Tue Nov 29 17:27:10 2011 UTC ()
remove the option to build this against openssl - this hasn't been used
in the NetBSD build
since the libc version of MD5Final zeroes out the context, replace
the bzero introduced in the previous commit by comments telling that


(drochner)
diff -r1.10 -r1.11 src/lib/libcrypt/md5crypt.c
cvs diff -r1.10 -r1.11 src/lib/libcrypt/md5crypt.c (expand / switch to unified diff)

--- src/lib/libcrypt/md5crypt.c 2011/11/29 13:18:52 1.10
+++ src/lib/libcrypt/md5crypt.c 2011/11/29 17:27:10 1.11
@@ -1,62 +1,46 @@ @@ -1,62 +1,46 @@
1/* $NetBSD: md5crypt.c,v 1.10 2011/11/29 13:18:52 drochner Exp $ */ 1/* $NetBSD: md5crypt.c,v 1.11 2011/11/29 17:27:10 drochner Exp $ */
2 2
3/* 3/*
4 * ---------------------------------------------------------------------------- 4 * ----------------------------------------------------------------------------
5 * "THE BEER-WARE LICENSE" (Revision 42): 5 * "THE BEER-WARE LICENSE" (Revision 42):
6 * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you 6 * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
7 * can do whatever you want with this stuff. If we meet some day, and you think 7 * can do whatever you want with this stuff. If we meet some day, and you think
8 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 8 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
9 * ---------------------------------------------------------------------------- 9 * ----------------------------------------------------------------------------
10 * 10 *
11 * from FreeBSD: crypt.c,v 1.5 1996/10/14 08:34:02 phk Exp 11 * from FreeBSD: crypt.c,v 1.5 1996/10/14 08:34:02 phk Exp
12 * via OpenBSD: md5crypt.c,v 1.9 1997/07/23 20:58:27 kstailey Exp 12 * via OpenBSD: md5crypt.c,v 1.9 1997/07/23 20:58:27 kstailey Exp
13 * 13 *
14 */ 14 */
15 15
16#include <sys/cdefs.h> 16#include <sys/cdefs.h>
17#if !defined(lint) 17#if !defined(lint)
18__RCSID("$NetBSD: md5crypt.c,v 1.10 2011/11/29 13:18:52 drochner Exp $"); 18__RCSID("$NetBSD: md5crypt.c,v 1.11 2011/11/29 17:27:10 drochner Exp $");
19#endif /* not lint */ 19#endif /* not lint */
20 20
21/* 
22 * NOTE: We are also built for inclusion in libcrypto; when built for that 
23 * environment, use the libcrypto versions of the MD5 routines, so save 
24 * having to pull two versions into the same program. 
25 */ 
26 
27#include <unistd.h> 21#include <unistd.h>
28#include <stdio.h> 22#include <stdio.h>
29#include <string.h> 23#include <string.h>
30#ifdef libcrypto 
31#include <openssl/md5.h> 
32#else 
33#include <md5.h> 24#include <md5.h>
34#endif 
35 25
36#include "crypt.h" 26#include "crypt.h"
37 27
38#define MD5_MAGIC "$1$" 28#define MD5_MAGIC "$1$"
39#define MD5_MAGIC_LEN 3 29#define MD5_MAGIC_LEN 3
40 30
41#ifdef libcrypto 
42#define INIT(x) MD5_Init((x)) 
43#define UPDATE(x, b, l) MD5_Update((x), (b), (l)) 
44#define FINAL(v, x) MD5_Final((v), (x)) 
45#else 
46#define INIT(x) MD5Init((x)) 31#define INIT(x) MD5Init((x))
47#define UPDATE(x, b, l) MD5Update((x), (b), (l)) 32#define UPDATE(x, b, l) MD5Update((x), (b), (l))
48#define FINAL(v, x) MD5Final((v), (x)) 33#define FINAL(v, x) MD5Final((v), (x))
49#endif 
50 34
51 35
52/* 36/*
53 * MD5 password encryption. 37 * MD5 password encryption.
