d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9886bcdf93
freebsd-dev/lib/libcrypt/crypt.c
Peter Wemm 9886bcdf93 Merge into a single US-exportable libcrypt, which only provides 
one-way hash functions for authentication purposes.  There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before.  If this is
  not called, it tries to heuristically figure out the hash format, and
  if all else fails, it uses the optional auth.conf entry to chose the
  overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
  having the source it in some countries, so preserve the "secure/*"
  division.  You can still build a des-free libcrypt library if you want
  to badly enough.  This should not be a problem in the US or exporting
  from the US as freebsd.org had notified BXA some time ago.  That makes
  this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5.  This
  is to try and minimize POLA across buildworld where folk may suddenly
  be activating des-crypt()-hash support.  Since the des hash may not
  always be present, it seemed sensible to make the stronger md5 algorithm
  the default.
All things being equal, no functionality is lost.

Reviewed-by: jkh

(flame-proof suit on)
2000-12-28 10:32:02 +00:00

123 lines
2.9 KiB
C
Raw Blame History

/*
* Copyright (c) 1999
* Mark Murray. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*
*/
#if defined(LIBC_SCCS) && !defined(lint)
static const char rcsid[] =
"$FreeBSD$";
#endif /* LIBC_SCCS and not lint */
#include <sys/types.h>
#include <string.h>
#include <libutil.h>
#include "crypt.h"
static const struct {
const char *const name;
char *(*const func)(const char *, const char *);
const char *const magic;
} crypt_types[] = {
{
"md5",
crypt_md5,
"$1$"
},
#ifdef HAS_DES
{
"des",
crypt_des,
NULL
},
#endif
{
NULL,
NULL
}
};
static int crypt_type = -1;
static void
crypt_setdefault(void)
{
char *def;
int i;
if (crypt_type != -1)
return;
def = auth_getval("crypt_default");
if (def == NULL) {
crypt_type = 0;
return;
}
for (i = 0; i < sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) {
if (strcmp(def, crypt_types[i].name) == 0) {
crypt_type = i;
return;
}
}
crypt_type = 0;
}
const char *
crypt_get_format(void)
{
crypt_setdefault();
return (crypt_types[crypt_type].name);
}
int
crypt_set_format(char *type)
{
int i;
crypt_setdefault();
for (i = 0; i < sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) {
if (strcmp(type, crypt_types[i].name) == 0) {
crypt_type = i;
return (1);
}
}
return (0);
}
char *
crypt(char *passwd, char *salt)
{
int i;
crypt_setdefault();
for (i = 0; i < sizeof(crypt_types) / sizeof(crypt_types[0]) - 1; i++) {
if (crypt_types[i].magic != NULL && strncmp(salt,
crypt_types[i].magic, strlen(crypt_types[i].magic)) == 0)
return (crypt_types[i].func(passwd, salt));
}
return (crypt_types[crypt_type].func(passwd, salt));
}
Reference in New Issue View Git Blame Copy Permalink