aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenis Vlasenko <vda.linux@googlemail.com>2008-06-12 16:56:52 +0000
committerDenis Vlasenko <vda.linux@googlemail.com>2008-06-12 16:56:52 +0000
commitfdddab0c61c55c25d4218d4370e2b16a7936a794 (patch)
treebf93480018a52ab051189222248b6d04af98d7d4
parent4ea83bf562c44a6792e7c77e7d87cba91f86f763 (diff)
downloadbusybox-w32-fdddab0c61c55c25d4218d4370e2b16a7936a794.tar.gz
busybox-w32-fdddab0c61c55c25d4218d4370e2b16a7936a794.tar.bz2
busybox-w32-fdddab0c61c55c25d4218d4370e2b16a7936a794.zip
make pw_encrypt() return malloc'ed string.
text data bss dec hex filename 759802 604 6684 767090 bb472 busybox_old 759804 604 6676 767084 bb46c busybox_unstripped
Diffstat
-rw-r--r--include/libbb.h2
-rw-r--r--libbb/correct_password.c5
-rw-r--r--libbb/pw_encrypt.c7
-rw-r--r--loginutils/chpasswd.c1
-rw-r--r--loginutils/passwd.c13
-rw-r--r--loginutils/sulogin.c8
-rw-r--r--networking/httpd.c8
7 files changed, 27 insertions, 17 deletions
diff --git a/include/libbb.h b/include/libbb.h
index bd2dbe573..655ca01a5 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1031,7 +1031,7 @@ extern int restricted_shell(const char *shell);
1031 */ 1031 */
1032extern void setup_environment(const char *shell, int clear_env, int change_env, const struct passwd *pw); 1032extern void setup_environment(const char *shell, int clear_env, int change_env, const struct passwd *pw);
1033extern int correct_password(const struct passwd *pw); 1033extern int correct_password(const struct passwd *pw);
1034/* Returns a ptr to static storage */ 1034/* Returns a malloced string */
1035extern char *pw_encrypt(const char *clear, const char *salt, int cleanup); 1035extern char *pw_encrypt(const char *clear, const char *salt, int cleanup);
1036extern int obscure(const char *old, const char *newval, const struct passwd *pwdp); 1036extern int obscure(const char *old, const char *newval, const struct passwd *pwdp);
1037/* rnd is additional random input. New one is returned. 1037/* rnd is additional random input. New one is returned.
diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index a4ded8b5f..f0b9384ea 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -40,6 +40,7 @@ int correct_password(const struct passwd *pw)
40{ 40{
41 char *unencrypted, *encrypted; 41 char *unencrypted, *encrypted;
42 const char *correct; 42 const char *correct;
43 int r;
43#if ENABLE_FEATURE_SHADOWPASSWDS 44#if ENABLE_FEATURE_SHADOWPASSWDS
44 /* Using _r function to avoid pulling in static buffers */ 45 /* Using _r function to avoid pulling in static buffers */
45 struct spwd spw; 46 struct spwd spw;
@@ -72,6 +73,8 @@ int correct_password(const struct passwd *pw)
72 return 0; 73 return 0;
73 } 74 }
74 encrypted = pw_encrypt(unencrypted, correct, 1); 75 encrypted = pw_encrypt(unencrypted, correct, 1);
76 r = (strcmp(encrypted, correct) == 0);
77 free(encrypted);
75 memset(unencrypted, 0, strlen(unencrypted)); 78 memset(unencrypted, 0, strlen(unencrypted));
76 return strcmp(encrypted, correct) == 0; 79 return r;
77} 80}
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index d439fc3b4..762cbab27 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -54,7 +54,7 @@ static void my_crypt_cleanup(void)
54 54
55char *pw_encrypt(const char *clear, const char *salt, int cleanup) 55char *pw_encrypt(const char *clear, const char *salt, int cleanup)
56{ 56{
57 static char *cipher; 57 char *encrypted;
58 58
59#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */ 59#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
60 if (strncmp(salt, "$2$", 3) == 0) { 60 if (strncmp(salt, "$2$", 3) == 0) {
@@ -62,11 +62,10 @@ char *pw_encrypt(const char *clear, const char *salt, int cleanup)
62 } 62 }
63#endif 63#endif
64 64
65 free(cipher); 65 encrypted = my_crypt(clear, salt);
66 cipher = my_crypt(clear, salt);
67 66
68 if (cleanup) 67 if (cleanup)
69 my_crypt_cleanup(); 68 my_crypt_cleanup();
70 69
71 return cipher; 70 return encrypted;
72} 71}
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index 230ab0fc9..7308596ad 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -65,6 +65,7 @@ int chpasswd_main(int argc ATTRIBUTE_UNUSED, char **argv)
65 bb_info_msg("Password for '%s' changed", name); 65 bb_info_msg("Password for '%s' changed", name);
66 logmode = LOGMODE_STDIO; 66 logmode = LOGMODE_STDIO;
67 free(name); 67 free(name);
68 free(pass);
68 } 69 }
69 70
70 return 0; 71 return 0;
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index fad226c00..0a31137cf 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -16,22 +16,24 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
