split crypt_checkpass off into a new file

author: tedu <> 2014-11-20 19:18:25 +0000
committer: tedu <> 2014-11-20 19:18:25 +0000
commit: e2e79e022bd0815f76ca57243324eb59f75899be (patch)
tree: 3eb435e8491f8320373632f0ccde7c838d55514d /src/lib/libc/crypt
parent: 9a3a3e0abe3dbaf29a4781c95bb7ff180bd6a104 (diff)
download: openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.tar.gz
openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.tar.bz2
openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.zip
3 files changed, 73 insertions, 36 deletions
diff --git a/src/lib/libc/crypt/Makefile.inc b/src/lib/libc/crypt/Makefile.inc
index c22c2d1efb..f4cf2de027 100644
--- a/src/lib/libc/crypt/Makefile.inc
+++ b/src/lib/libc/crypt/Makefile.inc
@@ -1,15 +1,15 @@
-#       $OpenBSD: Makefile.inc,v 1.23 2014/11/18 22:17:50 jmc Exp $
+#       $OpenBSD: Makefile.inc,v 1.24 2014/11/20 19:18:25 tedu Exp $
 .PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/crypt ${LIBCSRCDIR}/crypt
 SRCS+=  crypt.c crypt2.c cryptutil.c arc4random.c arc4random_uniform.c \
        blowfish.c bcrypt.c
-MAN+=   crypt.3 blowfish.3 arc4random.3
+MAN+=   crypt.3 crypt_checkpass.3 blowfish.3 arc4random.3
-MLINKS+=crypt.3 setkey.3 crypt.3 crypt_checkpass.3
+MLINKS+=crypt.3 setkey.3 crypt.3 encrypt.3
-MLINKS+=crypt.3 crypt_newhash.3 crypt.3 encrypt.3
 MLINKS+=crypt.3 des_setkey.3 crypt.3 des_cipher.3
 MLINKS+=crypt.3 bcrypt_gensalt.3 crypt.3 bcrypt.3
+MLINKS+=crypt_checkpass.3 crypt_newhash.3
 MLINKS+=blowfish.3 blf_key.3 blowfish.3 blf_enc.3
 MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3
 MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3
diff --git a/src/lib/libc/crypt/crypt.3 b/src/lib/libc/crypt/crypt.3
index 636e49d106..f01f996445 100644
--- a/src/lib/libc/crypt/crypt.3
+++ b/src/lib/libc/crypt/crypt.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: crypt.3,v 1.40 2014/11/18 22:17:50 jmc Exp $
+.\" $OpenBSD: crypt.3,v 1.41 2014/11/20 19:18:25 tedu Exp $
 .\"
 .\" FreeSec: libcrypt
 .\"
@@ -31,13 +31,11 @@
 .\"
 .\" Manual page, using -mandoc macros
 .\"
-.Dd $Mdocdate: November 18 2014 $
+.Dd $Mdocdate: November 20 2014 $
 .Dt CRYPT 3
 .Os
 .Sh NAME
 .Nm crypt ,
-.Nm crypt_checkpass ,
-.Nm crypt_newhash ,
 .Nm setkey ,
 .Nm encrypt ,
 .Nm des_setkey ,
@@ -54,10 +52,6 @@
 .Ft char *
 .Fn crypt "const char *key" "const char *setting"
 .Ft int
-.Fn crypt_checkpass "const char *password" "const char *hash"
-.Ft int
-.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
-.Ft int
 .Fn encrypt "char *block" "int flag"
 .Ft int
 .Fn des_setkey "const char *key"
@@ -69,6 +63,11 @@
 .Ft char *
 .Fn bcrypt "const char *key" "const char *salt"
 .Sh DESCRIPTION
+These functions are deprecated in favor of
+.Xr crypt_checkpass 3
+and
+.Xr crypt_newhash 3 .
+.Pp
 The
 .Fn crypt
 function performs password hashing based on the
@@ -94,30 +93,6 @@ and a number then a different algorithm is used depending on the number.
 At the moment
 .Ql $2
 chooses Blowfish hashing; see below for more information.
