From 4ea83bf562c44a6792e7c77e7d87cba91f86f763 Mon Sep 17 00:00:00 2001 From: Denis Vlasenko Date: Thu, 12 Jun 2008 16:55:59 +0000 Subject: uclibc insists on having 70k static buffer for crypt. For bbox it's not acceptable. Roll our own des and md5 crypt implementation. Against older uclibc: text data bss dec hex filename 759945 604 6684 767233 bb501 busybox_old 759766 604 6684 767054 bb44e busybox_unstripped so, we still save on code size. --- loginutils/chpasswd.c | 2 +- loginutils/cryptpw.c | 32 +++++++++++++++++++++++++++++++- loginutils/passwd.c | 4 ++-- loginutils/sulogin.c | 2 +- 4 files changed, 35 insertions(+), 5 deletions(-) (limited to 'loginutils') diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c index 5dc7a9bf0..230ab0fc9 100644 --- a/loginutils/chpasswd.c +++ b/loginutils/chpasswd.c @@ -47,7 +47,7 @@ int chpasswd_main(int argc ATTRIBUTE_UNUSED, char **argv) strcpy(salt, "$1$"); rnd = crypt_make_salt(salt + 3, 4, rnd); } - pass = pw_encrypt(pass, salt); + pass = pw_encrypt(pass, salt, 0); } /* This is rather complex: if user is not found in /etc/shadow, diff --git a/loginutils/cryptpw.c b/loginutils/cryptpw.c index 68f5e8074..1acbc6db0 100644 --- a/loginutils/cryptpw.c +++ b/loginutils/cryptpw.c @@ -7,6 +7,30 @@ #include "libbb.h" +#define TESTING 0 + +/* +set TESTING to 1 and pipe some file through this script +if you played with bbox's crypt implementation. + +while read line; do + n=`./busybox cryptpw -a des -- "$line"` + o=`./busybox_old cryptpw -a des -- "$line"` + test "$n" != "$o" && { + echo n="$n" + echo o="$o" + exit + } + n=`./busybox cryptpw -- "$line"` + o=`./busybox_old cryptpw -- "$line"` + test "$n" != "$o" && { + echo n="$n" + echo o="$o" + exit + } +done + */ + int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int cryptpw_main(int argc ATTRIBUTE_UNUSED, char **argv) { @@ -18,11 +42,17 @@ int cryptpw_main(int argc ATTRIBUTE_UNUSED, char **argv) //((uint32_t*)&salt)[0] = '$' + '1'*0x100 + '$'*0x10000; /* Hope one day gcc will do it itself (inlining strcpy) */ crypt_make_salt(salt + 3, 4, 0); /* md5 */ +#if TESTING + strcpy(salt + 3, "ajg./bcf"); +#endif } else { crypt_make_salt(salt, 1, 0); /* des */ +#if TESTING + strcpy(salt, "a."); +#endif } - puts(pw_encrypt(argv[optind] ? argv[optind] : xmalloc_fgetline(stdin), salt)); + puts(pw_encrypt(argv[optind] ? argv[optind] : xmalloc_fgetline(stdin), salt, 1)); return 0; } diff --git a/loginutils/passwd.c b/loginutils/passwd.c index 3353db1fa..fad226c00 100644 --- a/loginutils/passwd.c +++ b/loginutils/passwd.c @@ -24,7 +24,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo) orig = bb_askpass(0, "Old password:"); /* returns ptr to static */ if (!orig) goto err_ret; - cipher = pw_encrypt(orig, pw->pw_passwd); /* returns ptr to static */ + cipher = pw_encrypt(orig, pw->pw_passwd, 1); /* returns ptr to static */ if (strcmp(cipher, pw->pw_passwd) != 0) { syslog(LOG_WARNING, "incorrect password for '%s'", pw->pw_name); @@ -56,7 +56,7 @@ static char* new_password(const struct passwd *pw, uid_t myuid, int algo) crypt_make_salt(salt + 3, 4, 0); } /* pw_encrypt returns ptr to static */ - ret = xstrdup(pw_encrypt(newp, salt)); + ret = xstrdup(pw_encrypt(newp, salt, 1)); /* whee, success! */ err_ret: diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index 17bb15efa..f52ce8a95 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c @@ -81,7 +81,7 @@ int sulogin_main(int argc ATTRIBUTE_UNUSED, char **argv) bb_info_msg("Normal startup"); return 0; } - if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) { + if (strcmp(pw_encrypt(cp, pwd->pw_passwd, 1), pwd->pw_passwd) == 0) { break; } bb_do_delay(FAIL_DELAY); -- cgit v1.2.3