1 files changed, 78 insertions, 84 deletions
diff --git a/md5crypt.c b/md5crypt.c
index e14d53ac1..ba98ccccc 100644
--- a/md5crypt.c
+++ b/md5crypt.c
@@ -1,165 +1,159 @@
 /*
 * ----------------------------------------------------------------------------
 * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this 
+ * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
- * notice you can do whatever you want with this stuff. If we meet some 
+ * can do whatever you want with this stuff. If we meet some day, and you think
- * day, and you think this stuff is worth it, you can buy me a beer in 
+ * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
- * return.   Poul-Henning Kamp
 * ----------------------------------------------------------------------------
 */
+/*
+ * Ported from FreeBSD to Linux, only minimal changes.  --marekm
+ */
+/*
+ * Adapted from shadow-19990607 by Tudor Bosman, tudorb@jm.nu
+ */
 #include "includes.h"
+RCSID("$Id: md5crypt.c,v 1.5 2001/02/09 01:55:36 djm Exp $");
 #if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-#include <openssl/md5.h>
-RCSID("$Id: md5crypt.c,v 1.7 2003/05/30 06:58:23 dtucker Exp $");
+#include <openssl/md5.h>
-/* 0 ... 63 => ascii - 64 */
+static unsigned char itoa64[] =         /* 0 ... 63 => ascii - 64 */
-static unsigned char itoa64[] =
+        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-    "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-static char *magic = "$1$";
+static char     *magic = "$1$"; /*
+                                 * This string is magic for
+                                 * this algorithm.  Having
+                                 * it this way, we can get
+                                 * get better later on
+                                 */
-static char *
+static void
-to64(unsigned long v, int n)
+to64(char *s, unsigned long v, int n)
 {
-        static char buf[5];
-        char *s = buf;
-        if (n > 4)
-                return (NULL);
-        memset(buf, '\0', sizeof(buf));
        while (--n >= 0) {
                *s++ = itoa64[v&0x3f];
                v >>= 6;
        }
-        
-        return (buf);
 }
 int
 is_md5_salt(const char *salt)
 {
-        return (strncmp(salt, magic, strlen(magic)) == 0);
+        return (!strncmp(salt, magic, strlen(magic)));
 }
+/*
+ * UNIX password
+ *
+ * Use MD5 for what it is best at...
+ */
 char *
 md5_crypt(const char *pw, const char *salt)
 {
-        static char passwd[120], salt_copy[9], *p;
+        static char     passwd[120], *p;
-        static const char *sp, *ep;
+        static const char *sp,*ep;
-        unsigned char final[16];
+        unsigned char   final[16];
-        int sl, pl, i, j;
+        int sl,pl,i,j;
-        MD5_CTX ctx, ctx1;
+        MD5_CTX ctx,ctx1;
        unsigned long l;
        /* Refine the Salt first */
        sp = salt;
        /* If it starts with the magic string, then skip that */
-        if(strncmp(sp, magic, strlen(magic)) == 0)
+        if(!strncmp(sp,magic,strlen(magic)))
                sp += strlen(magic);
        /* It stops at the first '$', max 8 chars */
-        for (ep = sp; *ep != '$'; ep++) {
+        for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
-                if (*ep == '\0' || ep >= (sp + 8))
+                continue;
-                        return (NULL);
-        }
        /* get the length of the true salt */
        sl = ep - sp;
-        /* Stash the salt */
-        memcpy(salt_copy, sp, sl);
-        salt_copy[sl] = '\0';
        MD5_Init(&ctx);
        /* The password first, since that is what is most unknown */
-        MD5_Update(&ctx, pw, strlen(pw));
