diff options
author | Timo Weingärtner <timo@tiwe.de> | 2024-06-17 12:25:16 +0200 |
---|---|---|
committer | Timo Weingärtner <timo@tiwe.de> | 2024-06-17 12:25:16 +0200 |
commit | 55ddea494b0c7c316461ac9b7b4139af4b175b21 (patch) | |
tree | 3f53d534716a1285b0374eef6adf35b886f64c6d | |
parent | 20920cef5ace15e398fdb2d51a8448bee3c096d3 (diff) | |
parent | 2347ef0edd7054d3df9838612aa78ac6bd077dfd (diff) | |
download | libpam-pwdfile-55ddea494b0c7c316461ac9b7b4139af4b175b21.tar.gz |
Merge tag 'v2.0' into debian
release 2.0
-rw-r--r-- | INSTALL | 1 | ||||
-rw-r--r-- | Makefile | 13 | ||||
-rw-r--r-- | README | 17 | ||||
-rw-r--r-- | bigcrypt.c | 74 | ||||
-rw-r--r-- | bigcrypt.h | 1 | ||||
-rw-r--r-- | changelog | 28 | ||||
-rw-r--r-- | md5.c | 237 | ||||
-rw-r--r-- | md5.h | 31 | ||||
-rw-r--r-- | md5_crypt.c | 147 | ||||
-rw-r--r-- | pam_pwdfile.c | 13 |
10 files changed, 31 insertions, 531 deletions
@@ -2,6 +2,7 @@ * make * C compiler (e.g. gcc or clang) * libc development headers (package libc6-dev on Debian, glibc-headers on Hat) + * libcrypt development headers if not included in libc (package libcrypt-dev on Debian, libxcrypt-devel on Hat) * PAM development headers (package libpam-dev on Debian, pam-devel on Hat) * make * make install @@ -2,15 +2,14 @@ PAM_LIB_DIR ?= /lib/security INSTALL ?= install CFLAGS ?= -O2 -g -Wall -Wformat-security -CPPFLAGS += -DUSE_CRYPT_R +CPPFLAGS += -DUSE_CRYPT_R -D_FILE_OFFSET_BITS=64 CFLAGS += -fPIC -fvisibility=hidden LDFLAGS += -Wl,-x -shared TITLE = pam_pwdfile LIBSHARED = $(TITLE).so LDLIBS = -lcrypt -lpam -LIBOBJ = $(TITLE).o md5_broken.o md5_crypt_broken.o bigcrypt.o -CPPFLAGS_MD5_BROKEN = -DHIGHFIRST -D'MD5Name(x)=Broken\#\#x' +LIBOBJ = $(TITLE).o all: $(LIBSHARED) @@ -18,14 +17,6 @@ all: $(LIBSHARED) $(LIBSHARED): $(LIBOBJ) $(CC) $(LDFLAGS) $(LIBOBJ) $(LDLIBS) -o $@ - -md5_broken.o: md5.c - $(CC) -c $(CPPFLAGS) $(CPPFLAGS_MD5_BROKEN) $(CFLAGS) $< -o $@ - -md5_crypt_broken.o: md5_crypt.c - $(CC) -c $(CPPFLAGS) $(CPPFLAGS_MD5_BROKEN) $(CFLAGS) $< -o $@ - - install: $(LIBSHARED) $(INSTALL) -m 0755 -d $(DESTDIR)$(PAM_LIB_DIR) $(INSTALL) -m 0755 $(LIBSHARED) $(DESTDIR)$(PAM_LIB_DIR) @@ -25,7 +25,6 @@ options * debug: produce a bit of debug output * nodelay: don't tell the PAM stack to cause a delay on auth failure * flock: use a shared (read) advisory lock on pwdfile, you should better move new versions into place instead -* legacy_crypt: see section LEGACY CRYPT PASSWORD FILE @@ -36,19 +35,3 @@ First field contains the username, the second the crypt()ed password. Other fields are optional. crypt()ed passwords in various formats can be generated with mkpasswd from the whois package. - - -LEGACY CRYPT -============ - -There are two crypt types that are disabled by default: bigcrypt and broken md5_crypt. -They are disabled because they use static buffers which is bad when doing PAM authentication using this module in a multithreaded server. -All the other crypt types are checked via the systems crypt_r function if available, else with the normal crypt function and the same static-buffer-problem. - -bigcrypt was used on DEC systems to allow for longer passwords. -You can check if your passwd file contains any of these with `cut -d: -f2 passwd-file | egrep '^[^$].{13}'`. - -Broken md5_crypt is a speciality of big-endian systems. -An early implementation of md5_crypt got the byte order wrong here and produced different crypt outputs. -You might have some of these crypt hashes in your passwd file only if you created them on a big-endian system. -If an md5_crypt hash also worked on a little-endian system (up to and including libpam-pwdfile 0.99) it isn't broken md5_crypt. diff --git a/bigcrypt.c b/bigcrypt.c deleted file mode 100644 index 18024dc..0000000 --- a/bigcrypt.