Convert passwd.c to opaque EVP_MD_CTX and add a bit of error checking.

tweak/ok inoguchi
author: tb <> 2021-12-12 20:40:25 +0000
committer: tb <> 2021-12-12 20:40:25 +0000
commit: e7011c1623e5129361ba13223cfb852ade779697 (patch)
tree: 4976505e8609a2e0bfd171a4aded16158fff0851 /src
parent: f82f1d237145260c8e0c96710a50c98367acc37d (diff)
download: openbsd-e7011c1623e5129361ba13223cfb852ade779697.tar.gz
openbsd-e7011c1623e5129361ba13223cfb852ade779697.tar.bz2
openbsd-e7011c1623e5129361ba13223cfb852ade779697.zip
1 files changed, 72 insertions, 35 deletions
diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c
index a8c7f08dd7..11b43d653a 100644
--- a/src/usr.bin/openssl/passwd.c
+++ b/src/usr.bin/openssl/passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: passwd.c,v 1.11 2021/11/25 16:53:58 tb Exp $ */
+/* $OpenBSD: passwd.c,v 1.12 2021/12/12 20:40:25 tb Exp $ */
 #if defined OPENSSL_NO_MD5
 #define NO_MD5CRYPT_1
@@ -306,7 +306,7 @@ md5crypt(const char *passwd, const char *magic, const char *salt)
        char *salt_out;
        int n;
        unsigned int i;
-        EVP_MD_CTX md, md2;
+        EVP_MD_CTX *md = NULL, *md2 = NULL;
        size_t passwd_len, salt_len;
        passwd_len = strlen(passwd);
@@ -321,45 +321,74 @@ md5crypt(const char *passwd, const char *magic, const char *salt)
        salt_len = strlen(salt_out);
        assert(salt_len <= 8);
-        EVP_MD_CTX_init(&md);
+        if ((md = EVP_MD_CTX_new()) == NULL)
-        EVP_DigestInit_ex(&md, EVP_md5(), NULL);
+                goto err;
-        EVP_DigestUpdate(&md, passwd, passwd_len);
+        if (!EVP_DigestInit_ex(md, EVP_md5(), NULL))
-        EVP_DigestUpdate(&md, "$", 1);
+                goto err;
-        EVP_DigestUpdate(&md, magic, strlen(magic));
+        if (!EVP_DigestUpdate(md, passwd, passwd_len))
-        EVP_DigestUpdate(&md, "$", 1);
+                goto err;
-        EVP_DigestUpdate(&md, salt_out, salt_len);
+        if (!EVP_DigestUpdate(md, "$", 1))
+                goto err;
-        EVP_MD_CTX_init(&md2);
+        if (!EVP_DigestUpdate(md, magic, strlen(magic)))
-        EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+                goto err;
-        EVP_DigestUpdate(&md2, passwd, passwd_len);
+        if (!EVP_DigestUpdate(md, "$", 1))
-        EVP_DigestUpdate(&md2, salt_out, salt_len);
+                goto err;
-        EVP_DigestUpdate(&md2, passwd, passwd_len);
+        if (!EVP_DigestUpdate(md, salt_out, salt_len))
-        EVP_DigestFinal_ex(&md2, buf, NULL);
+                goto err;
-        for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
+        if ((md2 = EVP_MD_CTX_new()) == NULL)
-                EVP_DigestUpdate(&md, buf, sizeof buf);
+                goto err;
-        EVP_DigestUpdate(&md, buf, i);
+        if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
+                goto err;
+        if (!EVP_DigestUpdate(md2, passwd, passwd_len))
+                goto err;
+        if (!EVP_DigestUpdate(md2, salt_out, salt_len))
+                goto err;
+        if (!EVP_DigestUpdate(md2, passwd, passwd_len))
+                goto err;
+        if (!EVP_DigestFinal_ex(md2, buf, NULL))
+                goto err;
+        for (i = passwd_len; i > sizeof buf; i -= sizeof buf) {
+                if (!EVP_DigestUpdate(md, buf, sizeof buf))
+                        goto err;
+        }
+        if (!EVP_DigestUpdate(md, buf, i))
+                goto err;
        n = passwd_len;
        while (n) {
-                EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
+                if (!EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1))
+                        goto err;
                n >>= 1;
        }
-        EVP_DigestFinal_ex(&md, buf, NULL);
+        if (!EVP_DigestFinal_ex(md, buf, NULL))
+                goto err;
        for (i = 0; i < 1000; i++) {
-                EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+                if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
-                EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
+                        goto err;
