From ec1ee46250b2ad5beb43fdf35c733f79370fd5bd Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 19 Jan 2015 14:26:43 +0100
Subject: [PATCH] ocpasswd: attempt to use sha2crypt only in glibc

uclibc's crypt(3) is so dumb it will not error if
$5$ is specified as salt, but not supported.
---
 configure.ac   | 13 +++++++++++++
 src/ocpasswd.c |  4 ++++
 2 files changed, 17 insertions(+)

diff --git a/configure.ac b/configure.ac
index 68aa955d..732a277a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -162,6 +162,18 @@ AC_LIB_HAVE_LINKFLAGS(readline,, [
     fi
   fi
 
+have_glibc=no
+AC_LIB_HAVE_LINKFLAGS(c,, [
+#include <stdio.h>
+#include <gnu/libc-version.h>
+#include <stdio.h>], [ puts (gnu_get_libc_version ()); return 0; ])
+if test x$ac_cv_libc = xyes; then
+  AC_DEFINE(TRY_SHA2_CRYPT, 1, [have original glibc])
+  have_glibc=yes
+else
+  have_glibc=no
+fi
+
 AC_ARG_WITH(pam,
   AS_HELP_STRING([--without-pam], [do not include PAM support]),
   test_for_pam=$withval,
@@ -460,6 +472,7 @@ Summary of build options:
   dbus:                 ${dbus_enabled}
   readline:             ${have_readline}
   libnl3:               ${have_libnl3}
+  glibc (sha2crypt):    ${have_glibc}
   local talloc:         ${with_local_talloc}
   local protobuf-c:     ${with_local_protobuf_c}
   local PCL library:    ${with_local_pcl}
diff --git a/src/ocpasswd.c b/src/ocpasswd.c
index 515821ec..0d451a4a 100644
--- a/src/ocpasswd.c
+++ b/src/ocpasswd.c
@@ -69,7 +69,11 @@ crypt_int(const char *fpasswd, const char *username, const char *groupname,
 		exit(1);
 	}
 
+#ifdef TRY_SHA2_CRYPT
 	strcpy(salt, "$5$");
+#else
+	strcpy(salt, "$1$");
+#endif
 	p = salt + 3;
 
 	for (i = 0; i < sizeof(_salt); i++) {