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * This function implements the "bigcrypt" algorithm specifically for - * Linux-PAM. - * - * This algorithm is algorithm 0 (default) shipped with the C2 secure - * implementation of Digital UNIX. - * - * Disclaimer: This work is not based on the source code to Digital - * UNIX, nor am I connected to Digital Equipment Corp, in any way - * other than as a customer. This code is based on published - * interfaces and reasonable guesswork. - * - * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8 - * characters or less. Each block is encrypted using the standard UNIX - * libc crypt function. The result of the encryption for one block - * provides the salt for the suceeding block. - * - * Restrictions: The buffer used to hold the encrypted result is - * statically allocated. (see MAX_PASS_LEN below). This is necessary, - * as the returned pointer points to "static data that are overwritten - * by each call", (XPG3: XSI System Interface + Headers pg 109), and - * this is a drop in replacement for crypt(); - * - * Andy Phillips <atp@mssl.ucl.ac.uk> - */ - -#define _XOPEN_SOURCE 700 -#include <unistd.h> -#include <string.h> - -#include "bigcrypt.h" - -/* - * Max cleartext password length in segments of 8 characters this - * function can deal with (16 segments of 8 chars= max 128 character - * password). - */ - -#define MAX_SEGMENTS 16 -#define SEGMENT_SIZE 8 -#define SALT_SIZE 2 -#define ESEGMENT_SIZE 11 - -char *bigcrypt(char const * key, char const * salt) { - static char outbuf[MAX_SEGMENTS * ESEGMENT_SIZE + SALT_SIZE + 1]; /* static storage area */ - - unsigned char n_seg, seg; - char * outptr; - - /* ensure NUL-termination */ - memset(outbuf, 0, sizeof(outbuf)); - - if (strlen(salt) == (SALT_SIZE + ESEGMENT_SIZE)) /* conventional crypt */ - n_seg = 1; - else if (key[0] == '\0') - n_seg = 1; - else - n_seg = (strnlen(key, MAX_SEGMENTS * SEGMENT_SIZE) + SEGMENT_SIZE - 1) / SEGMENT_SIZE; - - /* first block is special and just traditional crypt() */ - outptr = outbuf; - strncpy(outptr, crypt(key, salt), SALT_SIZE + ESEGMENT_SIZE); - - for (seg = 1, outptr += SALT_SIZE; seg < n_seg; ++seg) { - /* subsequent blocks use the previous output block for salt input */ - salt = outptr; - key += SEGMENT_SIZE; - outptr += ESEGMENT_SIZE; - /* and omit the salt on output */ - strncpy(outptr, crypt(key, salt) + SALT_SIZE, ESEGMENT_SIZE); - } - - return outbuf; -} diff --git a/bigcrypt.h b/bigcrypt.h deleted file mode 100644 index a66a96e..0000000 --- a/bigcrypt.h +++ /dev/null @@ -1 +0,0 @@ -extern char *bigcrypt(const char *key, const char *salt); @@ -1,3 +1,31 @@ +commit 83beb3d7564e32b7de3a2099825b18496e8dc6a1 +Author: Timo Weingärtner <timo@tiwe.de> +Date: 2024-06-17 12:11:08 +0200 + + INSTALL: mention libxcrypt + +commit f46bd38f387f0a580e134388086321b03e6b17d3 +Author: Timo Weingärtner <timo@tiwe.de> +Date: 2021-04-16 19:33:21 +0200 + + do away with legacy crypt types + + it is the responsibility of libcrypt to implement crypt types + +commit e29d26e77d8577ea272211c20240b3c39dff6bf0 +Author: Timo Weingärtner <timo@tiwe.de> +Date: 2014-03-06 21:30:20 +0100 + + enable large file support + + this should make some tests for LFS happy; we don't use sizes of or offsets in files here + +commit 8f0e412b48178c00abd023917dd2c9050ee89c18 (tag: v1.0) +Author: Timo Weingärtner <timo@tiwe.de> +Date: 2013-09-29 15:55:25 +0200 + + release 1.0 + commit 6946f4bd3102d677d9ce43d4c48ed6bec2b13a31 Author: Timo Weingärtner <timo@tiwe.de> Date: 2013-09-29 15:50:21 +0200 @@ -1,237 +0,0 @@ -/* - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - * - */ - -#include <string.h> -#include <byteswap.h> -#include "md5.h" - -#ifndef HIGHFIRST -#define byteReverse(buf, len) /* Nothing */ -#else -static void byteReverse(unsigned char *buf, unsigned longs) { - for (; longs; --longs, buf +=4) - *((uint32_t *) buf) = bswap_32(*((uint32_t *) buf)); -} -#endif - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void MD5Name(MD5Init)(struct MD5Context *ctx) -{ - ctx->buf[0] = 0x67452301U; - ctx->buf[1] = 0xefcdab89U; - ctx->buf[2] = 0x98badcfeU; - ctx->buf[3] = 0x10325476U; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsigned len) -{ - uint32_t t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - unsigned char *p = (unsigned char *) ctx->in + t; - - t = 64 - t; - if (len < t) { - memcpy(p, buf, len); - return; - } - memcpy(p, buf, t); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32_t *) ctx->in); - buf += t; - len -= t; - } - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy(ctx->in, buf, 64); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32_t *) ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy(ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx) -{ - unsigned count; - unsigned char *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32_t *) ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count - 8); - } - byteReverse(ctx->in, 14); - - /* Append length in bits and transform */ - memcpy(ctx->in + 56, ctx->bits, 8); - - MD5Name(MD5Transform)(ctx->buf, (uint32_t *) ctx->in); - byteReverse((unsigned char *) ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */ -} - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -void MD5Name(MD5Transform)(uint32_t buf[4], uint32_t const in[16]) -{ - register uint32_t a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} @@ -1,31 +0,0 @@ - -#ifndef MD5_H -#define MD5_H - -#include <stdint.h> - -struct MD5Context { - uint32_t buf[4]; - uint32_t bits[2]; - unsigned char in[64]; -}; - -void GoodMD5Init(struct MD5Context *); -void GoodMD5Update(struct MD5Context *, unsigned const char *, unsigned); -void GoodMD5Final(unsigned char digest[16], struct MD5Context *); -void GoodMD5Transform(uint32_t buf[4], uint32_t const in[16]); -void BrokenMD5Init(struct MD5Context *); -void BrokenMD5Update(struct MD5Context *, unsigned const char *, unsigned); -void BrokenMD5Final(unsigned char digest[16], struct MD5Context *); -void BrokenMD5Transform(uint32_t buf[4], uint32_t const in[16]); - -char *Goodcrypt_md5(const char *pw, const char *salt); -char *Brokencrypt_md5(const char *pw, const char *salt); - -/* - * This is needed to make RSAREF happy on some MS-DOS compilers. - */ - -typedef struct MD5Context MD5_CTX; - -#endif /* MD5_H */ diff --git a/md5_crypt.c b/md5_crypt.c deleted file mode 100644 index 639b1d3..0000000 --- a/md5_crypt.c +++ /dev/null @@ -1,147 +0,0 @@ -/* - * ---------------------------------------------------------------------------- - * "THE BEER-WARE LICENSE" (Revision 42): - * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you - * can do whatever you want with this stuff. If we meet some day, and you think - * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp - * ---------------------------------------------------------------------------- - * - * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp - * - */ - -#include <string.h> -#include "md5.h" - -static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ -"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - -static void to64(char *s, unsigned long v, int n) -{ - while (--n >= 0) { - *s++ = itoa64[v & 0x3f]; - v >>= 6; - } -} - -/* - * UNIX password - * - * Use MD5 for what it is best at... - */ - -char *MD5Name(crypt_md5)(const char *pw, const char *salt) -{ - const char *magic = "$1$"; - /* This string is magic for this algorithm. Having - * it this way, we can get get better later on */ - static char passwd[120], *p; - static const char *sp, *ep; - unsigned char final[16]; - int sl, pl, i, j; - MD5_CTX ctx, ctx1; - unsigned long l; - - /* Refine the Salt first */ - sp = salt; - - /* If