+        MD5_Update(&ctx,pw,strlen(pw));
        /* Then our magic string */
-        MD5_Update(&ctx, magic, strlen(magic));
+        MD5_Update(&ctx,magic,strlen(magic));
        /* Then the raw salt */
-        MD5_Update(&ctx, sp, sl);
+        MD5_Update(&ctx,sp,sl);
-        /* Then just as many characters of the MD5(pw, salt, pw) */
+        /* Then just as many characters of the MD5(pw,salt,pw) */
        MD5_Init(&ctx1);
-        MD5_Update(&ctx1, pw, strlen(pw));
+        MD5_Update(&ctx1,pw,strlen(pw));
-        MD5_Update(&ctx1, sp, sl);
+        MD5_Update(&ctx1,sp,sl);
-        MD5_Update(&ctx1, pw, strlen(pw));
+        MD5_Update(&ctx1,pw,strlen(pw));
-        MD5_Final(final, &ctx1);
+        MD5_Final(final,&ctx1);
        for(pl = strlen(pw); pl > 0; pl -= 16)
-                MD5_Update(&ctx, final, pl > 16 ? 16 : pl);
+                MD5_Update(&ctx,final,pl>16 ? 16 : pl);
        /* Don't leave anything around in vm they could use. */
-        memset(final, '\0', sizeof final);
+        memset(final,0,sizeof final);
        /* Then something really weird... */
-        for (j = 0, i = strlen(pw); i != 0; i >>= 1)
+        for (j=0,i = strlen(pw); i ; i >>= 1)
-                if (i & 1)
+                if(i&1)
-                        MD5_Update(&ctx, final + j, 1);
+                    MD5_Update(&ctx, final+j, 1);
                else
-                        MD5_Update(&ctx, pw + j, 1);
+                    MD5_Update(&ctx, pw+j, 1);
        /* Now make the output string */
-        snprintf(passwd, sizeof(passwd), "%s%s$", magic, salt_copy);
+        strcpy(passwd,magic);
+        strncat(passwd,sp,sl);
+        strcat(passwd,"$");
-        MD5_Final(final, &ctx);
+        MD5_Final(final,&ctx);
        /*
         * and now, just to make sure things don't run too fast
         * On a 60 Mhz Pentium this takes 34 msec, so you would
         * need 30 seconds to build a 1000 entry dictionary...
         */
-        for(i = 0; i < 1000; i++) {
+        for(i=0;i<1000;i++) {
                MD5_Init(&ctx1);
-                if (i & 1)
+                if(i & 1)
-                        MD5_Update(&ctx1, pw, strlen(pw));
+                        MD5_Update(&ctx1,pw,strlen(pw));
                else
-                        MD5_Update(&ctx1, final, 16);
+                        MD5_Update(&ctx1,final,16);
-                if (i % 3)
+                if(i % 3)
-                        MD5_Update(&ctx1, sp, sl);
+                        MD5_Update(&ctx1,sp,sl);
-                if (i % 7)
+                if(i % 7)
-                        MD5_Update(&ctx1, pw, strlen(pw));
+                        MD5_Update(&ctx1,pw,strlen(pw));
-                if (i & 1)
+                if(i & 1)
-                        MD5_Update(&ctx1, final, 16);
+                        MD5_Update(&ctx1,final,16);
                else
-                        MD5_Update(&ctx1, pw, strlen(pw));
+                        MD5_Update(&ctx1,pw,strlen(pw));
+                MD5_Final(final,&ctx1);
-                MD5_Final(final, &ctx1);
        }
        p = passwd + strlen(passwd);
-        l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
+        l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
-        strlcat(passwd, to64(l, 4), sizeof(passwd));
+        l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
-        l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
+        l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
-        strlcat(passwd, to64(l, 4), sizeof(passwd));
+        l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
-        l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
