-
Henrik (Grubba) Grubbström authored
The glibc crypt() implementation in RHEL 8 apparently sometimes performs misguided "validation" of the salt even for "$6$" and fails with EINVAL instead of actually validating the password. Throwing an error on validation failure is not what existing code expects, so just return a failure instead in this case. Fixes #10050. See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714219
Henrik (Grubba) Grubbström authoredThe glibc crypt() implementation in RHEL 8 apparently sometimes performs misguided "validation" of the salt even for "$6$" and fails with EINVAL instead of actually validating the password. Throwing an error on validation failure is not what existing code expects, so just return a failure instead in this case. Fixes #10050. See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714219
