On 12/18/2015 07:00 PM, Denys Vlasenko wrote:
On Fri, Dec 18, 2015 at 2:45 PM, Pascal Bach <[email protected]> wrote:
int chpasswd_main(int argc UNUSED_PARAM, char **argv)
{
char *name;
+ char *algo = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;
It warns here.
int opt;
if (getuid() != 0)
bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
- opt_complementary = "m--e:e--m";
+ opt_complementary = "m--ec:e--mc:c--em";
IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
- opt = getopt32(argv, "em");
+ opt = getopt32(argv, "emc:", &algo);
while ((name = xmalloc_fgetline(stdin)) != NULL) {
char *free_me;
@@ -77,15 +79,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
free_me = NULL;
if (!(opt & OPT_ENC)) {
- char salt[sizeof("$N$XXXXXXXX")];
+ char salt[MAX_PW_SALT_LEN];
- crypt_make_salt(salt, 1);
if (opt & OPT_MD5) {
- salt[0] = '$';
- salt[1] = '1';
- salt[2] = '$';
- crypt_make_salt(salt + 3, 4);
+ /* Force MD5 if the -m flag is set */
+ algo = "md5";
}
+
+ crypt_make_pw_salt(salt, algo);
crypt_make_pw_salt() accepts lowercase algos, such as "md5".
chpasswd examples I googled use uppercase: "MD5".
So, this won't be compatible.
free_me = pass = pw_encrypt(pass, salt, 0);
}
Hi,
maybe we could change crypt_make_salt to accept lowercase and uppercase
algo arguments to keep compatibility with both ways, e.g:
diff -uNp libbb/pw_encrypt.c.orig libbb/pw_encrypt.c
--- libbb/pw_encrypt.c.orig 2015-03-14 14:39:57.000000000 +0100
+++ libbb/pw_encrypt.c 2015-12-22 14:03:11.645788040 +0100
@@ -52,14 +52,14 @@ char* FAST_FUNC crypt_make_pw_salt(char
{
int len = 2/2;
char *salt_ptr = salt;
- if (algo[0] != 'd') { /* not des */
+ if (algo[0] != 'd' && algo[0] != 'D') { /* not des */
len = 8/2; /* so far assuming md5 */
*salt_ptr++ = '$';
*salt_ptr++ = '1';
*salt_ptr++ = '$';
#if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
- if (algo[0] == 's') { /* sha */
- salt[1] = '5' + (strcmp(algo, "sha512") == 0);
+ if (algo[0] == 's' && algo[0] == 'S') { /* sha */
+ salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
len = 16/2;
}
#endif
Only compile tested. Just my 2 cents.
Ciao,
Tito
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox