diff options
author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-12-24 22:10:35 +0000 |
---|---|---|
committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-12-24 22:10:35 +0000 |
commit | ce88a58c21e86c6dffe61e0505f6bea3b60d3331 (patch) | |
tree | 7f3864b1ad5a7abdb4343fdd2297f08c140841c3 /lib/libc | |
parent | 5693512e1fc3d8f07d77a92d44cd46a2e7685508 (diff) |
simplify crypt_checkpass. The API promise is that this function doesn't
use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.
Diffstat (limited to 'lib/libc')
-rw-r--r-- | lib/libc/crypt/cryptutil.c | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/lib/libc/crypt/cryptutil.c b/lib/libc/crypt/cryptutil.c index ca8be8fa0f3..f101240524e 100644 --- a/lib/libc/crypt/cryptutil.c +++ b/lib/libc/crypt/cryptutil.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptutil.c,v 1.5 2014/11/24 21:36:35 tedu Exp $ */ +/* $OpenBSD: cryptutil.c,v 1.6 2014/12/24 22:10:34 tedu Exp $ */ /* * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> * @@ -29,8 +29,7 @@ crypt_checkpass(const char *pass, const char *goodhash) if (goodhash == NULL) { /* fake it */ - bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); - goto fail; + goto fake; } /* empty password */ @@ -43,14 +42,9 @@ crypt_checkpass(const char *pass, const char *goodhash) return 0; } - /* have to do it the hard way */ - res = crypt(pass, goodhash); - if (res == NULL || strlen(res) != strlen(goodhash) || - timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) { - goto fail; - } - - return 0; + /* unsupported. fake it. */ +fake: + bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); fail: errno = EACCES; return -1; |