From cb332379273b831b0f6355940dd41202f2e0d2fb Mon Sep 17 00:00:00 2001
From: Pascal Rigaux <pixel@mandriva.com>
Date: Fri, 22 Aug 2008 15:55:21 +0000
Subject: - handle blowfish password encryption and use it by default (#42426)

---
 perl-install/authentication.pm   | 6 ++++--
 perl-install/install/NEWS        | 1 +
 perl-install/install/install2.pm | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

(limited to 'perl-install')

diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 72656d447..886b45d15 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -260,6 +260,7 @@ sub check_given_password {
 sub get() {
     my $system_auth = cat_("/etc/pam.d/system-auth");
     my $authentication = {
+	blowfish => to_bool($system_auth =~ /\$2a\$/),
 	md5      => to_bool($system_auth =~ /md5/), 
 	shadow   => to_bool($system_auth =~ /shadow/),
     };
@@ -817,12 +818,13 @@ sub salt {
 
 sub user_crypted_passwd {
     my ($u, $authentication) = @_;
-    my $isMD5 = !$authentication || $authentication->{md5};
     if ($u->{password}) {
 	require utf8;
 	utf8::encode($u->{password}); #- we don't want perl to do "smart" things in crypt()
 
-	crypt($u->{password}, $isMD5 ? '$1$' . salt(8) : salt(2));
+	crypt($u->{password}, 
+	      !$authentication || $authentication->{blowfish} ? '$2a$08$' . salt(60) :
+	      $authentication->{md5} ? '$1$' . salt(8) : salt(2));
     } else {
 	$u->{pw} || '';
     }
diff --git a/perl-install/install/NEWS b/perl-install/install/NEWS
index 5083aeb48..565ba1c98 100644
--- a/perl-install/install/NEWS
+++ b/perl-install/install/NEWS
@@ -1,3 +1,4 @@
+- handle blowfish password encryption and use it by default (#42426)
 - allow to install bootloader on md0 (#42999)
   (regression introduced on 2004-08-05)
 
diff --git a/perl-install/install/install2.pm b/perl-install/install/install2.pm
index 6cc1c6e3d..8724fda52 100644
--- a/perl-install/install/install2.pm
+++ b/perl-install/install/install2.pm
@@ -38,7 +38,7 @@ $o = $::o = {
 #    bootloader => { linear => 0, message => 1, timeout => 5, restricted => 0 },
 #-    packages   => [ qw() ],
     partitioning => { clearall => 0, eraseBadPartitions => 0, auto_allocate => 0 }, #-, readonly => 0 },
-    authentication => { md5 => 1, shadow => 1 },
+    authentication => { blowfish => 1, shadow => 1 },
     locale         => { lang => 'en_US' },
 #-    isUpgrade    => 0,
     toRemove     => [],
-- 
cgit v1.2.1