OpenE2K
/
glibc
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
glibc/md5-crypt/md5-crypt.c

227 lines
6.9 KiB
C
Raw Normal View History

update from main archive 961214 Sun Dec 15 01:53:20 1996 Ulrich Drepper <drepper@cygnus.com> * Makefile (subdirs): Change crypt to md5-crypt. * crypt/Makefile, crypt/md5-crypt.c, crypt/md5.c, crypt/md5.h, crypt/md5c-test.c, crypt/md5test.c: Move to new directory md5-crypt. * sysdeps/unix/sysv/linux/configure.in: Refer to linuxthreads and crypt instead of LinuxThreads and des-crypt. * Makefile (subdirs): Add nss back. * sysdeps/unix/inet/Subdirs: Move nis to end of file to fulfill dependencies. * libio/iofclose.c: Implement fclose(NULL) as closing all streams. * stdio-common/Makefile (routines): Add fcloseall. * stdio-common/fcloseall.c: New file. * sysdeps/generic/abort.c: Make implementation POSIX.1 compatible. * sysdeps/mach/libc-lock.h: Add definition of __libc_lock_trylock. * sysdeps/stub/libc-lock.h: Define __libc_lock_trylock to always return 0. * stdio-common/printf.h: Define MIN and MAX only if not already defined. * stdio-common/vfprintf.c: Set errno to EBADF if stream does not allow writing. Required by POSIX.1. * libio/libioP.h (CHECK_FILE): Use MAYBE_SET_EINVAL instead of assignment. * interp.c: Update copyright. * libio/clearerr.c: Likewise. * libio/ioseekoff.c: Likewise. * libio/ioseekpos.c: Likewise. * stdio/fclose.c: Likewise. * stdio/fflus.c: Likewise. * libio/libio.h [!_IO_MTSAFE_IO]: Define _IO_cleanup_region_start and _IO_cleanup_region_end as empty. * libio/fgetc.c: Use _IO_cleanup_region_start and _IO_cleanup_region_end instead of __libc_cleanup_region_start and __libc_cleanup_region_end. * libio/fputc.c: Likewise. * libio/freopen.c: Likewise. * libio/fseek.c: Likewise. * libio/getc.c: Likewise. * libio/getchar.c: Likewise. * libio/iofclose.c: Likewise. * libio/iofflush.c: Likewise. * libio/iofgetpos.c: Likewise. * libio/iofgets.c: Likewise. * libio/iofputs.c: Likewise. * libio/iofread.c: Likewise. * libio/iofsetpos.c: Likewise. * libio/ioftell.c: Likewise. * libio/iofwrite.c: Likewise. * libio/iogetdelim.c: Likewise. * libio/iogets.c: Likewise. * libio/ioputs.c: Likewise. * libio/iosetbuffer.c: Likewise. * libio/iosetvbuf.c: Likewise. * libio/ioungetc.c: Likewise. * libio/iovspintf.c: Use cleanup handler to make sure no dangling locks can stay over. * libio/iovsscanf.c: Likewise. * libio/genops.c: Use _IO_lock_init_recursive and _IO_lock_fini instead of __libc_lock_init_recursive and __libc_lock_fini. * libio/filedoalloc.c: Only use __isatty when compiling GNU libc. Otherwise use isatty. * libio/fileops.c: Likewise for __open and open. * login/utmp_file.c (getutent_r_file): Use fcntl instead of flock. * nis/ypclnt.h: Add more casts to prevent warnings. * nss/Makefile (services): Remove dns. (libnss_dns, libnss_dns-inhibit-o): Remove definition. ($(objpfx)libnss_dns.so): Removed. * nss/nss_dns/dns-host.c, nss/nss_dns/dns-network.c: Moved to... * resolv/nss_dns: ...here. * resolv/Makefile (extra-libs): Add libnss_dns. (libnss_dns-routines, libnss_dns-inhibit-o): Define as in nss/Makefile. * nss/XXX-lookup.c: Call __nss_database_lookup with new argument specifying alternate name for entry in /etc/nsswitch.conf * nss/nsswitch.c: If no entry with primary name is found in /etc/nsswitch.conf try alternate name if given. * nss/nsswitch.h: Add new parameter in prototype for __nss_database_lookup. * nss/spwd-lookup.c: Provide alternative entry name to look for. This makes our NSS compatible with Solaris' nsswitch.conf files. * string/tst-strlen.c: Change all counting variables