Re: [PATCH] chpasswd: support -c argument and respect DEFAULT_PASSWD_ALGO

Tue, 22 Dec 2015 05:31:08 -0800 


On 12/18/2015 07:00 PM, Denys Vlasenko wrote:

On Fri, Dec 18, 2015 at 2:45 PM, Pascal Bach <[email protected]> wrote:

  int chpasswd_main(int argc UNUSED_PARAM, char **argv)
  {
         char *name;
+       char *algo = CONFIG_FEATURE_DEFAULT_PASSWD_ALGO;


It warns here.


         int opt;

         if (getuid() != 0)
                 bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);

-       opt_complementary = "m--e:e--m";
+       opt_complementary = "m--ec:e--mc:c--em";
         IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
-       opt = getopt32(argv, "em");
+       opt = getopt32(argv, "emc:", &algo);

         while ((name = xmalloc_fgetline(stdin)) != NULL) {
                 char *free_me;
@@ -77,15 +79,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)

                 free_me = NULL;
                 if (!(opt & OPT_ENC)) {
-                       char salt[sizeof("$N$XXXXXXXX")];
+                       char salt[MAX_PW_SALT_LEN];

-                       crypt_make_salt(salt, 1);
                         if (opt & OPT_MD5) {
-                               salt[0] = '$';
-                               salt[1] = '1';
-                               salt[2] = '$';
-                               crypt_make_salt(salt + 3, 4);
+                               /* Force MD5 if the -m flag is set */
+                               algo = "md5";
                         }
+
+                       crypt_make_pw_salt(salt, algo);


crypt_make_pw_salt() accepts lowercase algos, such as "md5".
chpasswd examples I googled use uppercase: "MD5".
So, this won't be compatible.


                         free_me = pass = pw_encrypt(pass, salt, 0);
                 }

Hi,

maybe we could change crypt_make_salt to accept lowercase and uppercase 
algo arguments to keep compatibility with both ways, e.g:


 diff -uNp libbb/pw_encrypt.c.orig libbb/pw_encrypt.c
--- libbb/pw_encrypt.c.orig     2015-03-14 14:39:57.000000000 +0100
+++ libbb/pw_encrypt.c  2015-12-22 14:03:11.645788040 +0100
@@ -52,14 +52,14 @@ char* FAST_FUNC crypt_make_pw_salt(char
 {
        int len = 2/2;
        char *salt_ptr = salt;
-       if (algo[0] != 'd') { /* not des */
+       if (algo[0] != 'd' && algo[0] != 'D') { /* not des */
                len = 8/2; /* so far assuming md5 */
                *salt_ptr++ = '$';
                *salt_ptr++ = '1';
                *salt_ptr++ = '$';
 #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
-               if (algo[0] == 's') { /* sha */
-                       salt[1] = '5' + (strcmp(algo, "sha512") == 0);
+               if (algo[0] == 's' && algo[0] == 'S') { /* sha */
+                       salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
                        len = 16/2;
                }
 #endif


Only compile tested. Just my 2 cents.

Ciao,
Tito
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox






















					Reply via email to