-                    (i & 1) ? passwd_len : sizeof buf);
+                if (!EVP_DigestUpdate(md2,
-                if (i % 3)
+                    (i & 1) ? (unsigned const char *) passwd : buf,
-                        EVP_DigestUpdate(&md2, salt_out, salt_len);
+                    (i & 1) ? passwd_len : sizeof buf))
-                if (i % 7)
+                        goto err;
-                        EVP_DigestUpdate(&md2, passwd, passwd_len);
+                if (i % 3) {
-                EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
+                        if (!EVP_DigestUpdate(md2, salt_out, salt_len))
-                    (i & 1) ? sizeof buf : passwd_len);
+                                goto err;
-                EVP_DigestFinal_ex(&md2, buf, NULL);
+                }
+                if (i % 7) {
+                        if (!EVP_DigestUpdate(md2, passwd, passwd_len))
+                                goto err;
+                }
+                if (!EVP_DigestUpdate(md2,
+                    (i & 1) ? buf : (unsigned const char *) passwd,
+                    (i & 1) ? sizeof buf : passwd_len))
+                        goto err;
+                if (!EVP_DigestFinal_ex(md2, buf, NULL))
+                        goto err;
        }
-        EVP_MD_CTX_cleanup(&md2);
+        EVP_MD_CTX_free(md2);
+        md2 = NULL;
        {
                /* transform buf into output string */
@@ -394,9 +423,14 @@ md5crypt(const char *passwd, const char *magic, const char *salt)
                *output = 0;
                assert(strlen(out_buf) < sizeof(out_buf));
        }
-        EVP_MD_CTX_cleanup(&md);
+        EVP_MD_CTX_free(md);
        return out_buf;
+ err:
+        EVP_MD_CTX_free(md);
+        EVP_MD_CTX_free(md2);
+        return NULL;
 }
 #endif
@@ -463,7 +497,8 @@ do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 #endif
 #ifndef NO_MD5CRYPT_1
        if (use1 || useapr1)
-                hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
+                if ((hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p)) == NULL)
+                        goto err;
 #endif
        assert(hash != NULL);
@@ -476,6 +511,8 @@ do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
        return 1;
 err:
+        free(*salt_malloc_p);
+        *salt_malloc_p = NULL;
        return 0;
 }
 #else
author	tb <>	2021-12-12 20:40:25 +0000
committer	tb <>	2021-12-12 20:40:25 +0000
commit	e7011c1623e5129361ba13223cfb852ade779697 (patch)
tree	4976505e8609a2e0bfd171a4aded16158fff0851 /src
parent	f82f1d237145260c8e0c96710a50c98367acc37d (diff)
download	openbsd-e7011c1623e5129361ba13223cfb852ade779697.tar.gz openbsd-e7011c1623e5129361ba13223cfb852ade779697.tar.bz2 openbsd-e7011c1623e5129361ba13223cfb852ade779697.zip

diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c index a8c7f08dd7..11b43d653a 100644 --- a/src/usr.bin/openssl/passwd.c +++ b/src/usr.bin/openssl/passwd.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: passwd.c,v 1.11 2021/11/25 16:53:58 tb Exp $ */	1	/* $OpenBSD: passwd.c,v 1.12 2021/12/12 20:40:25 tb Exp $ */
2		2
3	#if defined OPENSSL_NO_MD5	3	#if defined OPENSSL_NO_MD5
4	#define NO_MD5CRYPT_1	4	#define NO_MD5CRYPT_1
@@ -306,7 +306,7 @@ md5crypt(const char passwd, const char magic, const char *salt)
306	char *salt_out;	306	char *salt_out;
307	int n;	307	int n;
308	unsigned int i;	308	unsigned int i;
309	EVP_MD_CTX md, md2;	309	EVP_MD_CTX md = NULL, md2 = NULL;
310	size_t passwd_len, salt_len;	310	size_t passwd_len, salt_len;
311		311
312	passwd_len = strlen(passwd);	312	passwd_len = strlen(passwd);
@@ -321,45 +321,74 @@ md5crypt(const char passwd, const char magic, const char *salt)
321	salt_len = strlen(salt_out);	321	salt_len = strlen(salt_out);
322	assert(salt_len <= 8);	322	assert(salt_len <= 8);
323		323
324	EVP_MD_CTX_init(&md);	324	if ((md = EVP_MD_CTX_new()) == NULL)
325	EVP_DigestInit_ex(&md, EVP_md5(), NULL);	325	goto err;
326	EVP_DigestUpdate(&md, passwd, passwd_len);	326	if (!EVP_DigestInit_ex(md, EVP_md5(), NULL))
327	EVP_DigestUpdate(&md, "$", 1);	327	goto err;
328	EVP_DigestUpdate(&md, magic, strlen(magic));	328	if (!EVP_DigestUpdate(md, passwd, passwd_len))
