Annotation of src/usr.bin/passwd/pwd_gensalt.c, Revision 1.8
1.8 ! provos 1: /* $OpenBSD: pwd_gensalt.c,v 1.7 1997/04/10 20:04:54 provos Exp $ */
1.1 provos 2: /*
3: * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
4: * All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: * 3. All advertising materials mentioning features or use of this software
15: * must display the following acknowledgement:
1.2 provos 16: * This product includes software developed by Niels Provos.
1.1 provos 17: * 4. The name of the author may not be used to endorse or promote products
18: * derived from this software without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30: */
31:
1.2 provos 32: #include <sys/syslimits.h>
1.7 provos 33: #include <sys/types.h>
1.1 provos 34: #include <stdio.h>
1.4 weingart 35: #include <stdlib.h>
1.1 provos 36: #include <string.h>
37: #include <err.h>
1.7 provos 38: #include <grp.h>
1.1 provos 39: #include <pwd.h>
1.2 provos 40: #include <util.h>
1.4 weingart 41: #include <time.h>
1.1 provos 42:
1.6 deraadt 43: void to64 __P((char *, int32_t, int n));
1.1 provos 44:
1.2 provos 45: int
1.1 provos 46: pwd_gensalt(salt, max, pwd, type)
47: char *salt;
48: int max;
49: struct passwd *pwd;
50: char type;
51: {
52: char *bcrypt_gensalt __P((u_int8_t));
53: char option[LINE_MAX];
54: char *next, *now;
1.7 provos 55: char *cipher;
1.1 provos 56: *salt = '\0';
57:
58: switch (type) {
59: case 'y':
1.7 provos 60: cipher = "ypcipher";
1.1 provos 61: break;
62: case 'l':
63: default:
1.7 provos 64: cipher = "localcipher";
1.1 provos 65: break;
1.7 provos 66: }
67:
68: pw_getconf(option, LINE_MAX, pwd->pw_name, cipher);
69:
70: /* Try to find an entry for the group */
71: if (*option == 0) {
72: struct group *grp;
73: char grpkey[LINE_MAX];
74:
75: grp = getgrgid(pwd->pw_gid);
76: if (grp != NULL) {
77: snprintf(grpkey, LINE_MAX-1, ".%s", grp->gr_name);
78: grpkey[LINE_MAX-1] = 0;
79: pw_getconf(option, LINE_MAX, grpkey, cipher);
80: }
81: if (*option == 0)
82: pw_getconf(option, LINE_MAX, "default", cipher);
1.1 provos 83: }
84:
85: next = option;
86: now = strsep(&next, ",");
87: if (!strcmp(now, "old")) {
1.6 deraadt 88: if (max < 3)
1.2 provos 89: return 0;
1.5 provos 90: to64(&salt[0], arc4random(), 2);
1.2 provos 91: salt[2] = '\0';
1.3 provos 92: } else if (!strcmp(now, "newsalt")) {
1.8 ! provos 93: u_int32_t rounds = atol(next);
! 94: if (rounds < 725)
! 95: rounds = 725;
1.6 deraadt 96: if (max < 10)
1.3 provos 97: return 0;
98: salt[0] = _PASSWORD_EFMT1;
1.8 ! provos 99: to64(&salt[1], (u_int32_t) rounds, 4);
1.5 provos 100: to64(&salt[5], arc4random(), 4);
1.3 provos 101: salt[9] = '\0';
102: } else if (!strcmp(now, "md5")) {
1.6 deraadt 103: if (max < 13) /* $1$8salt$\0 */
1.3 provos 104: return 0;
105: strcpy(salt, "$1$");
1.5 provos 106: to64(&salt[3], arc4random(), 4);
107: to64(&salt[7], arc4random(), 4);
1.3 provos 108: strcpy(&salt[11], "$");
109: } else if (!strcmp(now, "blowfish")) {
110: int rounds = atoi(next);
111: if (rounds < 4)
112: rounds = 4;
113: strncpy(salt, bcrypt_gensalt(rounds), max - 1);
114: salt[max - 1] = 0;
115: } else {
116: strcpy(salt, ":");
117: warnx("Unkown option %s.", now);
118: }
1.2 provos 119: return 1;
120: }
121:
1.6 deraadt 122: static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
123: "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
1.2 provos 124:
1.6 deraadt 125: void
126: to64(s, v, n)
127: register char *s;
128: register int32_t v;
129: register int n;
1.2 provos 130: {
1.6 deraadt 131: while (--n >= 0) {
132: *s++ = itoa64[v&0x3f];
133: v >>= 6;
134: }
1.1 provos 135: }