Remove some more of the crypt() calls in login_chpass.
Index: login_chpass/Makefile
===================================================================
RCS file: /cvs/src/libexec/login_chpass/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- login_chpass/Makefile 22 Apr 2014 10:21:56 -0000 1.7
+++ login_chpass/Makefile 14 Oct 2015 19:39:03 -0000
@@ -13,7 +13,7 @@ CFLAGS+=-Wall
.if (${YP:L} == "yes")
CFLAGS+=-DYP
-SRCS+= yp_passwd.c pwd_check.c pwd_gensalt.c
+SRCS+= yp_passwd.c pwd_check.c
DPADD+= ${LIBRPCSVC} ${LIBUTIL}
LDADD+= -lrpcsvc -lutil
.endif
Index: login_chpass/login_chpass.c
===================================================================
RCS file: /cvs/src/libexec/login_chpass/login_chpass.c,v
retrieving revision 1.16
diff -u -p -r1.16 login_chpass.c
--- login_chpass/login_chpass.c 4 Dec 2012 02:24:47 -0000 1.16
+++ login_chpass/login_chpass.c 14 Oct 2015 19:38:31 -0000
@@ -199,16 +199,11 @@ yp_chpass(char *username)
}
}
if (pw == NULL) {
- char *p, salt[_PASSWORD_LEN + 1];
- login_cap_t *lc;
-
- /* no such user, get appropriate salt to thwart timing attack */
+ char *p;
+ /* no such user, but fake to thwart timing attack */
if ((p = getpass("Old password:")) != NULL) {
- if ((lc = login_getclass(NULL)) == NULL ||
- pwd_gensalt(salt, sizeof(salt), lc, 'y') == 0)
- strlcpy(salt, "xx", sizeof(salt));
- crypt(p, salt);
- memset(p, 0, strlen(p));
+ crypt_checkpass(p, NULL);
+ explicit_bzero(p, strlen(p));
}
warnx("YP passwd database unchanged.");
exit(1);
Index: login_lchpass/Makefile
===================================================================
RCS file: /cvs/src/libexec/login_lchpass/Makefile,v
retrieving revision 1.3
diff -u -p -r1.3 Makefile
--- login_lchpass/Makefile 19 Jun 2001 16:38:21 -0000 1.3
+++ login_lchpass/Makefile 14 Oct 2015 19:39:16 -0000
@@ -3,7 +3,7 @@
# BSDI $From: Makefile,v 1.2 1997/08/08 18:58:22 prb Exp $
PROG= login_lchpass
-SRCS= login_lchpass.c local_passwd.c pwd_check.c pwd_gensalt.c
+SRCS= login_lchpass.c local_passwd.c pwd_check.c
MAN= login_lchpass.8
.PATH: ${.CURDIR}/../../usr.bin/passwd
Index: login_lchpass/login_lchpass.c
===================================================================
RCS file: /cvs/src/libexec/login_lchpass/login_lchpass.c,v
retrieving revision 1.14
diff -u -p -r1.14 login_lchpass.c
--- login_lchpass/login_lchpass.c 4 Dec 2012 02:24:47 -0000 1.14
+++ login_lchpass/login_lchpass.c 14 Oct 2015 19:39:33 -0000
@@ -63,7 +63,7 @@ main(int argc, char *argv[])
login_cap_t *lc;
struct iovec iov[2];
struct passwd *pwd;
- char *username = NULL, *salt, *p, saltbuf[_PASSWORD_LEN + 1];
+ char *username = NULL, *hash = NULL, *p;
struct rlimit rl;
int c;
@@ -119,15 +119,7 @@ main(int argc, char *argv[])
}
if (pwd)
- salt = pwd->pw_passwd;
- else {
- /* no such user, get appropriate salt */
- if ((lc = login_getclass(NULL)) == NULL ||
- pwd_gensalt(saltbuf, sizeof(saltbuf), lc, 'l') == 0)
- salt = "xx";
- else
- salt = saltbuf;
- }
+ hash = pwd->pw_passwd;
(void)setpriority(PRIO_PROCESS, 0, -4);
@@ -135,10 +127,11 @@ main(int argc, char *argv[])
if ((p = getpass("Old Password:")) == NULL)
exit(1);
- salt = crypt(p, salt);
- memset(p, 0, strlen(p));
- if (!pwd || strcmp(salt, pwd->pw_passwd) != 0)
+ if (crypt_checkpass(p, hash) != 0) {
+ explicit_bzero(p, strlen(p));
exit(1);
+ }
+ explicit_bzero(p, strlen(p));
/*
* We rely on local_passwd() to block signals during the
