Check for crypt_gensalt_ra() instead of relying on libxcrypt presence

Since the loop to check various xcrypt functions is already in place,
adding one more is cheap. And it is nicer to check for the function
directly. People like to backport things, so we might get lucky even
without having libxcrypt.

meson.build

@@ -884,7 +884,8 @@ libcrypt = cc.find_library('crypt')
 crypt_header = conf.get('HAVE_CRYPT_H') == 1 ? \
                '''#include <crypt.h>''' : '''#include <unistd.h>'''
 foreach ident : [
-        ['crypt_ra',          crypt_header]]
+        ['crypt_ra',          crypt_header],
+        ['crypt_gensalt_ra',  crypt_header]]
 
         have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE',
                                dependencies : libcrypt)

src/shared/libcrypt-util.c

@@ -31,12 +31,12 @@
 
 int make_salt(char **ret) {
 
-#ifdef XCRYPT_VERSION_MAJOR
+#if HAVE_CRYPT_GENSALT_RA
         const char *e;
         char *salt;
 
-        /* If we have libxcrypt we default to the "preferred method" (i.e. usually yescrypt), and generate it
-         * with crypt_gensalt_ra(). */
+        /* If we have crypt_gensalt_ra() we default to the "preferred method" (i.e. usually yescrypt).
+         * crypt_gensalt_ra() is usually provided by libxcrypt. */
 
         e = secure_getenv("SYSTEMD_CRYPT_PREFIX");
         if (!e)
@@ -51,8 +51,7 @@ int make_salt(char **ret) {
         *ret = salt;
         return 0;
 #else
-        /* If libxcrypt is not used, we use SHA512 and generate the salt on our own since crypt_gensalt_ra()
-         * is not available. */
+        /* If crypt_gensalt_ra() is not available, we use SHA512 and generate the salt on our own. */
 
         static const char table[] =
                 "abcdefghijklmnopqrstuvwxyz"