-.Pp
-The
-.Fn crypt_checkpass
-function is provided to simplify checking a user's password.
-If both the hash and the password are the empty string, authentication
-is a success.
-Otherwise, the password is hashed and compared to the provided hash.
-If the hash is NULL, authentication will always fail, but a default
-amount of work is performed to simulate the hashing operation.
-A successful match will return 0.
-A failure will return \-1 and set errno.
-.Pp
-The
-.Fn crypt_newhash
-function is provided to simplify the creation of new password hashes.
-The provided
-.Fa password
-is randomly salted and hashed and stored in
-.Fa hash .
-The login class argument
-.Fa lc
-is used to identify the preferred hashing algorithm and parameters.
-Refer to
-.Xr login.conf 5 .
 .Ss Extended crypt
 The
 .Ar key
@@ -298,6 +273,7 @@ return 0 on success and 1 on failure.
 .Xr login 1 ,
 .Xr passwd 1 ,
 .Xr blowfish 3 ,
+.Xr crypt_checkpass 3 ,
 .Xr getpass 3 ,
 .Xr md5 3 ,
 .Xr passwd 5
diff --git a/src/lib/libc/crypt/crypt_checkpass.3 b/src/lib/libc/crypt/crypt_checkpass.3
new file mode 100644
index 0000000000..3a360fb899
--- /dev/null
+++ b/src/lib/libc/crypt/crypt_checkpass.3
@@ -0,0 +1,61 @@
+.\" $OpenBSD: crypt_checkpass.3,v 1.1 2014/11/20 19:18:25 tedu Exp $
+.\"
+.\" Copyright (c) Ted Unangst <tedu@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: November 20 2014 $
+.Dt CRYPT_CHECKPASS 3
+.Os
+.Sh NAME
+.Nm crypt_checkpass ,
+.Nm crypt_newhash
+.Nd password hashing
+.Sh SYNOPSIS
+.In unistd.h
+.Ft int
+.Fn crypt_checkpass "const char *password" "const char *hash"
+.In login_cap.h
+.Ft int
+.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
+.Sh DESCRIPTION
+The
+.Fn crypt_checkpass
+function is provided to simplify checking a user's password.
+If both the hash and the password are the empty string, authentication
+is a success.
+Otherwise, the password is hashed and compared to the provided hash.
+If the hash is NULL, authentication will always fail, but a default
+amount of work is performed to simulate the hashing operation.
+A successful match will return 0.
+A failure will return \-1 and set errno.
+.Pp
+The
+.Fn crypt_newhash
+function is provided to simplify the creation of new password hashes.
+The provided
+.Fa password
+is randomly salted and hashed and stored in
+.Fa hash .
+The login class argument
+.Fa lc
+is used to identify the preferred hashing algorithm and parameters.
+Refer to
+.Xr login.conf 5 .
+.Sh RETURN VALUES
+These functions
+return 0 on success and -1 on failure.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr login.conf 5 ,
+.Xr passwd 5
author	tedu <>	2014-11-20 19:18:25 +0000
committer	tedu <>	2014-11-20 19:18:25 +0000
commit	e2e79e022bd0815f76ca57243324eb59f75899be (patch)
tree	3eb435e8491f8320373632f0ccde7c838d55514d /src/lib/libc/crypt
parent	9a3a3e0abe3dbaf29a4781c95bb7ff180bd6a104 (diff)
download	openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.tar.gz openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.tar.bz2 openbsd-e2e79e022bd0815f76ca57243324eb59f75899be.zip