16 char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */ 16 char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */
17 char *orig = (char*)""; 17 char *orig = (char*)"";
18 char *newp = NULL; 18 char *newp = NULL;
19 char *cipher = NULL;
20 char *cp = NULL; 19 char *cp = NULL;
21 char *ret = NULL; /* failure so far */ 20 char *ret = NULL; /* failure so far */
22 21
23 if (myuid && pw->pw_passwd[0]) { 22 if (myuid && pw->pw_passwd[0]) {
23 char *encrypted;
24
24 orig = bb_askpass(0, "Old password:"); /* returns ptr to static */ 25 orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
25 if (!orig) 26 if (!orig)
26 goto err_ret; 27 goto err_ret;
27 cipher = pw_encrypt(orig, pw->pw_passwd, 1); /* returns ptr to static */ 28 encrypted = pw_encrypt(orig, pw->pw_passwd, 1); /* returns malloced str */
28 if (strcmp(cipher, pw->pw_passwd) != 0) { 29 if (strcmp(encrypted, pw->pw_passwd) != 0) {
29 syslog(LOG_WARNING, "incorrect password for '%s'", 30 syslog(LOG_WARNING, "incorrect password for '%s'",
30 pw->pw_name); 31 pw->pw_name);
31 bb_do_delay(FAIL_DELAY); 32 bb_do_delay(FAIL_DELAY);
32 puts("Incorrect password"); 33 puts("Incorrect password");
33 goto err_ret; 34 goto err_ret;
34 } 35 }
36 if (ENABLE_FEATURE_CLEAN_UP) free(encrypted);
35 } 37 }
36 orig = xstrdup(orig); /* or else bb_askpass() will destroy it */ 38 orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
37 newp = bb_askpass(0, "New password:"); /* returns ptr to static */ 39 newp = bb_askpass(0, "New password:"); /* returns ptr to static */
@@ -55,8 +57,8 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
55 strcpy(salt, "$1$"); 57 strcpy(salt, "$1$");
56 crypt_make_salt(salt + 3, 4, 0); 58 crypt_make_salt(salt + 3, 4, 0);
57 } 59 }
58 /* pw_encrypt returns ptr to static */ 60 /* pw_encrypt returns malloced str */
59 ret = xstrdup(pw_encrypt(newp, salt, 1)); 61 ret = pw_encrypt(newp, salt, 1);
60 /* whee, success! */ 62 /* whee, success! */
61 63
62 err_ret: 64 err_ret:
@@ -64,7 +66,6 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
64 if (ENABLE_FEATURE_CLEAN_UP) free(orig); 66 if (ENABLE_FEATURE_CLEAN_UP) free(orig);
65 nuke_str(newp); 67 nuke_str(newp);
66 if (ENABLE_FEATURE_CLEAN_UP) free(newp); 68 if (ENABLE_FEATURE_CLEAN_UP) free(newp);
67 nuke_str(cipher);
68 nuke_str(cp); 69 nuke_str(cp);
69 return ret; 70 return ret;
70} 71}
diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index f52ce8a95..38812a6cc 100644
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -72,6 +72,9 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
72#endif 72#endif
73 73
74 while (1) { 74 while (1) {
75 char *encrypted;
76 int r;
77
75 /* cp points to a static buffer that is zeroed every time */ 78 /* cp points to a static buffer that is zeroed every time */
76 cp = bb_askpass(timeout, 79 cp = bb_askpass(timeout,
77 "Give root password for system maintenance\n" 80 "Give root password for system maintenance\n"
@@ -81,7 +84,10 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv)
81 bb_info_msg("Normal startup"); 84 bb_info_msg("Normal startup");
82 return 0; 85 return 0;
83 } 86 }
84 if (strcmp(pw_encrypt(cp, pwd->pw_passwd, 1), pwd->pw_passwd) == 0) { 87 encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
88 r = strcmp(encrypted, pwd->pw_passwd);
89 free(encrypted);
90 if (r == 0) {
85 break; 91 break;
86 } 92 }
87 bb_do_delay(FAIL_DELAY); 93 bb_do_delay(FAIL_DELAY);
diff --git a/networking/httpd.c b/networking/httpd.c
index 78c6f4d1d..352a97d3c 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -1721,7 +1721,6 @@ static int checkPerm(const char *path, const char *request)
1721 } 1721 }
1722 1722
1723 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { 1723 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
1724 char *cipher;
1725 char *pp; 1724 char *pp;
1726 1725
1727 if (strncmp(p, request, u - request) != 0) { 1726 if (strncmp(p, request, u - request) != 0) {
@@ -1732,9 +1731,10 @@ static int checkPerm(const char *path, const char *request)
1732 if (pp && pp[1] == '$' && pp[2] == '1' 1731 if (pp && pp[1] == '$' && pp[2] == '1'
1733 && pp[3] == '$' && pp[4] 1732 && pp[3] == '$' && pp[4]
1734 ) { 1733 ) {
1735 pp++; 1734 char *encrypted = pw_encrypt(u+1, ++pp, 1);
1736 cipher = pw_encrypt(u+1, pp, 1); 1735 int r = strcmp(encrypted, pp);
1737 if (strcmp(cipher, pp) == 0) 1736 free(encrypted);
1737 if (r == 0)
1738 goto set_remoteuser_var; /* Ok */ 1738 goto set_remoteuser_var; /* Ok */
1739 /* unauthorized */ 1739 /* unauthorized */
1740 continue; 1740 continue;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 15:49:21 +0000