329	EVP_DigestUpdate(&md, "$", 1);	329	goto err;
330	EVP_DigestUpdate(&md, salt_out, salt_len);	330	if (!EVP_DigestUpdate(md, "$", 1))
331		331	goto err;
332	EVP_MD_CTX_init(&md2);	332	if (!EVP_DigestUpdate(md, magic, strlen(magic)))
333	EVP_DigestInit_ex(&md2, EVP_md5(), NULL);	333	goto err;
334	EVP_DigestUpdate(&md2, passwd, passwd_len);	334	if (!EVP_DigestUpdate(md, "$", 1))
335	EVP_DigestUpdate(&md2, salt_out, salt_len);	335	goto err;
336	EVP_DigestUpdate(&md2, passwd, passwd_len);	336	if (!EVP_DigestUpdate(md, salt_out, salt_len))
337	EVP_DigestFinal_ex(&md2, buf, NULL);	337	goto err;
338		338
339	for (i = passwd_len; i > sizeof buf; i -= sizeof buf)	339	if ((md2 = EVP_MD_CTX_new()) == NULL)
340	EVP_DigestUpdate(&md, buf, sizeof buf);	340	goto err;
341	EVP_DigestUpdate(&md, buf, i);	341	if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
		342	goto err;
		343	if (!EVP_DigestUpdate(md2, passwd, passwd_len))
		344	goto err;
		345	if (!EVP_DigestUpdate(md2, salt_out, salt_len))
		346	goto err;
		347	if (!EVP_DigestUpdate(md2, passwd, passwd_len))
		348	goto err;
		349	if (!EVP_DigestFinal_ex(md2, buf, NULL))
		350	goto err;
		351
		352	for (i = passwd_len; i > sizeof buf; i -= sizeof buf) {
		353	if (!EVP_DigestUpdate(md, buf, sizeof buf))
		354	goto err;
		355	}
		356	if (!EVP_DigestUpdate(md, buf, i))
		357	goto err;
342		358
343	n = passwd_len;	359	n = passwd_len;
344	while (n) {	360	while (n) {
345	EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);	361	if (!EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1))
		362	goto err;
346	n >>= 1;	363	n >>= 1;
347	}	364	}
348	EVP_DigestFinal_ex(&md, buf, NULL);	365	if (!EVP_DigestFinal_ex(md, buf, NULL))
		366	goto err;
349		367
350	for (i = 0; i < 1000; i++) {	368	for (i = 0; i < 1000; i++) {
351	EVP_DigestInit_ex(&md2, EVP_md5(), NULL);	369	if (!EVP_DigestInit_ex(md2, EVP_md5(), NULL))
352	EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,	370	goto err;
353	(i & 1) ? passwd_len : sizeof buf);	371	if (!EVP_DigestUpdate(md2,
354	if (i % 3)	372	(i & 1) ? (unsigned const char *) passwd : buf,
355	EVP_DigestUpdate(&md2, salt_out, salt_len);	373	(i & 1) ? passwd_len : sizeof buf))
356	if (i % 7)	374	goto err;
357	EVP_DigestUpdate(&md2, passwd, passwd_len);	375	if (i % 3) {
358	EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,	376	if (!EVP_DigestUpdate(md2, salt_out, salt_len))
359	(i & 1) ? sizeof buf : passwd_len);	377	goto err;
360	EVP_DigestFinal_ex(&md2, buf, NULL);	378	}
		379	if (i % 7) {
		380	if (!EVP_DigestUpdate(md2, passwd, passwd_len))
		381	goto err;
		382	}
		383	if (!EVP_DigestUpdate(md2,
		384	(i & 1) ? buf : (unsigned const char *) passwd,
		385	(i & 1) ? sizeof buf : passwd_len))
		386	goto err;
		387	if (!EVP_DigestFinal_ex(md2, buf, NULL))
		388	goto err;
361	}	389	}
362	EVP_MD_CTX_cleanup(&md2);	390	EVP_MD_CTX_free(md2);
		391	md2 = NULL;
363		392
364	{	393	{
365	/* transform buf into output string */	394	/* transform buf into output string */
@@ -394,9 +423,14 @@ md5crypt(const char passwd, const char magic, const char *salt)
394	*output = 0;	423	*output = 0;
395	assert(strlen(out_buf) < sizeof(out_buf));	424	assert(strlen(out_buf) < sizeof(out_buf));
396	}	425	}
397	EVP_MD_CTX_cleanup(&md);	426	EVP_MD_CTX_free(md);
398		427
399	return out_buf;	428	return out_buf;
		429	err:
		430	EVP_MD_CTX_free(md);
		431	EVP_MD_CTX_free(md2);
		432
		433	return NULL;
400	}	434	}
401	#endif	435	#endif
402		436
@@ -463,7 +497,8 @@ do_passwd(int passed_salt, char salt_p, char salt_malloc_p,
463	#endif	497	#endif
464	#ifndef NO_MD5CRYPT_1	498	#ifndef NO_MD5CRYPT_1
465	if (use1 \|\| useapr1)	499	if (use1 \|\| useapr1)
466	hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);	500	if ((hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p)) == NULL)
		501	goto err;
467	#endif	502	#endif
468	assert(hash != NULL);	503	assert(hash != NULL);
469		504
@@ -476,6 +511,8 @@ do_passwd(int passed_salt, char salt_p, char salt_malloc_p,
476	return 1;	511	return 1;
477		512
478	err:	513	err:
		514	free(*salt_malloc_p);
		515	*salt_malloc_p = NULL;
479	return 0;	516	return 0;
480	}	517	}
481	#else	518	#else