+ char encode[COLUMN_WIDTH+1];
|
|
char hashstr[FIELDSIZE];
|
|
Connection_T c; ResultSet_T r;
|
|
|
|
@@ -3713,6 +3714,7 @@
|
|
memset(cryptres,0,sizeof(cryptres));
|
|
memset(hashstr, 0, sizeof(hashstr));
|
|
memset(dbpass, 0, sizeof(dbpass));
|
|
+ memset(dbgpass, 0, sizeof(dbgpass));
|
|
memset(encode, 0, sizeof(encode));
|
|
|
|
c = db_con_get();
|
|
@@ -3754,7 +3756,13 @@
|
|
if (SMATCH(encode, "crypt")) {
|
|
TRACE(TRACE_DEBUG, "validating using crypt() encryption");
|
|
strncpy(salt, dbpass, 2);
|
|
- is_validated = (strcmp((const char *) crypt(password, salt), dbpass) == 0) ? 1 : 0;
|
|
+ TRACE(TRACE_DEBUG, "salt : %s", salt);
|
|
+ TRACE(TRACE_DEBUG, "password : %s", password);
|
|
+ strncpy(dbgpass, (const char *) crypt(password, dbpass), sizeof(dbgpass)-1);
|
|
+ TRACE(TRACE_DEBUG, "dbpass : %s", dbpass);
|
|
+ TRACE(TRACE_DEBUG, "dbgpass : %s", dbgpass);
|
|
+
|
|
+ is_validated = (strcmp(dbgpass, dbpass) == 0) ? 1 : 0;
|
|
} else if (SMATCH(encode, "md5")) {
|
|
/* get password */
|
|
if (strncmp(dbpass, "$1$", 3)) { // no match
|