remove md5crypt.

while changing things, add a crypt_checkpass wrapper that handles most of the edge cases. (not quite ready for production, though.) ok deraadt
author: tedu <> 2014-05-12 19:13:14 +0000
committer: tedu <> 2014-05-12 19:13:14 +0000
commit: 9d93f27329372e68682819911c1e89467694ad93 (patch)
tree: 6b0f520cc57a8e1702644a31adcd0c82d71c728a /src/lib/libc/crypt/md5crypt.c
parent: 1b7bf9f1ebd8096b9d44b3bf148bd664715501ab (diff)
download: openbsd-9d93f27329372e68682819911c1e89467694ad93.tar.gz
openbsd-9d93f27329372e68682819911c1e89467694ad93.tar.bz2
openbsd-9d93f27329372e68682819911c1e89467694ad93.zip
1 files changed, 0 insertions, 160 deletions
diff --git a/src/lib/libc/crypt/md5crypt.c b/src/lib/libc/crypt/md5crypt.c
deleted file mode 100644
index a855835bcc..0000000000
--- a/src/lib/libc/crypt/md5crypt.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*      $OpenBSD: md5crypt.c,v 1.17 2014/04/03 15:55:29 beck Exp $      */
-/*
- * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-/*
- * If we meet some day, and you think this stuff is worth it, you
- * can buy me a beer in return. Poul-Henning Kamp
- */
-#include <unistd.h>
-#include <stdio.h>
-#include <string.h>
-#include <md5.h>
-#include <string.h>
-static unsigned char itoa64[] =         /* 0 ... 63 => ascii - 64 */
-        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-static void to64(char *, u_int32_t, int);
-static void
-to64(char *s, u_int32_t v, int n)
-{
-        while (--n >= 0) {
-                *s++ = itoa64[v&0x3f];
-                v >>= 6;
-        }
-}
-/*
- * UNIX password
- *
- * Use MD5 for what it is best at...
- */
-char *md5crypt(const char *pw, const char *salt);
-char *
-md5crypt(const char *pw, const char *salt)
-{
-        /*
-         * This string is the magic for this algorithm.
-         * Having it this way, we can get better later on.
-         */
-        static unsigned char    *magic = (unsigned char *)"$1$";
-        static char     passwd[120], *p;
-        static const unsigned char *sp,*ep;
-        unsigned char   final[16];
-        int sl,pl,i;
-        MD5_CTX ctx,ctx1;
-        u_int32_t l;
-        /* Refine the salt first */
-        sp = (const unsigned char *)salt;
-        /* If it starts with the magic string, then skip that */
-        if(!strncmp((const char *)sp,(const char *)magic,strlen((const char *)magic)))
-                sp += strlen((const char *)magic);
-        /* It stops at the first '$', max 8 chars */
-        for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
-                continue;
-        /* get the length of the true salt */
-        sl = ep - sp;
-        MD5Init(&ctx);
-        /* The password first, since that is what is most unknown */
-        MD5Update(&ctx,(const unsigned char *)pw,strlen(pw));
-        /* Then our magic string */
-        MD5Update(&ctx,magic,strlen((const char *)magic));
-        /* Then the raw salt */
-        MD5Update(&ctx,sp,sl);
-        /* Then just as many characters of the MD5(pw,salt,pw) */
-        MD5Init(&ctx1);
-        MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
-        MD5Update(&ctx1,sp,sl);
-        MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
-        MD5Final(final,&ctx1);
-        for(pl = strlen(pw); pl > 0; pl -= 16)
-                MD5Update(&ctx,final,pl>16 ? 16 : pl);
-        /* Don't leave anything around in vm they could use. */
-        memset(final,0,sizeof final);
-        /* Then something really weird... */
-        for (i = strlen(pw); i ; i >>= 1)
-                if(i&1)
-                    MD5Update(&ctx, final, 1);
-                else
-                    MD5Update(&ctx, (const unsigned char *)pw, 1);
-        /* Now make the output string */
-        snprintf(passwd, sizeof(passwd), "%s%.*s$", (char *)magic,
-            sl, (const char *)sp);
-        MD5Final(final,&ctx);
-        /*
-         * And now, just to make sure things don't run too fast
-         * On a 60 MHz Pentium this takes 34 msec, so you would
-         * need 30 seconds to build a 1000 entry dictionary...
-         * On a modern machine, with possible GPU optimization,
-         * this will run a lot faster than that.
-         */
-        for(i=0;i<1000;i++) {
-                MD5Init(&ctx1);
-                if(i & 1)
-                        MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
-                else
-                        MD5Update(&ctx1,final,16);
-                if(i % 3)
-                        MD5Update(&ctx1,sp,sl);
-                if(i % 7)
-                        MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
-                if(i & 1)
-                        MD5Update(&ctx1,final,16);
-                else
-                        MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
-                MD5Final(final,&ctx1);
-        }
-        p = passwd + strlen(passwd);
-        l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
-        l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
-        l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
-        l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
-        l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
-        l =                    final[11]                ; to64(p,l,2); p += 2;
-        *p = '\0';
-        /* Don't leave anything around in vm they could use. */
-        memset(final, 0, sizeof final);
-        return passwd;
-}
author	tedu <>	2014-05-12 19:13:14 +0000
committer	tedu <>	2014-05-12 19:13:14 +0000
commit	9d93f27329372e68682819911c1e89467694ad93 (patch)
tree	6b0f520cc57a8e1702644a31adcd0c82d71c728a /src/lib/libc/crypt/md5crypt.c
parent	1b7bf9f1ebd8096b9d44b3bf148bd664715501ab (diff)
download	openbsd-9d93f27329372e68682819911c1e89467694ad93.tar.gz openbsd-9d93f27329372e68682819911c1e89467694ad93.tar.bz2 openbsd-9d93f27329372e68682819911c1e89467694ad93.zip

diff --git a/src/lib/libc/crypt/md5crypt.c b/src/lib/libc/crypt/md5crypt.c deleted file mode 100644 index a855835bcc..0000000000 --- a/src/lib/libc/crypt/md5crypt.c +++ /dev/null
@@ -1,160 +0,0 @@
1	/* $OpenBSD: md5crypt.c,v 1.17 2014/04/03 15:55:29 beck Exp $ */
2
3	/*
4	* Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org>
5	*
6	* Permission to use, copy, modify, and distribute this software for any
7	* purpose with or without fee is hereby granted, provided that the above
8	* copyright notice and this permission notice appear in all copies.
