simplify crypt_checkpass. The API promise is that this function doesn't

use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.

1 files changed, 5 insertions, 11 deletions

diff --git a/lib/libc/crypt/cryptutil.c b/lib/libc/crypt/cryptutil.c
index ca8be8fa0f3..f101240524e 100644
--- a/lib/libc/crypt/cryptutil.c
+++ b/lib/libc/crypt/cryptutil.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptutil.c,v 1.5 2014/11/24 21:36:35 tedu Exp $ */
+/* $OpenBSD: cryptutil.c,v 1.6 2014/12/24 22:10:34 tedu Exp $ */
 /*
  * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
  *
@@ -29,8 +29,7 @@ crypt_checkpass(const char *pass, const char *goodhash)
 
 	if (goodhash == NULL) {
 		/* fake it */
-		bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
-		goto fail;
+		goto fake;
 	}
 
 	/* empty password */
@@ -43,14 +42,9 @@ crypt_checkpass(const char *pass, const char *goodhash)
 		return 0;
 	}
 
-	/* have to do it the hard way */
-	res = crypt(pass, goodhash);
-	if (res == NULL || strlen(res) != strlen(goodhash) ||
-	    timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) {
-		goto fail;
-	}
-
-	return 0;
+	/* unsupported. fake it. */
+fake:
+	bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
 fail:
 	errno = EACCES;
 	return -1;