to type size_t to prevent warnings. * sysdeps/posix/fpathconf.c: Update copyright. * sysdeps/posix/pathconf.c: Don't call fpathconf to do the work. Opening the file at this path may fail if it is a FIFO or pipe. These changes make the time implementation POSIX.1 compliant. * time/localtime.c (__localtime_r): Always call __tzset not only if __tzset_run is zero. * time/strftime.c: Add definition of memset_space to help to reduce for systems which have memset. (strftime): Don't use tm_zone member of argument for zone name. Instead always use tzname[]. Call tzset() as required by POSIX.1 before any action. * time/tzset.c (tzset): Set tzname[] as required by POSIX.1. Remove global variable __tzset_run. __tzset is now called always when a dependent function is used. (__tzset): Caching happens based on the contents of the environment variable TZ. Fri Dec 13 01:06:52 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de> * sysdeps/unix/sysv/linux/paths.h: Add _PATH_KLOG. Thu Dec 12 09:16:35 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de> * rellns-sh: Correctly handle a relative source file name. Wed Dec 11 19:18:40 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de> * login/utmp_file.c (setutent_file): Seek back to beginning of the file if resetting. Thu Dec 12 16:39:12 1996 Thomas Bushnell, n/BSG <thomas@gnu.ai.mit.edu> * hurd/hurdinit.c (map0): Delete function. Don't do this on _hurd_preinit_hook. * hurd/hurdstartup.c (_hurd_startup): Map page zero redzone here.
1996-12-15 03:15:29 +01:00
/* md5-crypt - One way encryption based on MD5 sum.
Copyright (C) 1996 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public
License along with the GNU C Library; see the file COPYING.LIB. If
not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */
#include <errno.h>
#include <stdlib.h>
#include <string.h>
#include <sys/param.h>
#include "md5.h"
/* Define our magic string to mark salt for MD5 "encryption"
replacement. This is meant to be the same as for other MD5 based
encryption implementations. */
static const char md5_salt_prefix[] = "$1$";
/* Table with characters for base64 transformation. */
static const char b64t[64] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
/* Prototypes for local functions. */
extern char *md5_crypt_r __P ((const char *key, const char *salt, char *buffer,
int buflen));
extern char *md5_crypt __P ((const char *key, const char *salt));
/* This entry point is equivalent to the `crypt' function in Unix
libcs. */
char *
md5_crypt_r (key, salt, buffer, buflen)
const char *key;
const char *salt;
char *buffer;
int buflen;
{
unsigned char alt_result[16];
struct md5_ctx ctx;
struct md5_ctx alt_ctx;
size_t salt_len;
size_t key_len;
size_t cnt;
char *cp;
/* Find beginning of salt string. The prefix should normally always
be present. Just in case it is not. */
if (strncmp (md5_salt_prefix, salt, sizeof (md5_salt_prefix) - 1) == 0)
/* Skip salt prefix. */
salt += sizeof (md5_salt_prefix) - 1;
salt_len = MIN (strcspn (salt, "$"), 8);
key_len = strlen (key);
/* Prepare for the real work. */
md5_init_ctx (&ctx);
/* Add the key string. */
md5_process_bytes (key, key_len, &ctx);
/* Because the SALT argument need not always have the salt prefix we
add it separately. */
md5_process_bytes (md5_salt_prefix, sizeof (md5_salt_prefix) - 1, &ctx);
/* The last part is the salt string. This must be at most 8
characters and it ends at the first `$' character (for
compatibility which existing solutions). */
md5_process_bytes (salt, salt_len, &ctx);
/* Compute alternate MD5 sum with input KEY, SALT, and KEY. The
