62 lines
2 KiB
Text
62 lines
2 KiB
Text
Index: util/passwordbasedauthentication.c
|
|
--- util/passwordbasedauthentication.c.orig
|
|
+++ util/passwordbasedauthentication.c
|
|
@@ -26,7 +26,13 @@
|
|
// UFC_crypt defines crypt_r when only when __USE_GNU is set
|
|
// this shouldn't affect other implementations
|
|
#define __USE_GNU
|
|
+#if defined(__OpenBSD__)
|
|
+#if HAS_CRYPT_R
|
|
+#include <unistd.h>
|
|
+#endif
|
|
+#else
|
|
#include <crypt.h>
|
|
+#endif
|
|
// INVALID_HASH is used on verify when the given hash is a NULL pointer.
|
|
// This is done to not directly jump to exit with a INVALID_HASH result
|
|
// but rather keep calculating to make it a little bit harder to guess
|
|
@@ -166,16 +172,7 @@ pba_finalize (struct PBASettings *settings)
|
|
free (settings);
|
|
}
|
|
|
|
-static int
|
|
-pba_is_phc_compliant (const char *setting)
|
|
-{
|
|
- if (setting == NULL)
|
|
- {
|
|
- return 1;
|
|
- }
|
|
- return strlen (setting) > 1 && setting[0] == '$';
|
|
-}
|
|
-
|
|
+#if HAS_CRYPT_R
|
|
char *
|
|
pba_hash (struct PBASettings *setting, const char *password)
|
|
{
|
|
@@ -204,8 +201,8 @@ pba_hash (struct PBASettings *setting, const char *pas
|
|
rslt = crypt_r (password, settings, data);
|
|
if (rslt == NULL)
|
|
goto exit;
|
|
- result = calloc (1, CRYPT_OUTPUT_SIZE);
|
|
- memcpy (result, rslt, CRYPT_OUTPUT_SIZE);
|
|
+ result = malloc (CRYPT_OUTPUT_SIZE);
|
|
+ strncpy (result, rslt, CRYPT_OUTPUT_SIZE);
|
|
// remove pepper, by jumping to begin of applied pepper within result
|
|
// and overriding it.
|
|
tmp = result + (tmp - settings);
|
|
@@ -239,8 +236,8 @@ pba_verify_hash (const struct PBASettings *setting, co
|
|
{
|
|
data = calloc (1, sizeof (struct crypt_data));
|
|
// manipulate hash to reapply pepper
|
|
- tmp = calloc (1, CRYPT_OUTPUT_SIZE);
|
|
- memcpy (tmp, hash ? hash : INVALID_HASH, CRYPT_OUTPUT_SIZE);
|
|
+ tmp = malloc (CRYPT_OUTPUT_SIZE);
|
|
+ strncpy (tmp, hash ? hash : INVALID_HASH, CRYPT_OUTPUT_SIZE);
|
|
cmp = strrchr (tmp, '$');
|
|
for (i = MAX_PEPPER_SIZE - 1; i > -1; i--)
|
|
{
|
|
@@ -279,3 +276,4 @@ exit:
|
|
free (tmp);
|
|
return result;
|
|
}
|
|
+#endif /* #if HAS_CRYPT_R */
|