+        l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
-        strlcat(passwd, to64(l, 4), sizeof(passwd));
+        l =                    final[11]                ; to64(p,l,2); p += 2;
-        l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
+        *p = '\0';
-        strlcat(passwd, to64(l, 4), sizeof(passwd));
-        l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
-        strlcat(passwd, to64(l, 4), sizeof(passwd));
-        l =                    final[11]                ;
-        strlcat(passwd, to64(l, 2), sizeof(passwd));
        /* Don't leave anything around in vm they could use. */
-        memset(final, 0, sizeof(final));
+        memset(final,0,sizeof final);
-        memset(salt_copy, 0, sizeof(salt_copy));
-        memset(&ctx, 0, sizeof(ctx));
-        memset(&ctx1, 0, sizeof(ctx1));
-        (void)to64(0, 4);
-        return (passwd);
+        return passwd;
 }
 #endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */

diff --git a/md5crypt.c b/md5crypt.c index e14d53ac1..ba98ccccc 100644 --- a/md5crypt.c +++ b/md5crypt.c
@@ -1,165 +1,159 @@
1	/*	1	/*
2	* ----------------------------------------------------------------------------	2	* ----------------------------------------------------------------------------
3	* "THE BEER-WARE LICENSE" (Revision 42):	3	* "THE BEER-WARE LICENSE" (Revision 42):
4	* <phk@login.dknet.dk> wrote this file. As long as you retain this	4	* <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
5	* notice you can do whatever you want with this stuff. If we meet some	5	* can do whatever you want with this stuff. If we meet some day, and you think
6	* day, and you think this stuff is worth it, you can buy me a beer in	6	* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
7	* return. Poul-Henning Kamp
8	* ----------------------------------------------------------------------------	7	* ----------------------------------------------------------------------------
9	*/	8	*/
10		9
		10	/*
		11	* Ported from FreeBSD to Linux, only minimal changes. --marekm
		12	*/
		13
		14	/*
		15	* Adapted from shadow-19990607 by Tudor Bosman, tudorb@jm.nu
		16	*/
		17
11	#include "includes.h"	18	#include "includes.h"
12		19
		20	RCSID("$Id: md5crypt.c,v 1.5 2001/02/09 01:55:36 djm Exp $");
		21
13	#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)	22	#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
14	#include <openssl/md5.h>
15		23
16	RCSID("$Id: md5crypt.c,v 1.7 2003/05/30 06:58:23 dtucker Exp $");	24	#include <openssl/md5.h>
17		25
18	/* 0 ... 63 => ascii - 64 */	26	static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
19	static unsigned char itoa64[] =	27	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
20	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
21		28
22	static char *magic = "$1$";	29	static char magic = "$1$"; /
		30	* This string is magic for
		31	* this algorithm. Having
		32	* it this way, we can get
		33	* get better later on
		34	*/
23		35
24	static char *	36	static void
25	to64(unsigned long v, int n)	37	to64(char *s, unsigned long v, int n)
26	{	38	{
27	static char buf[5];
28	char *s = buf;
29
30	if (n > 4)
31	return (NULL);
32
33	memset(buf, '\0', sizeof(buf));
34	while (--n >= 0) {	39	while (--n >= 0) {
35	*s++ = itoa64[v&0x3f];	40	*s++ = itoa64[v&0x3f];
36	v >>= 6;	41	v >>= 6;
37	}	42	}
38
39	return (buf);
40	}	43	}
41		44
42	int	45	int
43	is_md5_salt(const char *salt)	46	is_md5_salt(const char *salt)
44	{	47	{
45	return (strncmp(salt, magic, strlen(magic)) == 0);	48	return (!strncmp(salt, magic, strlen(magic)));
46	}	49	}
47		50
		51	/*
		52	* UNIX password
		53	*
		54	* Use MD5 for what it is best at...
