password_hash: conditional compilation for crypt_r

[metze/samba/wip.git] / source4 / dsdb / samdb / ldb_modules / password_hash.c

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 6a1ae3b60e6694c3132043fa7c76f690995391ca..8e8dc2c307255d4e4b2af1b3391f2fe7e39e2ee2 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1487,11 +1487,13 @@ static int setup_primary_userPassword_hash(
        const char *salt = NULL;        /* Randomly generated salt */
        const char *cmd = NULL;         /* command passed to crypt */
        const char *hash = NULL;        /* password hash generated by crypt */
-       struct crypt_data crypt_data;   /* working storage used by crypt */
        int algorithm = 0;              /* crypt hash algorithm number */
        int rounds = 0;                 /* The number of hash rounds */
        DATA_BLOB *hash_blob = NULL;
        TALLOC_CTX *frame = talloc_stackframe();
+#ifdef HAVE_CRYPT_R
+       struct crypt_data crypt_data;   /* working storage used by crypt */
+#endif
 
        /* Genrate a random password salt */
        salt = generate_random_str_list(frame,
@@ -1531,7 +1533,15 @@ static int setup_primary_userPassword_hash(
         * Relies on the assertion that cleartext_utf8->data is a zero
         * terminated UTF-8 string
         */
+#ifdef HAVE_CRYPT_R
        hash = crypt_r((char *)io->n.cleartext_utf8->data, cmd, &crypt_data);
+#else
+       /*
+        * No crypt_r falling back to crypt, which is NOT thread safe
+        * Thread safety MT-Unsafe race:crypt
+        */
+       hash = crypt((char *)io->n.cleartext_utf8->data, cmd);
+#endif
        if (hash == NULL) {
                char buf[1024];
                ldb_asprintf_errstring(