|
|
@@ -221,6 +221,12 @@ static void expire_simuls() {
|
|
|
static void checkpass()
|
|
|
{
|
|
|
static int checkedpass = 0;
|
|
|
+ int (*hash_cmp) (const char *, const char *) = NULL;
|
|
|
+
|
|
|
+ if (strlen(settings.shellhash) == 32)
|
|
|
+ hash_cmp = md5cmp;
|
|
|
+ else
|
|
|
+ hash_cmp = sha1cmp;
|
|
|
|
|
|
if (!checkedpass) {
|
|
|
#ifdef HAVE_GETPASSPHRASE
|
|
|
@@ -231,7 +237,7 @@ static void checkpass()
|
|
|
#endif
|
|
|
|
|
|
checkedpass = 1;
|
|
|
- if (!gpasswd || (gpasswd && md5cmp(settings.shellhash, gpasswd) && !check_master_hash(NULL, gpasswd)))
|
|
|
+ if (!gpasswd || (gpasswd && hash_cmp(settings.shellhash, gpasswd) && !check_master_hash(NULL, gpasswd)))
|
|
|
werr(ERR_BADPASS);
|
|
|
/* Most PASS_MAX are 256.. but it's not clear */
|
|
|
OPENSSL_cleanse(gpasswd, 30);
|