main/busybox/0001-loginutils-use-sha512.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

From 253a5e60f5917b29da687b802f56a8503ff9b29a Mon Sep 17 00:00:00 2001
From: Natanael Copa <natanael.copa@gmail.com>
Date: Fri, 21 Oct 2011 14:04:01 +0000
Subject: [PATCH] loginutils: use sha512

---
 libbb/pw_encrypt.c    |    2 +-
 loginutils/chpasswd.c |   23 +++++++++++++++--------
 loginutils/passwd.c   |    2 +-
 3 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index 39ffa08..dcf6ca5 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -59,7 +59,7 @@ char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
 		*salt_ptr++ = '$';
 #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
 		if (algo[0] == 's') { /* sha */
-			salt[1] = '5' + (strcmp(algo, "sha512") == 0);
+			salt[1] = '6' + (strcmp(algo, "sha512") == 0);
 			len = 16/2;
 		}
 #endif
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index b7df57e..029ddfa 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -13,22 +13,26 @@
 //usage:       "Read user:password from stdin and update /etc/passwd\n"
 //usage:	IF_LONG_OPTS(
 //usage:     "\n	-e,--encrypted	Supplied passwords are in encrypted form"
-//usage:     "\n	-m,--md5	Use MD5 encryption instead of DES"
+//usage:     "\n	-m,--md5	Use MD5 encryption instead of SHA512"
+//usage:     "\n	-d,--des	Use DES encryption instead of SHA512"
 //usage:	)
 //usage:	IF_NOT_LONG_OPTS(
 //usage:     "\n	-e	Supplied passwords are in encrypted form"
-//usage:     "\n	-m	Use MD5 encryption instead of DES"
+//usage:     "\n	-m	Use MD5 encryption instead of SHA512"
+//usage:     "\n	-d	Use DES encryption instead of SHA512"
 //usage:	)
 
 #if ENABLE_LONG_OPTS
 static const char chpasswd_longopts[] ALIGN1 =
 	"encrypted\0" No_argument "e"
 	"md5\0"       No_argument "m"
+	"des\0"       No_argument "d"
 	;
 #endif
 
 #define OPT_ENC  1
 #define OPT_MD5  2
+#define OPT_DES  4
 
 int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int chpasswd_main(int argc UNUSED_PARAM, char **argv)
@@ -39,9 +43,9 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
 	if (getuid() != 0)
 		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
 
-	opt_complementary = "m--e:e--m";
+	opt_complementary = "m--e:e--m:d--e:e--d:m--d:d--m";
 	IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
-	opt = getopt32(argv, "em");
+	opt = getopt32(argv, "emd");
 
 	while ((name = xmalloc_fgetline(stdin)) != NULL) {
 		char *free_me;
@@ -59,13 +63,16 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
 		if (!(opt & OPT_ENC)) {
 			char salt[sizeof("$N$XXXXXXXX")];
 
-			crypt_make_salt(salt, 1);
+			crypt_make_salt(salt + 3, 4);
+			salt[0] = '$';
+			salt[1] = '6';
+			salt[2] = '$';
 			if (opt & OPT_MD5) {
-				salt[0] = '$';
 				salt[1] = '1';
-				salt[2] = '$';
-				crypt_make_salt(salt + 3, 4);
+			} else if (opt & OPT_DES) {
+				crypt_make_salt(salt, 1);
 			}
+				
 			free_me = pass = pw_encrypt(pass, salt, 0);
 		}
 
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index 1cfafae..f29d66c 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -94,7 +94,7 @@ int passwd_main(int argc UNUSED_PARAM, char **argv)
 	};
 	unsigned opt;
 	int rc;
-	const char *opt_a = "d"; /* des */
+	const char *opt_a = "s"; /* sha512 */
 	const char *filename;
 	char *myname;
 	char *name;
-- 
1.7.7