aboutsummaryrefslogtreecommitdiffstats
path: root/main/libc0.9.32/0019-libcrypt-make-crypt-itself-more-modular.patch
blob: 9e8636f95a9ddb3737b947b99c9f3f30f2e0c4da (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
From 78f25c8abfc3358a46061772944d30027ceb8288 Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Mon, 19 Dec 2011 01:21:33 -0600
Subject: [PATCH] libcrypt: make crypt() itself more modular

By using a function table, we can more cleanly support new crypt
implementations, such as SHA256 ($5$) and SHA512 ($6$).

Signed-off-by: William Pitcock <nenolod@dereferenced.org>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
(cherry picked from commit 40c426ae8f032d794d15f4a7fca8dc17cdc9899d)
---
 libcrypt/crypt.c |   30 ++++++++++++++++++++++++------
 1 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c
index 89a2614..33f98b6 100644
--- a/libcrypt/crypt.c
+++ b/libcrypt/crypt.c
@@ -8,17 +8,35 @@
 #define __FORCE_GLIBC
 #include <crypt.h>
 #include <unistd.h>
+#include <string.h>
+#include <errno.h>
 #include "libcrypt.h"
 
+typedef char *(*crypt_impl_f)(const unsigned char *pw, const unsigned char *salt);
+
+static const struct {
+	const char *salt_pfx;
+	const crypt_impl_f crypt_impl;
+} crypt_impl_tab[] = {
+	{ "$1$",        __md5_crypt },
+	{ NULL,         __des_crypt },
+};
+
 char *crypt(const char *key, const char *salt)
 {
 	const unsigned char *ukey = (const unsigned char *)key;
 	const unsigned char *usalt = (const unsigned char *)salt;
+	size_t i;
+
+	for (i = 0; i < ARRAY_SIZE(crypt_impl_tab); i++) {
+		if (crypt_impl_tab[i].salt_pfx != NULL &&
+		    strncmp(crypt_impl_tab[i].salt_pfx, salt, strlen(crypt_impl_tab[i].salt_pfx)))
+			continue;
+
+		return crypt_impl_tab[i].crypt_impl(ukey, usalt);
+	}
 
-	/* First, check if we are supposed to be using the MD5 replacement
-	 * instead of DES...  */
-	if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$')
-		return __md5_crypt(ukey, usalt);
-	else
-		return __des_crypt(ukey, usalt);
+	/* no crypt implementation was found, set errno to ENOSYS and return NULL */
+	__set_errno(ENOSYS);
+	return NULL;
 }
-- 
1.7.8