summaryrefslogtreecommitdiffstats
path: root/crypto/openssl/apps/passwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/apps/passwd.c')
-rw-r--r--crypto/openssl/apps/passwd.c93
1 files changed, 50 insertions, 43 deletions
diff --git a/crypto/openssl/apps/passwd.c b/crypto/openssl/apps/passwd.c
index ea2b089..3ad91d8 100644
--- a/crypto/openssl/apps/passwd.c
+++ b/crypto/openssl/apps/passwd.c
@@ -1,10 +1,10 @@
/* apps/passwd.c */
-#if defined NO_MD5 || defined CHARSET_EBCDIC
+#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
# define NO_MD5CRYPT_1
#endif
-#if !defined(NO_DES) || !defined(NO_MD5CRYPT_1)
+#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
#include <assert.h>
#include <string.h>
@@ -15,8 +15,7 @@
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
-
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
# include <openssl/des.h>
#endif
#ifndef NO_MD5CRYPT_1
@@ -50,6 +49,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
* -salt string - salt
* -in file - read passwords from file
* -stdin - read passwords from stdin
+ * -noverify - never verify when reading password from terminal
* -quiet - no warnings
* -table - format output as table
* -reverse - switch table columns
@@ -62,6 +62,7 @@ int MAIN(int argc, char **argv)
int ret = 1;
char *infile = NULL;
int in_stdin = 0;
+ int in_noverify = 0;
char *salt = NULL, *passwd = NULL, **passwds = NULL;
char *salt_malloc = NULL, *passwd_malloc = NULL;
size_t passwd_malloc_size = 0;
@@ -77,11 +78,14 @@ int MAIN(int argc, char **argv)
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ if (!load_config(bio_err, NULL))
+ goto err;
out = BIO_new(BIO_s_file());
if (out == NULL)
goto err;
BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef VMS
+#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
@@ -128,6 +132,8 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
+ else if (strcmp(argv[i], "-noverify") == 0)
+ in_noverify = 1;
else if (strcmp(argv[i], "-quiet") == 0)
quiet = 1;
else if (strcmp(argv[i], "-table") == 0)
@@ -153,7 +159,7 @@ int MAIN(int argc, char **argv)
badopt = 1;
/* reject unsupported algorithms */
-#ifdef NO_DES
+#ifdef OPENSSL_NO_DES
if (usecrypt) badopt = 1;
#endif
#ifdef NO_MD5CRYPT_1
@@ -164,7 +170,7 @@ int MAIN(int argc, char **argv)
{
BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
BIO_printf(bio_err, "where options are\n");
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n");
#endif
#ifndef NO_MD5CRYPT_1
@@ -174,6 +180,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-salt string use provided salt\n");
BIO_printf(bio_err, "-in file read passwords from file\n");
BIO_printf(bio_err, "-stdin read passwords from stdin\n");
+ BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n");
BIO_printf(bio_err, "-quiet no warnings\n");
BIO_printf(bio_err, "-table format output as table\n");
BIO_printf(bio_err, "-reverse switch table columns\n");
@@ -222,7 +229,7 @@ int MAIN(int argc, char **argv)
passwds = passwds_static;
if (in == NULL)
- if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", 0) != 0)
+ if (EVP_read_pw_string(passwd_malloc, passwd_malloc_size, "Password: ", !(passed_salt || in_noverify)) != 0)
goto err;
passwds[0] = passwd_malloc;
}
@@ -284,7 +291,8 @@ err:
BIO_free(in);
if (out)
BIO_free_all(out);
- EXIT(ret);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
}
@@ -305,7 +313,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
unsigned char buf[MD5_DIGEST_LENGTH];
char *salt_out;
int n, i;
- MD5_CTX md;
+ EVP_MD_CTX md,md2;
size_t passwd_len, salt_len;
passwd_len = strlen(passwd);
@@ -320,49 +328,47 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
salt_len = strlen(salt_out);
assert(salt_len <= 8);
- MD5_Init(&md);
- MD5_Update(&md, passwd, passwd_len);
- MD5_Update(&md, "$", 1);
- MD5_Update(&md, magic, strlen(magic));
- MD5_Update(&md, "$", 1);
- MD5_Update(&md, salt_out, salt_len);
+ EVP_MD_CTX_init(&md);
+ EVP_DigestInit_ex(&md,EVP_md5(), NULL);
+ EVP_DigestUpdate(&md, passwd, passwd_len);
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, magic, strlen(magic));
+ EVP_DigestUpdate(&md, "$", 1);
+ EVP_DigestUpdate(&md, salt_out, salt_len);
- {
- MD5_CTX md2;
+ EVP_MD_CTX_init(&md2);
+ EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestFinal_ex(&md2, buf, NULL);
- MD5_Init(&md2);
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Update(&md2, salt_out, salt_len);
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Final(buf, &md2);
- }
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- MD5_Update(&md, buf, sizeof buf);
- MD5_Update(&md, buf, i);
+ EVP_DigestUpdate(&md, buf, sizeof buf);
+ EVP_DigestUpdate(&md, buf, i);
n = passwd_len;
while (n)
{
- MD5_Update(&md, (n & 1) ? "\0" : passwd, 1);
+ EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
n >>= 1;
}
- MD5_Final(buf, &md);
+ EVP_DigestFinal_ex(&md, buf, NULL);
for (i = 0; i < 1000; i++)
{
- MD5_CTX md2;
-
- MD5_Init(&md2);
- MD5_Update(&md2, (i & 1) ? (unsigned char *) passwd : buf,
- (i & 1) ? passwd_len : sizeof buf);
+ EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
+ EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+ (i & 1) ? passwd_len : sizeof buf);
if (i % 3)
- MD5_Update(&md2, salt_out, salt_len);
+ EVP_DigestUpdate(&md2, salt_out, salt_len);
if (i % 7)
- MD5_Update(&md2, passwd, passwd_len);
- MD5_Update(&md2, (i & 1) ? buf : (unsigned char *) passwd,
- (i & 1) ? sizeof buf : passwd_len);
- MD5_Final(buf, &md2);
+ EVP_DigestUpdate(&md2, passwd, passwd_len);
+ EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+ (i & 1) ? sizeof buf : passwd_len);
+ EVP_DigestFinal_ex(&md2, buf, NULL);
}
+ EVP_MD_CTX_cleanup(&md2);
{
/* transform buf into output string */
@@ -400,6 +406,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
*output = 0;
assert(strlen(out_buf) < sizeof(out_buf));
}
+ EVP_MD_CTX_cleanup(&md);
return out_buf;
}
@@ -418,7 +425,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
/* first make sure we have a salt */
if (!passed_salt)
{
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
if (usecrypt)
{
if (*salt_malloc_p == NULL)
@@ -437,7 +444,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
* back to ASCII */
#endif
}
-#endif /* !NO_DES */
+#endif /* !OPENSSL_NO_DES */
#ifndef NO_MD5CRYPT_1
if (use1 || useapr1)
@@ -472,9 +479,9 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
assert(strlen(passwd) <= pw_maxlen);
/* now compute password hash */
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
if (usecrypt)
- hash = des_crypt(passwd, *salt_p);
+ hash = DES_crypt(passwd, *salt_p);
#endif
#ifndef NO_MD5CRYPT_1
if (use1 || useapr1)
@@ -498,6 +505,6 @@ err:
int MAIN(int argc, char **argv)
{
fputs("Program not available.\n", stderr)
- EXIT(1);
+ OPENSSL_EXIT(1);
}
#endif
OpenPOWER on IntegriCloud