[Dovecot] crypt() failure is possible

21 May 2009


      dovecot 1.1.15 in src/auth/password-scheme.c
contains:
static bool
crypt_verify(const char *plaintext, const char *user ATTR_UNUSED,
const unsigned char *raw_password, size_t size)
{
const char *password;
    if (size == 0) {
            /* the default mycrypt() handler would return match */
            return FALSE;
    }

    password = t_strndup(raw_password, size);
    return strcmp(mycrypt(plaintext, password), password) == 0;
}
but according to man page crypt() can fail and NULL is returned then. On other
hand glibc info page is silent about such failure.
The thing is that I'm seeing crypt() failure here with new glibc 2.10.1 built
with nss backend for crypt(), so it would be good to handle such case.
(crypt failure was due to improper nss packaging but it could also happen if
somehow nss file becomes corrupted)
Arkadiusz Miśkiewicz        PLD/Linux Team
arekm / maven.pl            http://ftp.pld-linux.org/

[Dovecot] crypt() failure is possible

Arkadiusz Miskiewicz

(crypt failure was due to improper nss packaging but it could also happen if somehow nss file becomes corrupted)