54 */ 38 */
55char * 39char *
56__md5crypt(const char *pw, const char *salt) 40__md5crypt(const char *pw, const char *salt)
57{ 41{
58 static char passwd[120], *p; 42 static char passwd[120], *p;
59 const char *sp, *ep; 43 const char *sp, *ep;
60 unsigned char final[16]; 44 unsigned char final[16];
61 unsigned int i, sl, pwl; 45 unsigned int i, sl, pwl;
62 MD5_CTX ctx, ctx1; 46 MD5_CTX ctx, ctx1;
@@ -107,28 +91,27 @@ __md5crypt(const char *pw, const char *s @@ -107,28 +91,27 @@ __md5crypt(const char *pw, const char *s
107 for (i = pwl; i != 0; i >>= 1) 91 for (i = pwl; i != 0; i >>= 1)
108 if ((i & 1) != 0) 92 if ((i & 1) != 0)
109 UPDATE(&ctx, final, 1); 93 UPDATE(&ctx, final, 1);
110 else 94 else
111 UPDATE(&ctx, (const unsigned char *)pw, 1); 95 UPDATE(&ctx, (const unsigned char *)pw, 1);
112 96
113 /* Now make the output string */ 97 /* Now make the output string */
114 memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN); 98 memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN);
115 strlcpy(passwd + MD5_MAGIC_LEN, sp, sl + 1); 99 strlcpy(passwd + MD5_MAGIC_LEN, sp, sl + 1);
116 strlcat(passwd, "$", sizeof(passwd)); 100 strlcat(passwd, "$", sizeof(passwd));
117 101
118 FINAL(final, &ctx); 102 FINAL(final, &ctx);
119 103
120 /* Don't leave anything around in vm they could use. */ 104 /* memset(&ctx, 0, sizeof(ctx)); done by MD5Final() */
121 memset(&ctx, 0, sizeof(ctx)); 
122 105
123 /* 106 /*
124 * And now, just to make sure things don't run too fast. On a 60 MHz 107 * And now, just to make sure things don't run too fast. On a 60 MHz
125 * Pentium this takes 34 msec, so you would need 30 seconds to build 108 * Pentium this takes 34 msec, so you would need 30 seconds to build
126 * a 1000 entry dictionary... 109 * a 1000 entry dictionary...
127 */ 110 */
128 for (i = 0; i < 1000; i++) { 111 for (i = 0; i < 1000; i++) {
129 INIT(&ctx1); 112 INIT(&ctx1);
130 113
131 if ((i & 1) != 0) 114 if ((i & 1) != 0)
132 UPDATE(&ctx1, (const unsigned char *)pw, pwl); 115 UPDATE(&ctx1, (const unsigned char *)pw, pwl);
133 else 116 else
134 UPDATE(&ctx1, final, 16); 117 UPDATE(&ctx1, final, 16);
@@ -137,28 +120,27 @@ __md5crypt(const char *pw, const char *s @@ -137,28 +120,27 @@ __md5crypt(const char *pw, const char *s
137 UPDATE(&ctx1, (const unsigned char *)sp, sl); 120 UPDATE(&ctx1, (const unsigned char *)sp, sl);
138 121
139 if ((i % 7) != 0) 122 if ((i % 7) != 0)
140 UPDATE(&ctx1, (const unsigned char *)pw, pwl); 123 UPDATE(&ctx1, (const unsigned char *)pw, pwl);
141 124
142 if ((i & 1) != 0) 125 if ((i & 1) != 0)
143 UPDATE(&ctx1, final, 16); 126 UPDATE(&ctx1, final, 16);
144 else 127 else
145 UPDATE(&ctx1, (const unsigned char *)pw, pwl); 128 UPDATE(&ctx1, (const unsigned char *)pw, pwl);
146 129
147 FINAL(final, &ctx1); 130 FINAL(final, &ctx1);
148 } 131 }
149 132
150 /* Don't leave anything around in vm they could use. */ 133 /* memset(&ctx1, 0, sizeof(ctx1)); done by MD5Final() */
151 memset(&ctx1, 0, sizeof(ctx1)); 
152 134
153 p = passwd + sl + MD5_MAGIC_LEN + 1; 135 p = passwd + sl + MD5_MAGIC_LEN + 1;
154 136
155 l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; __crypt_to64(p,l,4); p += 4; 137 l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; __crypt_to64(p,l,4); p += 4;
156 l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; __crypt_to64(p,l,4); p += 4; 138 l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; __crypt_to64(p,l,4); p += 4;
157 l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; __crypt_to64(p,l,4); p += 4; 139 l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; __crypt_to64(p,l,4); p += 4;
158 l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; __crypt_to64(p,l,4); p += 4; 140 l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; __crypt_to64(p,l,4); p += 4;
159 l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; __crypt_to64(p,l,4); p += 4; 141 l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; __crypt_to64(p,l,4); p += 4;
160 l = final[11] ; __crypt_to64(p,l,2); p += 2; 142 l = final[11] ; __crypt_to64(p,l,2); p += 2;
161 *p = '\0'; 143 *p = '\0';
162 144
163 /* Don't leave anything around in vm they could use. */ 145 /* Don't leave anything around in vm they could use. */
164 memset(final, 0, sizeof(final)); 146 memset(final, 0, sizeof(final));