From 6c73aaff38819533c55aecc53487d53521915e91 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sun, 15 Jan 2017 21:48:31 +0100 Subject: cryptpw: support "rounds=NNNNNNN$" thing in salts Signed-off-by: Denys Vlasenko --- loginutils/cryptpw.c | 6 ++++-- testsuite/cryptpw.tests | 28 ++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 2 deletions(-) create mode 100755 testsuite/cryptpw.tests diff --git a/loginutils/cryptpw.c b/loginutils/cryptpw.c index 9f5f406..d630231 100644 --- a/loginutils/cryptpw.c +++ b/loginutils/cryptpw.c @@ -35,7 +35,7 @@ //usage: "[OPTIONS] [PASSWORD] [SALT]" /* We do support -s, we just don't mention it */ //usage:#define cryptpw_full_usage "\n\n" -//usage: "Crypt PASSWORD using crypt(3)\n" +//usage: "Print crypt(3) hashed PASSWORD\n" //usage: IF_LONG_OPTS( //usage: "\n -P,--password-fd=N Read password from fd N" /* //usage: "\n -s,--stdin Use stdin; like -P0" */ @@ -92,7 +92,8 @@ to cryptpw. -a option (alias for -m) came from cryptpw. int cryptpw_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int cryptpw_main(int argc UNUSED_PARAM, char **argv) { - char salt[MAX_PW_SALT_LEN]; + /* Supports: cryptpw -m sha256 PASS 'rounds=999999999$SALT' */ + char salt[MAX_PW_SALT_LEN + sizeof("rounds=999999999$")]; char *salt_ptr; char *password; const char *opt_m, *opt_S; @@ -122,6 +123,7 @@ int cryptpw_main(int argc UNUSED_PARAM, char **argv) salt_ptr = crypt_make_pw_salt(salt, opt_m); if (opt_S) + /* put user's data after the "$N$" prefix */ safe_strncpy(salt_ptr, opt_S, sizeof(salt) - (sizeof("$N$")-1)); xmove_fd(fd, STDIN_FILENO); diff --git a/testsuite/cryptpw.tests b/testsuite/cryptpw.tests new file mode 100755 index 0000000..8ec476c --- /dev/null +++ b/testsuite/cryptpw.tests @@ -0,0 +1,28 @@ +#!/bin/sh + +# Copyright 2017 by Denys Vlasenko +# Licensed under GPLv2, see file LICENSE in this source tree. + +. ./testing.sh + +# testing "description" "command" "result" "infile" "stdin" + +optional USE_BB_CRYPT_SHA +testing "cryptpw sha256" \ + "cryptpw -m sha256 QWErty '123456789012345678901234567890'" \ + '$5$1234567890123456$5DxfOCmU4vRhtzfsbdK.6wSGMwwVbac7ZkWwusb8Si7\n' "" "" + +testing "cryptpw sha256 rounds=99999" \ + "cryptpw -m sha256 QWErty 'rounds=99999\$123456789012345678901234567890'" \ + '$5$rounds=99999$1234567890123456$aYellycJGZM6AKyVzaQsSrDBdTixubtMnM6J.MN0xM8\n' "" "" + +testing "cryptpw sha512" \ + "cryptpw -m sha512 QWErty '123456789012345678901234567890'" \ + '$6$1234567890123456$KB7QqxFyqmJSWyQYcCuGeFukgz1bPQoipWZf7.9L7z3k8UNTXa6UikbKcUGDc2ANn7DOGmDaroxDgpK16w/RE0\n' "" "" + +testing "cryptpw sha512 rounds=99999" \ + "cryptpw -m sha512 QWErty 'rounds=99999\$123456789012345678901234567890'" \ + '$6$rounds=99999$1234567890123456$BfF6gD6ZjUmwawH5QaAglYAxtU./yvsz0fcQ464l49aMI2DZW3j5ri28CrxK7riPWNpLuUpfaIdY751SBYKUH.\n' "" "" +SKIP= + +exit $FAILCOUNT -- cgit v1.1