[Pkg-shadow-commits] r1429 - in upstream/trunk: . lib libmisc src

[nekral-guest at alioth.debian.org]

Author: nekral-guest
Date: 2007-11-20 20:00:16 +0000 (Tue, 20 Nov 2007)
New Revision: 1429

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/lib/encrypt.c
   upstream/trunk/libmisc/obscure.c
   upstream/trunk/libmisc/salt.c
   upstream/trunk/src/chgpasswd.c
   upstream/trunk/src/chpasswd.c
   upstream/trunk/src/gpasswd.c
   upstream/trunk/src/passwd.c
Log:
* libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
  SHA256, and SHA512 exactly (not only the first 3/6 chars).
* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
  prefered_rounds value, if specified.
* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
  size_t for lengths).
* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/ChangeLog	2007-11-20 20:00:16 UTC (rev 1429)
@@ -1,5 +1,15 @@
 2007-11-20  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
+	SHA256, and SHA512 exactly (not only the first 3/6 chars).
+	* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
+	prefered_rounds value, if specified.
+	* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
+	size_t for lengths).
+	* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
+
+2007-11-20  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* man/sv, man/de, man/fr, man/pl, man/ru, man/it: Ignore the
 	generated manpages. Add *.[1358] to the svn:ignore property.
 

Modified: upstream/trunk/lib/encrypt.c
===================================================================
--- upstream/trunk/lib/encrypt.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/lib/encrypt.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -49,6 +49,29 @@
 		perror ("crypt");
 		exit (1);
 	}
+	if (salt && salt[0] == '$' && strlen (cp) <= 13)
+	{
+		/* The crypt algorithm was not recognized by libcrypt */
+		char *method = "$1$";
+		switch (salt[1])
+		{
+			case '1':
+				method = "MD5";
+				break;
+			case '5':
+				method = "SHA256";
+				break;
+			case '6':
+				method = "SHA512";
+				break;
+			default:
+				method[1] = salt[1];
+		}
+		fprintf (stderr,
+			 _("Unknown crypt method (%s)\n"),
+			  method);
+		exit (1);
+	}
 	if (strlen (cp) != 13)
 		return cp;	/* nonstandard crypt() in libc, better bail out */
 	strcpy (cipher, cp);

Modified: upstream/trunk/libmisc/obscure.c
===================================================================
--- upstream/trunk/libmisc/obscure.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/libmisc/obscure.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -245,9 +245,9 @@
 #ifdef ENCRYPTMETHOD_SELECT
 	} else {
 
-		if (!strncmp (result, "MD5"   , 3) ||
-		    !strncmp (result, "SHA256", 6) ||
-		    !strncmp (result, "SHA512", 6))
+		if (!strcmp (result, "MD5") ||
+		    !strcmp (result, "SHA256") ||
+		    !strcmp (result, "SHA512"))
 			return NULL;
 
 	}

Modified: upstream/trunk/libmisc/salt.c
===================================================================
--- upstream/trunk/libmisc/salt.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/libmisc/salt.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -111,6 +111,8 @@
 		         (double)rand () * (max_rounds-min_rounds+1)/RAND_MAX;
 	} else if (0 == *prefered_rounds)
 		return "";
+	else
+		rounds = *prefered_rounds;
 
 	/* Sanity checks. The libc should also check this, but this
 	 * protects against a rounds_prefix overflow. */
@@ -156,7 +158,7 @@
 	 *  +1		\0
 	 */
 	static char result[40];
-	int max_salt_len = 8;
+	size_t max_salt_len = 8;
 	char *method = "DES";
 
 	result[0] = '\0';
@@ -170,20 +172,20 @@
 		if (getdef_bool ("MD5_CRYPT_ENAB"))
 			method = "MD5";
 
-	if (!strncmp (method, "MD5", 3)) {
+	if (!strcmp (method, "MD5")) {
 		MAGNUM(result, '1');
 		max_salt_len = 11;
 #ifdef ENCRYPTMETHOD_SELECT
-	} else if (!strncmp (method, "SHA256", 6)) {
+	} else if (!strcmp (method, "SHA256")) {
 		MAGNUM(result, '5');
 		strcat(result, SHA_salt_rounds((int *)arg));
 		max_salt_len = strlen(result) + SHA_salt_size();
-	} else if (!strncmp (method, "SHA512", 6)) {
+	} else if (!strcmp (method, "SHA512")) {
 		MAGNUM(result, '6');
 		strcat(result, SHA_salt_rounds((int *)arg));
 		max_salt_len = strlen(result) + SHA_salt_size();
 #endif
-	} else if (0 != strncmp (method, "DES", 3)) {
+	} else if (0 != strcmp (method, "DES")) {
 		fprintf (stderr,
 			 _("Invalid ENCRYPT_METHOD value: '%s'.\n"
 			   "Defaulting to DES.\n"),

Modified: upstream/trunk/src/chgpasswd.c
===================================================================
--- upstream/trunk/src/chgpasswd.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/src/chgpasswd.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -185,7 +185,7 @@
 		usage ();
 	}
 	if ((eflg && (md5flg || cflg)) ||
-	    md5flg && cflg) {
+	    (md5flg && cflg)) {
 		fprintf (stderr,
 			 _("%s: the -c, -e, and -m flags are exclusive\n"),
 			 Prog);

Modified: upstream/trunk/src/chpasswd.c
===================================================================
--- upstream/trunk/src/chpasswd.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/src/chpasswd.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -179,7 +179,7 @@
 		usage ();
 	}
 	if ((eflg && (md5flg || cflg)) ||
-	    md5flg && cflg) {
+	    (md5flg && cflg)) {
 		fprintf (stderr,
 			 _("%s: the -c, -e, and -m flags are exclusive\n"),
 			 Prog);

Modified: upstream/trunk/src/gpasswd.c
===================================================================
--- upstream/trunk/src/gpasswd.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/src/gpasswd.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -121,7 +121,7 @@
 	const char *start, *end;
 	char username[32];
 	int errors = 0;
-	int len;
+	size_t len;
 
 	for (start = users; start && *start; start = end) {
 		if ((end = strchr (start, ','))) {

Modified: upstream/trunk/src/passwd.c
===================================================================
--- upstream/trunk/src/passwd.c	2007-11-20 19:15:34 UTC (rev 1428)
+++ upstream/trunk/src/passwd.c	2007-11-20 20:00:16 UTC (rev 1429)
@@ -251,9 +251,9 @@
 			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
 #ifdef ENCRYPTMETHOD_SELECT
 	} else {
-		if (!strncmp (method, "MD5"   , 3) ||
-		    !strncmp (method, "SHA256", 6) ||
-		    !strncmp (method, "SHA512", 6))
+		if (!strcmp (method, "MD5") ||
+		    !strcmp (method, "SHA256") ||
+		    !strcmp (method, "SHA512"))
 			pass_max_len = -1;
 		else
 			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);