diff --git a/src/lib/libc/crypt/Makefile.inc b/src/lib/libc/crypt/Makefile.inc index c22c2d1efb..f4cf2de027 100644 --- a/src/lib/libc/crypt/Makefile.inc +++ b/src/lib/libc/crypt/Makefile.inc
@@ -1,15 +1,15 @@
1	# $OpenBSD: Makefile.inc,v 1.23 2014/11/18 22:17:50 jmc Exp $	1	# $OpenBSD: Makefile.inc,v 1.24 2014/11/20 19:18:25 tedu Exp $
2		2
3	.PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/crypt ${LIBCSRCDIR}/crypt	3	.PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/crypt ${LIBCSRCDIR}/crypt
4		4
5	SRCS+= crypt.c crypt2.c cryptutil.c arc4random.c arc4random_uniform.c \	5	SRCS+= crypt.c crypt2.c cryptutil.c arc4random.c arc4random_uniform.c \
6	blowfish.c bcrypt.c	6	blowfish.c bcrypt.c
7		7
8	MAN+= crypt.3 blowfish.3 arc4random.3	8	MAN+= crypt.3 crypt_checkpass.3 blowfish.3 arc4random.3
9	MLINKS+=crypt.3 setkey.3 crypt.3 crypt_checkpass.3	9	MLINKS+=crypt.3 setkey.3 crypt.3 encrypt.3
10	MLINKS+=crypt.3 crypt_newhash.3 crypt.3 encrypt.3
11	MLINKS+=crypt.3 des_setkey.3 crypt.3 des_cipher.3	10	MLINKS+=crypt.3 des_setkey.3 crypt.3 des_cipher.3
12	MLINKS+=crypt.3 bcrypt_gensalt.3 crypt.3 bcrypt.3	11	MLINKS+=crypt.3 bcrypt_gensalt.3 crypt.3 bcrypt.3
		12	MLINKS+=crypt_checkpass.3 crypt_newhash.3
13	MLINKS+=blowfish.3 blf_key.3 blowfish.3 blf_enc.3	13	MLINKS+=blowfish.3 blf_key.3 blowfish.3 blf_enc.3
14	MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3	14	MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3
15	MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3	15	MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3


diff --git a/src/lib/libc/crypt/crypt.3 b/src/lib/libc/crypt/crypt.3 index 636e49d106..f01f996445 100644 --- a/src/lib/libc/crypt/crypt.3 +++ b/src/lib/libc/crypt/crypt.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: crypt.3,v 1.40 2014/11/18 22:17:50 jmc Exp $	1	.\" $OpenBSD: crypt.3,v 1.41 2014/11/20 19:18:25 tedu Exp $
2	.\"	2	.\"
3	.\" FreeSec: libcrypt	3	.\" FreeSec: libcrypt
4	.\"	4	.\"
@@ -31,13 +31,11 @@
31	.\"	31	.\"
32	.\" Manual page, using -mandoc macros	32	.\" Manual page, using -mandoc macros
33	.\"	33	.\"
34	.Dd $Mdocdate: November 18 2014 $	34	.Dd $Mdocdate: November 20 2014 $
35	.Dt CRYPT 3	35	.Dt CRYPT 3
36	.Os	36	.Os
37	.Sh NAME	37	.Sh NAME
38	.Nm crypt ,	38	.Nm crypt ,
39	.Nm crypt_checkpass ,
40	.Nm crypt_newhash ,
41	.Nm setkey ,	39	.Nm setkey ,
42	.Nm encrypt ,	40	.Nm encrypt ,
43	.Nm des_setkey ,	41	.Nm des_setkey ,
@@ -54,10 +52,6 @@
54	.Ft char *	52	.Ft char *
55	.Fn crypt "const char key" "const char setting"	53	.Fn crypt "const char key" "const char setting"
56	.Ft int	54	.Ft int
57	.Fn crypt_checkpass "const char password" "const char hash"
58	.Ft int
59	.Fn crypt_newhash "const char password" "login_cap_t lc" "char *hash" "size_t hashsize"
60	.Ft int
61	.Fn encrypt "char *block" "int flag"	55	.Fn encrypt "char *block" "int flag"
62	.Ft int	56	.Ft int
63	.Fn des_setkey "const char *key"	57	.Fn des_setkey "const char *key"
@@ -69,6 +63,11 @@
69	.Ft char *	63	.Ft char *
70	.Fn bcrypt "const char key" "const char salt"	64	.Fn bcrypt "const char key" "const char salt"
71	.Sh DESCRIPTION	65	.Sh DESCRIPTION
		66	These functions are deprecated in favor of
		67	.Xr crypt_checkpass 3
		68	and
		69	.Xr crypt_newhash 3 .