it starts with the magic string, then skip that */ - if (!strncmp(sp, magic, strlen(magic))) - sp += strlen(magic); - - /* It stops at the first '$', max 8 chars */ - for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) - continue; - - /* get the length of the true salt */ - sl = ep - sp; - - MD5Name(MD5Init)(&ctx); - - /* The password first, since that is what is most unknown */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)pw,strlen(pw)); - - /* Then our magic string */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)magic,strlen(magic)); - - /* Then the raw salt */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)sp,sl); - - /* Then just as many characters of the MD5(pw,salt,pw) */ - MD5Name(MD5Init)(&ctx1); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Final)(final,&ctx1); - for (pl = strlen(pw); pl > 0; pl -= 16) - MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl); - - /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); - - /* Then something really weird... */ - for (j = 0, i = strlen(pw); i; i >>= 1) - if (i & 1) - MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1); - else - MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1); - - /* Now make the output string */ - strcpy(passwd, magic); - strncat(passwd, sp, sl); - strcat(passwd, "$"); - - MD5Name(MD5Final)(final,&ctx); - - /* - * and now, just to make sure things don't run too fast - * On a 60 Mhz Pentium this takes 34 msec, so you would - * need 30 seconds to build a 1000 entry dictionary... - */ - for (i = 0; i < 1000; i++) { - MD5Name(MD5Init)(&ctx1); - if (i & 1) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - else - MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); - - if (i % 3) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); - - if (i % 7) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - - if (i & 1) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); - else - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Final)(final,&ctx1); - } - - p = passwd + strlen(passwd); - - l = (final[0] << 16) | (final[6] << 8) | final[12]; - to64(p, l, 4); - p += 4; - l = (final[1] << 16) | (final[7] << 8) | final[13]; - to64(p, l, 4); - p += 4; - l = (final[2] << 16) | (final[8] << 8) | final[14]; - to64(p, l, 4); - p += 4; - l = (final[3] << 16) | (final[9] << 8) | final[15]; - to64(p, l, 4); - p += 4; - l = (final[4] << 16) | (final[10] << 8) | final[5]; - to64(p, l, 4); - p += 4; - l = final[11]; - to64(p, l, 2); - p += 2; - *p = '\0'; - - /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); - - return passwd; -} diff --git a/pam_pwdfile.c b/pam_pwdfile.c index bebbeea..1ea4a06 100644 --- a/pam_pwdfile.c +++ b/pam_pwdfile.c @@ -68,9 +68,6 @@ #include <security/pam_modules.h> #include <security/pam_ext.h> -#include "md5.h" -#include "bigcrypt.h" - static int lock_fd(int fd) { int delay; @@ -101,7 +98,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, FILE *pwdfile; int use_flock = 0; int use_delay = 1; - int legacy_crypt = 0; int debug = 0; char * linebuf = NULL; size_t linebuflen; @@ -123,8 +119,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, use_delay = 0; else if (!strcmp(argv[i], "debug")) debug = 1; - else if (!strcmp(argv[i], "legacy_crypt")) - legacy_crypt = 1; } #ifdef HAVE_PAM_FAIL_DELAY @@ -211,13 +205,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, return PAM_AUTH_ERR; } - if (legacy_crypt && strcmp(crypted_password, stored_crypted_password)) { - if (!strncmp(stored_crypted_password, "$1$", 3)) - crypted_password = Brokencrypt_md5(password, stored_crypted_password); - else - crypted_password = bigcrypt(password, stored_crypted_password); - } - if (strcmp(crypted_password, stored_crypted_password)) { pam_syslog(pamh, LOG_NOTICE, "wrong password for user %s", name); free(linebuf); |