Import Upstream version 0.69.0

[hcoop/debian/courier-authlib.git] / cryptpassword.c

diff --git a/cryptpassword.c b/cryptpassword.c
index a7e88d2..b185e4b 100644 (file)
--- a/cryptpassword.c
+++ b/cryptpassword.c
@@ -1,5 +1,5 @@
 /*
-** Copyright 2001-2002 Double Precision, Inc.  See COPYING for
+** Copyright 2001-2008 Double Precision, Inc.  See COPYING for
 ** distribution information.
 */
 
@@ -14,10 +14,14 @@
 #if    HAVE_CRYPT_H
 #include       <crypt.h>
 #endif
+#if HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
 #include       "auth.h"
-#include       <sys/time.h>
+#include        "md5/md5.h"
+#include       "sha1/sha1.h"
+#include       "random128/random128.h"
 
-static const char rcsid[]="$Id: cryptpassword.c,v 1.8 2005/07/13 00:34:59 mrsam Exp $";
 
 #if HAVE_CRYPT
 #if NEED_CRYPT_PROTOTYPE
@@ -25,37 +29,17 @@ extern char *crypt(const char *, const char *);
 #endif
 #endif
 
-#if    HAVE_MD5LIB
-#include        "md5/md5.h"
-#endif
-
-#if    HAVE_SHA1LIB
-#include       "sha1/sha1.h"
-#endif
-
 static const char crypt_salt[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./";
 
-static const char *crypt_hash(const char *pw)
+static const char *ssha_hash_int(const char *pw)
 {
-       struct timeval tv;
-       char salt[3];
-
-       gettimeofday(&tv, NULL);
-
-       tv.tv_sec |= tv.tv_usec;
-       tv.tv_sec ^= getpid();
-
-       salt[0]=crypt_salt[ tv.tv_sec % 64 ];
+       random128binbuf randbuf;
 
-       tv.tv_sec /= 64;
+       random128_binary(&randbuf);
 
-       salt[1]=crypt_salt[ tv.tv_sec % 64 ];
-       salt[2]=0;
-
-       return (crypt(pw, salt));
+       return ssha_hash(pw, randbuf);
 }
 
-#if    HAVE_MD5LIB
 static const char *crypt_md5_wrapper(const char *pw)
 {
        struct timeval tv;
@@ -79,7 +63,6 @@ static const char *crypt_md5_wrapper(const char *pw)
 
        return (md5_crypt(pw, salt));
 }
-#endif
 
 char *authcryptpasswd(const char *password, const char *encryption_hint)
 {
@@ -88,8 +71,6 @@ char *authcryptpasswd(const char *password, const char *encryption_hint)
        const char *p;
        char *pp;
 
-#if    HAVE_MD5LIB
-
        if (!encryption_hint || strncmp(encryption_hint, "$1$", 3) == 0)
        {
                pfix="";
@@ -101,27 +82,44 @@ char *authcryptpasswd(const char *password, const char *encryption_hint)
                hash_func= &md5_hash_courier;
                pfix="{MD5}";
        }
-#endif
 
-#if    HAVE_SHA1LIB
+       if (!encryption_hint || strncasecmp(encryption_hint, "{MD5RAW}", 5)
+           == 0)
+       {
+               hash_func= &md5_hash_raw;
+               pfix="{MD5RAW}";
+       }
+
        if (!encryption_hint || strncasecmp(encryption_hint, "{SHA}", 5) == 0)
        {
                hash_func= &sha1_hash;
                pfix="{SHA}";
        }
 
+       if (!encryption_hint || strncasecmp(encryption_hint, "{SSHA}", 6) == 0)
+       {
+               hash_func= &ssha_hash_int;
+               pfix="{SSHA}";
+       }
+
        if (!encryption_hint ||
            strncasecmp(encryption_hint, "{SHA256}", 8) == 0)
        {
                hash_func= &sha256_hash;
                pfix="{SHA256}";
        }
-#endif
+
+       if (!encryption_hint ||
+           strncasecmp(encryption_hint, "{SHA512}", 8) == 0)
+       {
+               hash_func= &sha512_hash;
+               pfix="{SHA512}";
+       }
 
        if (!hash_func)
        {
-               hash_func= &crypt_hash;
-               pfix="{CRYPT}";
+               hash_func= &ssha_hash_int;
+               pfix="{SSHA}";
        }
 
        p= (*hash_func)(password);