From 6ae58cad4524c6ade0d4b618bb5e82201f9d502d Mon Sep 17 00:00:00 2001 From: tedu <> Date: Wed, 24 Dec 2014 22:10:34 +0000 Subject: [PATCH] simplify crypt_checkpass. The API promise is that this function doesn't use global data. The simplest fix is to only check blowfish passwords, and implicitly lock out DES passwords. crypt_checkpass is currently only used in one place, passwd, to verify the local user's password, so this is probably acceptable. Gives people a little more time to migrate away from DES before introduing checkpass into more places. --- src/lib/libc/crypt/cryptutil.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/src/lib/libc/crypt/cryptutil.c b/src/lib/libc/crypt/cryptutil.c index ca8be8fa..f1012405 100644 --- a/src/lib/libc/crypt/cryptutil.c +++ b/src/lib/libc/crypt/cryptutil.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptutil.c,v 1.5 2014/11/24 21:36:35 tedu Exp $ */ +/* $OpenBSD: cryptutil.c,v 1.6 2014/12/24 22:10:34 tedu Exp $ */ /* * Copyright (c) 2014 Ted Unangst * @@ -29,8 +29,7 @@ crypt_checkpass(const char *pass, const char *goodhash) if (goodhash == NULL) { /* fake it */ - bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); - goto fail; + goto fake; } /* empty password */ @@ -43,14 +42,9 @@ crypt_checkpass(const char *pass, const char *goodhash) return 0; } - /* have to do it the hard way */ - res = crypt(pass, goodhash); - if (res == NULL || strlen(res) != strlen(goodhash) || - timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) { - goto fail; - } - - return 0; + /* unsupported. fake it. */ +fake: + bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); fail: errno = EACCES; return -1;