Big code cleanup. (Inspired by Brandon Gillespie). Also move as

much as possible away from secure/ to make extending easier.

1 files changed, 34 insertions, 142 deletions

diff --git a/lib/libcrypt/crypt.c b/lib/libcrypt/crypt.c
index cf54cd5..8172504 100644
--- a/lib/libcrypt/crypt.c
+++ b/lib/libcrypt/crypt.c
@@ -1,10 +1,27 @@
 /*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
+ * Copyright (c) 1999
+ *      Mark Murray.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL MARK MURRAY OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
  *
  * $FreeBSD$
  *
@@ -14,144 +31,19 @@
 static char rcsid[] = "$FreeBSD$";
 #endif /* LIBC_SCCS and not lint */
 
-#include <unistd.h>
-#include <stdio.h>
-#include <string.h>
-#include <md5.h>
 #include <string.h>
-
-static unsigned char itoa64[] =		/* 0 ... 63 => ascii - 64 */
-	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-static void to64 __P((char *, unsigned long, int));
-
-static void
-to64(s, v, n)
-	char *s;
-	unsigned long v;
-	int n;
-{
-static void to64 __P((char *, unsigned long, int));
-
-	while (--n >= 0) {
-		*s++ = itoa64[v&0x3f];
-		v >>= 6;
-	}
-}
-
-/*
- * UNIX password
- *
- * Use MD5 for what it is best at...
- */
+#include "crypt.h"
 
 char *
-crypt(pw, salt)
-	register const char *pw;
-	register const char *salt;
+crypt(char *passwd, char *salt)
 {
-	static char	*magic = "$1$";	/*
-						 * This string is magic for
-						 * this algorithm.  Having
-						 * it this way, we can get
-						 * get better later on
-						 */
-	static char     passwd[120], *p;
-	static const char *sp,*ep;
-	unsigned char	final[16];
-	int sl,pl,i,j;
-	MD5_CTX	ctx,ctx1;
-	unsigned long l;
-
-	/* Refine the Salt first */
-	sp = salt;
-
-	/* If it starts with the magic string, then skip that */
-	if(!strncmp(sp,magic,strlen(magic)))
-		sp += strlen(magic);
-
-	/* It stops at the first '$', max 8 chars */
-	for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
-		continue;
-
-	/* get the length of the true salt */
-	sl = ep - sp;
-
-	MD5Init(&ctx);
-
-	/* The password first, since that is what is most unknown */
-	MD5Update(&ctx,pw,strlen(pw));
-
-	/* Then our magic string */
-	MD5Update(&ctx,magic,strlen(magic));
-
-	/* Then the raw salt */
-	MD5Update(&ctx,sp,sl);
-
-	/* Then just as many characters of the MD5(pw,salt,pw) */
-	MD5Init(&ctx1);
-	MD5Update(&ctx1,pw,strlen(pw));
-	MD5Update(&ctx1,sp,sl);
-	MD5Update(&ctx1,pw,strlen(pw));
-	MD5Final(final,&ctx1);
-	for(pl = strlen(pw); pl > 0; pl -= 16)
-		MD5Update(&ctx,final,pl>16 ? 16 : pl);
-
-	/* Don't leave anything around in vm they could use. */
-	memset(final,0,sizeof final);
-
-	/* Then something really weird... */
-	for (i = strlen(pw); i ; i >>= 1)
-		if(i&1)
-		    MD5Update(&ctx, final, 1);
-		else
-		    MD5Update(&ctx, pw, 1);
-
-	/* Now make the output string */
-	strcpy(passwd,magic);
-	strncat(passwd,sp,sl);
-	strcat(passwd,"$");
-
-	MD5Final(final,&ctx);
-
-	/*
-	 * and now, just to make sure things don't run too fast
-	 * On a 60 Mhz Pentium this takes 34 msec, so you would
-	 * need 30 seconds to build a 1000 entry dictionary...
-	 */
-	for(i=0;i<1000;i++) {
-		MD5Init(&ctx1);
-		if(i & 1)
-			MD5Update(&ctx1,pw,strlen(pw));
-		else
-			MD5Update(&ctx1,final,16);
-
-		if(i % 3)
-			MD5Update(&ctx1,sp,sl);
-
-		if(i % 7)
-			MD5Update(&ctx1,pw,strlen(pw));
-
-		if(i & 1)
-			MD5Update(&ctx1,final,16);
-		else
-			MD5Update(&ctx1,pw,strlen(pw));
-		MD5Final(final,&ctx1);
-	}
-
-	p = passwd + strlen(passwd);
-
-	l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
-	l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
-	l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
-	l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
-	l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
-	l =                    final[11]                ; to64(p,l,2); p += 2;
-	*p = '\0';
-
-	/* Don't leave anything around in vm they could use. */
-	memset(final,0,sizeof final);
-
-	return passwd;
+	if (!strncmp(salt, "$1$", 3))
+		return crypt_md5(passwd, salt);
+	if (!strncmp(salt, "$3$", 3))
+		return crypt_sha(passwd, salt);
+#ifdef NONEXPORTABLE_CRYPT
+	return crypt_des(passwd, salt);
+#else
+	return NULL;
+#endif
 }
-