final result will be added to the first context. */
md5_init_ctx (&alt_ctx);
/* Add key. */
md5_process_bytes (key, key_len, &alt_ctx);
/* Add salt. */
md5_process_bytes (salt, salt_len, &alt_ctx);
/* Add key again. */
md5_process_bytes (key, key_len, &alt_ctx);
/* Now get result of this (16 bytes) and add it to the other
context. */
md5_finish_ctx (&alt_ctx, alt_result);
/* Add for any character in the key one byte of the alternate sum. */
for (cnt = key_len; cnt > 16; cnt -= 16)
md5_process_bytes (alt_result, 16, &ctx);
md5_process_bytes (alt_result, cnt, &ctx);
/* For the following code we need a NUL byte. */
*alt_result = '\0';
/* The original implementation now does something weird: for every 1
bit in the key the first 0 is added to the buffer, for every 0
bit the first character of the key. This does not seem to be
what was intended but we have to follow this to be compatible. */
for (cnt = key_len; cnt > 0; cnt >>= 1)
md5_process_bytes ((cnt & 1) != 0 ? (const char *) alt_result : key, 1,
&ctx);
/* Create intermediate result. */
md5_finish_ctx (&ctx, alt_result);
/* Now comes another weirdness. In fear of password crackers here
comes a quite long loop which just processes the output of the
previous round again. We cannot ignore this here. */
for (cnt = 0; cnt < 1000; ++cnt)
{
/* New context. */
md5_init_ctx (&ctx);
/* Add key or last result. */
if ((cnt & 1) != 0)
md5_process_bytes (key, key_len, &ctx);
else
md5_process_bytes (alt_result, 16, &ctx);
/* Add salt for numbers not divisible by 3. */
if (cnt % 3 != 0)
md5_process_bytes (salt, salt_len, &ctx);
/* Add key for numbers not divisible by 7. */
if (cnt % 7 != 0)
md5_process_bytes (key, key_len, &ctx);
/* Add key or last result. */
if ((cnt & 1) != 0)
md5_process_bytes (alt_result, 16, &ctx);
else
md5_process_bytes (key, key_len, &ctx);
/* Create intermediate result. */
md5_finish_ctx (&ctx, alt_result);
}
/* Now we can construct the result string. It consists of three
parts. */
cp = stpncpy (buffer, md5_salt_prefix, MAX (0, buflen));
buflen -= sizeof (md5_salt_prefix);
cp = stpncpy (cp, salt, MIN ((size_t) buflen, salt_len));
buflen -= MIN ((size_t) buflen, salt_len);
if (buflen > 0)
{
*cp++ = '$';
--buflen;
}
#define b64_from_24bit(B2, B1, B0, N) \
do { \
unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
int n = (N); \
while (n-- > 0 && buflen > 0) \
{ \
*cp++ = b64t[w & 0x3f]; \
--buflen; \
w >>= 6; \
} \
} while (0)
b64_from_24bit (alt_result[0], alt_result[6], alt_result[12], 4);
b64_from_24bit (alt_result[1], alt_result[7], alt_result[13], 4);
b64_from_24bit (alt_result[2], alt_result[8], alt_result[14], 4);
b64_from_24bit (alt_result[3], alt_result[9], alt_result[15], 4);
b64_from_24bit (alt_result[4], alt_result[10], alt_result[5], 4);
b64_from_24bit (0, 0, alt_result[11], 2);
if (buflen <= 0)
{
__set_errno (ERANGE);
buffer = NULL;
}
else
*cp = '\0'; /* Terminate the string. */
/* Clear the buffer for the intermediate result so that people
attaching to processes or reading core dumps cannot get any
information. */
memset (alt_result, '\0', sizeof (alt_result));
return buffer;
}
char *
md5_crypt (key, salt)
const char *key;
const char *salt;
{
/* We don't want to have an arbitrary limit in the size of the
password. We can compute the size of the result in advance and
so we can prepare the buffer we pass to `md5_crypt_r'. */
static char *buffer = NULL;
static int buflen = 0;
int needed = 3 + strlen (salt) + 1 + 26 + 1;
if (buflen < needed)
{
buflen = needed;
if ((buffer = realloc (buffer, buflen)) == NULL)
return NULL;
}
return md5_crypt_r (key, salt, buffer, buflen);
}