X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=libbb%2Fpw_encrypt.c;h=469e71f6ccdc9606a8f895d9db2d07127a17419f;hb=08ea11ab0749a7977e6d47cd0fa7b3c9cc10af32;hp=727149d0c3a3c12c3aba5594bdd27163417251e6;hpb=c7bda1ce659294d6e22c06e087f6f265983c7578;p=oweals%2Fbusybox.git diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c index 727149d0c..469e71f6c 100644 --- a/libbb/pw_encrypt.c +++ b/libbb/pw_encrypt.c @@ -4,42 +4,81 @@ * * Copyright (C) 1999-2004 by Erik Andersen * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - * + * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. */ -#include -#include #include "libbb.h" +#if ENABLE_USE_BB_CRYPT + +/* + * DES and MD5 crypt implementations are taken from uclibc. + * They were modified to not use static buffers. + */ +/* Common for them */ +static const uint8_t ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; +#include "pw_encrypt_des.c" +#include "pw_encrypt_md5.c" + + +static struct const_des_ctx *des_cctx; +static struct des_ctx *des_ctx; -extern char *pw_encrypt(const char *clear, const char *salt) +/* my_crypt returns malloc'ed data */ +static char *my_crypt(const char *key, const char *salt) { - static char cipher[128]; - char *cp; + /* First, check if we are supposed to be using the MD5 replacement + * instead of DES... */ + if (salt[0] == '$' && salt[1] == '1' && salt[2] == '$') { + return md5_crypt(xzalloc(MD5_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt); + } + + { + if (!des_cctx) + des_cctx = const_des_init(); + des_ctx = des_init(des_ctx, des_cctx); + return des_crypt(des_ctx, xzalloc(DES_OUT_BUFSIZE), (unsigned char*)key, (unsigned char*)salt); + } +} + +/* So far nobody wants to have it public */ +static void my_crypt_cleanup(void) +{ + free(des_cctx); + free(des_ctx); + des_cctx = NULL; + des_ctx = NULL; +} -#ifdef CONFIG_FEATURE_SHA1_PASSWORDS +char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup) +{ + char *encrypted; + +#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ if (strncmp(salt, "$2$", 3) == 0) { return sha1_crypt(clear); } #endif - cp = (char *) crypt(clear, salt); - /* if crypt (a nonstandard crypt) returns a string too large, - truncate it so we don't overrun buffers and hope there is - enough security in what's left */ - safe_strncpy(cipher, cp, sizeof(cipher)); - return cipher; + + encrypted = my_crypt(clear, salt); + + if (cleanup) + my_crypt_cleanup(); + + return encrypted; +} + +#else /* if !ENABLE_USE_BB_CRYPT */ + +char* FAST_FUNC pw_encrypt(const char *clear, const char *salt, int cleanup) +{ +#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ + if (strncmp(salt, "$2$", 3) == 0) { + return xstrdup(sha1_crypt(clear)); + } +#endif + + return xstrdup(crypt(clear, salt)); } +#endif