1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
From 78f25c8abfc3358a46061772944d30027ceb8288 Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Mon, 19 Dec 2011 01:21:33 -0600
Subject: [PATCH] libcrypt: make crypt() itself more modular
By using a function table, we can more cleanly support new crypt
implementations, such as SHA256 ($5$) and SHA512 ($6$).
Signed-off-by: William Pitcock <nenolod@dereferenced.org>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
(cherry picked from commit 40c426ae8f032d794d15f4a7fca8dc17cdc9899d)
---
libcrypt/crypt.c | 30 ++++++++++++++++++++++++------
1 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c
index 89a2614..33f98b6 100644
--- a/libcrypt/crypt.c
+++ b/libcrypt/crypt.c
@@ -8,17 +8,35 @@
#define __FORCE_GLIBC
#include <crypt.h>
#include <unistd.h>
+#include <string.h>
+#include <errno.h>
#include "libcrypt.h"
+typedef char *(*crypt_impl_f)(const unsigned char *pw, const unsigned char *salt);
+
+static const struct {
+ const char *salt_pfx;
+ const crypt_impl_f crypt_impl;
+} crypt_impl_tab[] = {
+ { "$1$", __md5_crypt },
+ { NULL, __des_crypt },
+};
+
char *crypt(const char *key, const char *salt)
{
const unsigned char *ukey = (const unsigned char *)key;
const unsigned char *usalt = (const unsigned char *)salt;
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(crypt_impl_tab); i++) {
+ if (crypt_impl_tab[i].salt_pfx != NULL &&
+ strncmp(crypt_impl_tab[i].salt_pfx, salt, strlen(crypt_impl_tab[i].salt_pfx)))
+ continue;
+
+ return crypt_impl_tab[i].crypt_impl(ukey, usalt);
+ }
- /* First, check if we are supposed to be using the MD5 replacement
- * instead of DES... */
- if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$')
- return __md5_crypt(ukey, usalt);
- else
- return __des_crypt(ukey, usalt);
+ /* no crypt implementation was found, set errno to ENOSYS and return NULL */
+ __set_errno(ENOSYS);
+ return NULL;
}
--
1.7.8
|
