1 files changed, 14 insertions, 10 deletions

diff --git a/crypto/openssh/openbsd-compat/port-uw.c b/crypto/openssh/openbsd-compat/port-uw.c
index d881ff028ddd..c644271218a8 100644
--- a/crypto/openssh/openbsd-compat/port-uw.c
+++ b/crypto/openssh/openbsd-compat/port-uw.c
@@ -25,7 +25,7 @@
 
 #include "includes.h"
 
-#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+#ifdef HAVE_LIBIAF
 #ifdef HAVE_CRYPT_H
 #include <crypt.h>
 #endif
@@ -42,7 +42,6 @@ int
 sys_auth_passwd(Authctxt *authctxt, const char *password)
 {
 	struct passwd *pw = authctxt->pw;
-	char *encrypted_password;
 	char *salt;
 	int result;
 
@@ -55,21 +54,24 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
 
 	/* Encrypt the candidate password using the proper salt. */
 	salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx";
-#ifdef UNIXWARE_LONG_PASSWORDS
-	if (!nischeck(pw->pw_name))
-		encrypted_password = bigcrypt(password, salt);
-	else
-#endif /* UNIXWARE_LONG_PASSWORDS */
-		encrypted_password = xcrypt(password, salt);
 
 	/*
 	 * Authentication is accepted if the encrypted passwords
 	 * are identical.
 	 */
-	result = (strcmp(encrypted_password, pw_password) == 0);
+#ifdef UNIXWARE_LONG_PASSWORDS
+	if (!nischeck(pw->pw_name)) {
+		result = ((strcmp(bigcrypt(password, salt), pw_password) == 0)
+		||  (strcmp(osr5bigcrypt(password, salt), pw_password) == 0));
+	}
+	else
+#endif /* UNIXWARE_LONG_PASSWORDS */
+		result = (strcmp(xcrypt(password, salt), pw_password) == 0);
 
+#if !defined(BROKEN_LIBIAF)
 	if (authctxt->valid)
 		free(pw_password);
+#endif
 	return(result);
 }
 
@@ -114,6 +116,7 @@ nischeck(char *namep)
 	functions that call shadow_pw() will need to free
  */
 
+#if !defined(BROKEN_LIBIAF)
 char *
 get_iaf_password(struct passwd *pw)
 {
@@ -130,5 +133,6 @@ get_iaf_password(struct passwd *pw)
 	else
 		fatal("ia_openinfo: Unable to open the shadow passwd file");
 }
-#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
+#endif /* !BROKEN_LIBIAF */
+#endif /* HAVE_LIBIAF */