simplify crypt_checkpass. The API promise is that this function doesn't

use global data. The simplest fix is to only check blowfish passwords,
and implicitly lock out DES passwords.
crypt_checkpass is currently only used in one place, passwd, to verify
the local user's password, so this is probably acceptable.
Gives people a little more time to migrate away from DES before introduing
checkpass into more places.

1 files changed, 5 insertions, 11 deletions

diff --git a/src/lib/libc/crypt/cryptutil.c b/src/lib/libc/crypt/cryptutil.c
index ca8be8fa0f..f101240524 100644
--- a/src/lib/libc/crypt/cryptutil.c
+++ b/src/lib/libc/crypt/cryptutil.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptutil.c,v 1.5 2014/11/24 21:36:35 tedu Exp $ */
+/* $OpenBSD: cryptutil.c,v 1.6 2014/12/24 22:10:34 tedu Exp $ */
 /*
  * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
  *
@@ -29,8 +29,7 @@ crypt_checkpass(const char *pass, const char *goodhash)
 
         if (goodhash == NULL) {
                 /* fake it */
-                bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
-                goto fail;
+                goto fake;
         }
 
         /* empty password */
@@ -43,14 +42,9 @@ crypt_checkpass(const char *pass, const char *goodhash)
                 return 0;
         }
 
-        /* have to do it the hard way */
-        res = crypt(pass, goodhash);
-        if (res == NULL || strlen(res) != strlen(goodhash) ||
-            timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) {
-                goto fail;
-        }
-
-        return 0;
+        /* unsupported. fake it. */
+fake:
+        bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
 fail:
         errno = EACCES;
         return -1;