		70	.Pp
72	The	71	The
73	.Fn crypt	72	.Fn crypt
74	function performs password hashing based on the	73	function performs password hashing based on the
@@ -94,30 +93,6 @@ and a number then a different algorithm is used depending on the number.
94	At the moment	93	At the moment
95	.Ql $2	94	.Ql $2
96	chooses Blowfish hashing; see below for more information.	95	chooses Blowfish hashing; see below for more information.
97	.Pp
98	The
99	.Fn crypt_checkpass
100	function is provided to simplify checking a user's password.
101	If both the hash and the password are the empty string, authentication
102	is a success.
103	Otherwise, the password is hashed and compared to the provided hash.
104	If the hash is NULL, authentication will always fail, but a default
105	amount of work is performed to simulate the hashing operation.
106	A successful match will return 0.
107	A failure will return \-1 and set errno.
108	.Pp
109	The
110	.Fn crypt_newhash
111	function is provided to simplify the creation of new password hashes.
112	The provided
113	.Fa password
114	is randomly salted and hashed and stored in
115	.Fa hash .
116	The login class argument
117	.Fa lc
118	is used to identify the preferred hashing algorithm and parameters.
119	Refer to
120	.Xr login.conf 5 .
121	.Ss Extended crypt	96	.Ss Extended crypt
122	The	97	The
123	.Ar key	98	.Ar key
@@ -298,6 +273,7 @@ return 0 on success and 1 on failure.
298	.Xr login 1 ,	273	.Xr login 1 ,
299	.Xr passwd 1 ,	274	.Xr passwd 1 ,
300	.Xr blowfish 3 ,	275	.Xr blowfish 3 ,
		276	.Xr crypt_checkpass 3 ,
301	.Xr getpass 3 ,	277	.Xr getpass 3 ,
302	.Xr md5 3 ,	278	.Xr md5 3 ,
303	.Xr passwd 5	279	.Xr passwd 5


diff --git a/src/lib/libc/crypt/crypt_checkpass.3 b/src/lib/libc/crypt/crypt_checkpass.3 new file mode 100644 index 0000000000..3a360fb899 --- /dev/null +++ b/src/lib/libc/crypt/crypt_checkpass.3
@@ -0,0 +1,61 @@
		1	.\" $OpenBSD: crypt_checkpass.3,v 1.1 2014/11/20 19:18:25 tedu Exp $
		2	.\"
		3	.\" Copyright (c) Ted Unangst <tedu@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: November 20 2014 $
		18	.Dt CRYPT_CHECKPASS 3
		19	.Os
		20	.Sh NAME
		21	.Nm crypt_checkpass ,
		22	.Nm crypt_newhash
		23	.Nd password hashing
		24	.Sh SYNOPSIS
		25	.In unistd.h
		26	.Ft int
		27	.Fn crypt_checkpass "const char password" "const char hash"
		28	.In login_cap.h
		29	.Ft int
		30	.Fn crypt_newhash "const char password" "login_cap_t lc" "char *hash" "size_t hashsize"
		31	.Sh DESCRIPTION
		32	The
		33	.Fn crypt_checkpass
		34	function is provided to simplify checking a user's password.
		35	If both the hash and the password are the empty string, authentication
		36	is a success.
		37	Otherwise, the password is hashed and compared to the provided hash.
		38	If the hash is NULL, authentication will always fail, but a default
		39	amount of work is performed to simulate the hashing operation.
		40	A successful match will return 0.
		41	A failure will return \-1 and set errno.
		42	.Pp
		43	The
		44	.Fn crypt_newhash
		45	function is provided to simplify the creation of new password hashes.
		46	The provided
		47	.Fa password
		48	is randomly salted and hashed and stored in
		49	.Fa hash .
		50	The login class argument
		51	.Fa lc
		52	is used to identify the preferred hashing algorithm and parameters.
		53	Refer to
		54	.Xr login.conf 5 .
		55	.Sh RETURN VALUES
		56	These functions
		57	return 0 on success and -1 on failure.
		58	.Sh SEE ALSO
		59	.Xr crypt 3 ,
		60	.Xr login.conf 5 ,
		61	.Xr passwd 5