From a0fce7ff9b9ef022672db9ddbb09a32fa288ab21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Fri, 23 Nov 2018 10:14:03 +0100
Subject: [PATCH] Backport upstream commit preferring gensalt with autoentropy

---
 pam-1.3.1-unix-gensalt-autoentropy.patch | 95 ++++++++++++++++++++++++
 pam.spec                                 |  4 +
 2 files changed, 99 insertions(+)
 create mode 100644 pam-1.3.1-unix-gensalt-autoentropy.patch

diff --git a/pam-1.3.1-unix-gensalt-autoentropy.patch b/pam-1.3.1-unix-gensalt-autoentropy.patch
new file mode 100644
index 0000000..8ae4abf
--- /dev/null
+++ b/pam-1.3.1-unix-gensalt-autoentropy.patch
@@ -0,0 +1,95 @@
+From 05aa693b7db6b818d31e41f0cab1d5fb4f49600e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
+Date: Thu, 15 Nov 2018 15:58:56 +0100
+Subject: [PATCH] pam_unix: Prefer a gensalt function, that supports auto
+ entropy.
+
+* modules/pam_unix/pam_unix_passwd.c: Initialize rounds parameter to 0.
+* modules/pam_unix/passverify.c: Prefer gensalt with auto entropy.
+* modules/pam_unix/support.c: Fix sanitizing of rounds parameter.
+---
+ modules/pam_unix/pam_unix_passwd.c |  2 +-
+ modules/pam_unix/passverify.c      | 13 +++++++++++++
+ modules/pam_unix/support.c         |  7 +++++--
+ 3 files changed, 19 insertions(+), 3 deletions(-)
+
+Index: Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c
+===================================================================
+--- Linux-PAM-1.3.1.orig/modules/pam_unix/pam_unix_passwd.c
++++ Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c
+@@ -607,7 +607,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
+ 	unsigned int ctrl, lctrl;
+ 	int retval;
+ 	int remember = -1;
+-	int rounds = -1;
++	int rounds = 0;
+ 	int pass_min_len = 0;
+ 
+ 	/* <DO NOT free() THESE> */
+Index: Linux-PAM-1.3.1/modules/pam_unix/passverify.c
+===================================================================
+--- Linux-PAM-1.3.1.orig/modules/pam_unix/passverify.c
++++ Linux-PAM-1.3.1/modules/pam_unix/passverify.c
+@@ -375,7 +375,12 @@ PAMH_ARG_DECL(char * create_password_has
+ 	const char *password, unsigned int ctrl, int rounds)
+ {
+ 	const char *algoid;
++#if defined(CRYPT_GENSALT_OUTPUT_SIZE) && CRYPT_GENSALT_OUTPUT_SIZE > 64
++	/* Strings returned by crypt_gensalt_rn will be no longer than this. */
++	char salt[CRYPT_GENSALT_OUTPUT_SIZE];
++#else
+ 	char salt[64]; /* contains rounds number + max 16 bytes of salt + algo id */
++#endif
+ 	char *sp;
+ #ifdef HAVE_CRYPT_R
+ 	struct crypt_data *cdata = NULL;
+@@ -406,6 +411,13 @@ PAMH_ARG_DECL(char * create_password_has
+ 		return crypted;
+ 	}
+ 
++#if defined(CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) && CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY
++	/*
++	 * Any version of libcrypt supporting auto entropy is
++	 * guaranteed to have crypt_gensalt_rn().
++	 */
++	sp = crypt_gensalt_rn(algoid, rounds, NULL, 0, salt, sizeof(salt));
++#else
+ #ifdef HAVE_CRYPT_GENSALT_R
+ 	if (on(UNIX_BLOWFISH_PASS, ctrl)) {
+ 		char entropy[17];
+@@ -423,6 +435,7 @@ PAMH_ARG_DECL(char * create_password_has
+ #ifdef HAVE_CRYPT_GENSALT_R
+ 	}
+ #endif
++#endif /* CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY */
+ #ifdef HAVE_CRYPT_R
+ 	sp = NULL;
+ 	cdata = malloc(sizeof(*cdata));
+Index: Linux-PAM-1.3.1/modules/pam_unix/support.c
+===================================================================
+--- Linux-PAM-1.3.1.orig/modules/pam_unix/support.c
++++ Linux-PAM-1.3.1/modules/pam_unix/support.c
+@@ -175,6 +175,7 @@ int _set_ctrl(pam_handle_t *pamh, int fl
+ 
+ 	    if (val) {
+ 	      *rounds = strtol(val, NULL, 10);
++	      set(UNIX_ALGO_ROUNDS, ctrl);
+ 	      free (val);
+ 	    }
+ 	  }
+@@ -254,11 +255,13 @@ int _set_ctrl(pam_handle_t *pamh, int fl
+ 			if (*rounds < 4 || *rounds > 31)
+ 				*rounds = 5;
+ 		} else if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
+-			if ((*rounds < 1000) || (*rounds == INT_MAX))
++			if ((*rounds < 1000) || (*rounds == INT_MAX)) {
+ 				/* don't care about bogus values */
++				*rounds = 0;
+ 				unset(UNIX_ALGO_ROUNDS, ctrl);
+-			if (*rounds >= 10000000)
++			} else if (*rounds >= 10000000) {
+ 				*rounds = 9999999;
++			}
+ 		}
+ 	}
+ 
diff --git a/pam.spec b/pam.spec
index f5fa9cc..beeb8f5 100644
--- a/pam.spec
+++ b/pam.spec
@@ -48,6 +48,8 @@ Patch35: pam-1.3.1-console-build.patch
 Patch36: pam-1.3.1-unix-remove-obsolete-_unix_read_password-prototype.patch
 # https://github.com/linux-pam/linux-pam/commit/f7abb8c1ef3aa31e6c2564a8aaf69683a77c2016.patch
 Patch37: pam-1.3.1-unix-bcrypt_b.patch
+# https://github.com/linux-pam/linux-pam/commit/dce80b3f11b3c3aa137d18f22699809094dd64b6
+Patch38: pam-1.3.1-unix-gensalt-autoentropy.patch
 
 %global _pamlibdir %{_libdir}
 %global _moduledir %{_libdir}/security
@@ -133,6 +135,7 @@ cp %{SOURCE18} .
 %patch35 -p1 -b .console-build
 %patch36 -p1 -b .remove-prototype
 %patch37 -p1 -b .bcrypt_b
+%patch38 -p1 -b .gensalt-autoentropy
 
 autoreconf -i
 
@@ -378,6 +381,7 @@ done
 * Fri Nov 23 2018 Björn Esser <besser82@fedoraproject.org> - 1.3.1-9
 - Backport upstream commit removing an obsolete prototype
 - Backport upstream commit preferring bcrypt_b ($2b$) for blowfish
+- Backport upstream commit preferring gensalt with autoentropy
 
 * Fri Nov 16 2018 Björn Esser <besser82@fedoraproject.org> - 1.3.1-8
 - Use %%ldconfig_scriptlets