		55	*/
		56
48	char *	57	char *
49	md5_crypt(const char pw, const char salt)	58	md5_crypt(const char pw, const char salt)
50	{	59	{
51	static char passwd[120], salt_copy[9], *p;	60	static char passwd[120], *p;
52	static const char sp, ep;	61	static const char sp,ep;
53	unsigned char final[16];	62	unsigned char final[16];
54	int sl, pl, i, j;	63	int sl,pl,i,j;
55	MD5_CTX ctx, ctx1;	64	MD5_CTX ctx,ctx1;
56	unsigned long l;	65	unsigned long l;
57		66
58	/* Refine the Salt first */	67	/* Refine the Salt first */
59	sp = salt;	68	sp = salt;
60		69
61	/* If it starts with the magic string, then skip that */	70	/* If it starts with the magic string, then skip that */
62	if(strncmp(sp, magic, strlen(magic)) == 0)	71	if(!strncmp(sp,magic,strlen(magic)))
63	sp += strlen(magic);	72	sp += strlen(magic);
64		73
65	/* It stops at the first '$', max 8 chars */	74	/* It stops at the first '$', max 8 chars */
66	for (ep = sp; *ep != '$'; ep++) {	75	for(ep=sp;ep && ep != '$' && ep < (sp+8);ep++)
67	if (*ep == '\0' \|\| ep >= (sp + 8))	76	continue;
68	return (NULL);
69	}
70		77
71	/* get the length of the true salt */	78	/* get the length of the true salt */
72	sl = ep - sp;	79	sl = ep - sp;
73		80
74	/* Stash the salt */
75	memcpy(salt_copy, sp, sl);
76	salt_copy[sl] = '\0';
77
78	MD5_Init(&ctx);	81	MD5_Init(&ctx);
79		82
80	/* The password first, since that is what is most unknown */	83	/* The password first, since that is what is most unknown */
81	MD5_Update(&ctx, pw, strlen(pw));	84	MD5_Update(&ctx,pw,strlen(pw));
82		85
83	/* Then our magic string */	86	/* Then our magic string */
84	MD5_Update(&ctx, magic, strlen(magic));	87	MD5_Update(&ctx,magic,strlen(magic));
85		88
86	/* Then the raw salt */	89	/* Then the raw salt */
87	MD5_Update(&ctx, sp, sl);	90	MD5_Update(&ctx,sp,sl);
88		91
89	/* Then just as many characters of the MD5(pw, salt, pw) */	92	/* Then just as many characters of the MD5(pw,salt,pw) */
90	MD5_Init(&ctx1);	93	MD5_Init(&ctx1);
91	MD5_Update(&ctx1, pw, strlen(pw));	94	MD5_Update(&ctx1,pw,strlen(pw));
92	MD5_Update(&ctx1, sp, sl);	95	MD5_Update(&ctx1,sp,sl);
93	MD5_Update(&ctx1, pw, strlen(pw));	96	MD5_Update(&ctx1,pw,strlen(pw));
94	MD5_Final(final, &ctx1);	97	MD5_Final(final,&ctx1);
95
96	for(pl = strlen(pw); pl > 0; pl -= 16)	98	for(pl = strlen(pw); pl > 0; pl -= 16)
97	MD5_Update(&ctx, final, pl > 16 ? 16 : pl);	99	MD5_Update(&ctx,final,pl>16 ? 16 : pl);
98		100
99	/* Don't leave anything around in vm they could use. */	101	/* Don't leave anything around in vm they could use. */
100	memset(final, '\0', sizeof final);	102	memset(final,0,sizeof final);
101		103
102	/* Then something really weird... */	104	/* Then something really weird... */
103	for (j = 0, i = strlen(pw); i != 0; i >>= 1)	105	for (j=0,i = strlen(pw); i ; i >>= 1)
104	if (i & 1)	106	if(i&1)
105	MD5_Update(&ctx, final + j, 1);	107	MD5_Update(&ctx, final+j, 1);
106	else	108	else
107	MD5_Update(&ctx, pw + j, 1);	109	MD5_Update(&ctx, pw+j, 1);
108		110
109	/* Now make the output string */	111	/* Now make the output string */
110	snprintf(passwd, sizeof(passwd), "%s%s$", magic, salt_copy);	112	strcpy(passwd,magic);
		113	strncat(passwd,sp,sl);
		114	strcat(passwd,"$");
111		115
112	MD5_Final(final, &ctx);	116	MD5_Final(final,&ctx);
113		117
114	/*	118	/*
115	* and now, just to make sure things don't run too fast	119	* and now, just to make sure things don't run too fast
116	* On a 60 Mhz Pentium this takes 34 msec, so you would	120	* On a 60 Mhz Pentium this takes 34 msec, so you would
117	* need 30 seconds to build a 1000 entry dictionary...	121	* need 30 seconds to build a 1000 entry dictionary...