9	*
10	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17	*/
18
19	/*
20	* If we meet some day, and you think this stuff is worth it, you
21	* can buy me a beer in return. Poul-Henning Kamp
22	*/
23
24	#include <unistd.h>
25	#include <stdio.h>
26	#include <string.h>
27	#include <md5.h>
28	#include <string.h>
29
30	static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
31	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
32
33	static void to64(char *, u_int32_t, int);
34
35	static void
36	to64(char *s, u_int32_t v, int n)
37	{
38	while (--n >= 0) {
39	*s++ = itoa64[v&0x3f];
40	v >>= 6;
41	}
42	}
43
44	/*
45	* UNIX password
46	*
47	* Use MD5 for what it is best at...
48	*/
49
50	char md5crypt(const char pw, const char *salt);
51
52	char *
53	md5crypt(const char pw, const char salt)
54	{
55	/*
56	* This string is the magic for this algorithm.
57	* Having it this way, we can get better later on.
58	*/
59	static unsigned char magic = (unsigned char )"$1$";
60
61	static char passwd[120], *p;
62	static const unsigned char sp,ep;
63	unsigned char final[16];
64	int sl,pl,i;
65	MD5_CTX ctx,ctx1;
66	u_int32_t l;
67
68	/* Refine the salt first */
69	sp = (const unsigned char *)salt;
70
71	/* If it starts with the magic string, then skip that */
72	if(!strncmp((const char )sp,(const char )magic,strlen((const char *)magic)))
73	sp += strlen((const char *)magic);
74
75	/* It stops at the first '$', max 8 chars */
76	for(ep=sp;ep && ep != '$' && ep < (sp+8);ep++)
77	continue;
78
79	/* get the length of the true salt */
80	sl = ep - sp;
81
82	MD5Init(&ctx);
83
84	/* The password first, since that is what is most unknown */
85	MD5Update(&ctx,(const unsigned char *)pw,strlen(pw));
86
87	/* Then our magic string */
88	MD5Update(&ctx,magic,strlen((const char *)magic));
89
90	/* Then the raw salt */
91	MD5Update(&ctx,sp,sl);
92
93	/* Then just as many characters of the MD5(pw,salt,pw) */
94	MD5Init(&ctx1);
95	MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
96	MD5Update(&ctx1,sp,sl);
97	MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
98	MD5Final(final,&ctx1);
99	for(pl = strlen(pw); pl > 0; pl -= 16)
100	MD5Update(&ctx,final,pl>16 ? 16 : pl);
101
102	/* Don't leave anything around in vm they could use. */
103	memset(final,0,sizeof final);
104
105	/* Then something really weird... */
106	for (i = strlen(pw); i ; i >>= 1)
107	if(i&1)
108	MD5Update(&ctx, final, 1);
109	else
110	MD5Update(&ctx, (const unsigned char *)pw, 1);
111
112	/* Now make the output string */
113	snprintf(passwd, sizeof(passwd), "%s%.s$", (char )magic,
114	sl, (const char *)sp);
115
116	MD5Final(final,&ctx);
117
118	/*
119	* And now, just to make sure things don't run too fast
120	* On a 60 MHz Pentium this takes 34 msec, so you would
121	* need 30 seconds to build a 1000 entry dictionary...
122	* On a modern machine, with possible GPU optimization,
123	* this will run a lot faster than that.
124	*/
125	for(i=0;i<1000;i++) {
126	MD5Init(&ctx1);
127	if(i & 1)
128	MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
129	else
130	MD5Update(&ctx1,final,16);
131
132	if(i % 3)
133	MD5Update(&ctx1,sp,sl);
134
135	if(i % 7)
136	MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
137
138	if(i & 1)
139	MD5Update(&ctx1,final,16);
140	else
141	MD5Update(&ctx1,(const unsigned char *)pw,strlen(pw));
142	MD5Final(final,&ctx1);
143	}
144
145	p = passwd + strlen(passwd);
146
147	l = (final[ 0]<<16) \| (final[ 6]<<8) \| final[12]; to64(p,l,4); p += 4;
148	l = (final[ 1]<<16) \| (final[ 7]<<8) \| final[13]; to64(p,l,4); p += 4;
149	l = (final[ 2]<<16) \| (final[ 8]<<8) \| final[14]; to64(p,l,4); p += 4;
150	l = (final[ 3]<<16) \| (final[ 9]<<8) \| final[15]; to64(p,l,4); p += 4;
151	l = (final[ 4]<<16) \| (final[10]<<8) \| final[ 5]; to64(p,l,4); p += 4;
152	l = final[11] ; to64(p,l,2); p += 2;
153	*p = '\0';
154
155	/* Don't leave anything around in vm they could use. */
156	memset(final, 0, sizeof final);
157
158	return passwd;
159	}
160