118	*/	122	*/
119	for(i = 0; i < 1000; i++) {	123	for(i=0;i<1000;i++) {
120	MD5_Init(&ctx1);	124	MD5_Init(&ctx1);
121	if (i & 1)	125	if(i & 1)
122	MD5_Update(&ctx1, pw, strlen(pw));	126	MD5_Update(&ctx1,pw,strlen(pw));
123	else	127	else
124	MD5_Update(&ctx1, final, 16);	128	MD5_Update(&ctx1,final,16);
125		129
126	if (i % 3)	130	if(i % 3)
127	MD5_Update(&ctx1, sp, sl);	131	MD5_Update(&ctx1,sp,sl);
128		132
129	if (i % 7)	133	if(i % 7)
130	MD5_Update(&ctx1, pw, strlen(pw));	134	MD5_Update(&ctx1,pw,strlen(pw));
131		135
132	if (i & 1)	136	if(i & 1)
133	MD5_Update(&ctx1, final, 16);	137	MD5_Update(&ctx1,final,16);
134	else	138	else
135	MD5_Update(&ctx1, pw, strlen(pw));	139	MD5_Update(&ctx1,pw,strlen(pw));
136		140	MD5_Final(final,&ctx1);
137	MD5_Final(final, &ctx1);
138	}	141	}
139		142
140	p = passwd + strlen(passwd);	143	p = passwd + strlen(passwd);
141		144
142	l = (final[ 0]<<16) \| (final[ 6]<<8) \| final[12];	145	l = (final[ 0]<<16) \| (final[ 6]<<8) \| final[12]; to64(p,l,4); p += 4;
143	strlcat(passwd, to64(l, 4), sizeof(passwd));	146	l = (final[ 1]<<16) \| (final[ 7]<<8) \| final[13]; to64(p,l,4); p += 4;
144	l = (final[ 1]<<16) \| (final[ 7]<<8) \| final[13];	147	l = (final[ 2]<<16) \| (final[ 8]<<8) \| final[14]; to64(p,l,4); p += 4;
145	strlcat(passwd, to64(l, 4), sizeof(passwd));	148	l = (final[ 3]<<16) \| (final[ 9]<<8) \| final[15]; to64(p,l,4); p += 4;
146	l = (final[ 2]<<16) \| (final[ 8]<<8) \| final[14];	149	l = (final[ 4]<<16) \| (final[10]<<8) \| final[ 5]; to64(p,l,4); p += 4;
147	strlcat(passwd, to64(l, 4), sizeof(passwd));	150	l = final[11] ; to64(p,l,2); p += 2;
148	l = (final[ 3]<<16) \| (final[ 9]<<8) \| final[15];	151	*p = '\0';
149	strlcat(passwd, to64(l, 4), sizeof(passwd));
150	l = (final[ 4]<<16) \| (final[10]<<8) \| final[ 5];
151	strlcat(passwd, to64(l, 4), sizeof(passwd));
152	l = final[11] ;
153	strlcat(passwd, to64(l, 2), sizeof(passwd));
154		152
155	/* Don't leave anything around in vm they could use. */	153	/* Don't leave anything around in vm they could use. */
156	memset(final, 0, sizeof(final));	154	memset(final,0,sizeof final);
157	memset(salt_copy, 0, sizeof(salt_copy));
158	memset(&ctx, 0, sizeof(ctx));
159	memset(&ctx1, 0, sizeof(ctx1));
160	(void)to64(0, 4);
161		155
162	return (passwd);	156	return passwd;
163	}	157	}
164		158
165	#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */	159	#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */