/*
-** Copyright 2001-2002 Double Precision, Inc. See COPYING for
+** Copyright 2001-2008 Double Precision, Inc. See COPYING for
** distribution information.
*/
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
+#if HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
#include "auth.h"
-#include <sys/time.h>
+#include "md5/md5.h"
+#include "sha1/sha1.h"
+#include "random128/random128.h"
-static const char rcsid[]="$Id: cryptpassword.c,v 1.8 2005/07/13 00:34:59 mrsam Exp $";
#if HAVE_CRYPT
#if NEED_CRYPT_PROTOTYPE
#endif
#endif
-#if HAVE_MD5LIB
-#include "md5/md5.h"
-#endif
-
-#if HAVE_SHA1LIB
-#include "sha1/sha1.h"
-#endif
-
static const char crypt_salt[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./";
-static const char *crypt_hash(const char *pw)
+static const char *ssha_hash_int(const char *pw)
{
- struct timeval tv;
- char salt[3];
-
- gettimeofday(&tv, NULL);
-
- tv.tv_sec |= tv.tv_usec;
- tv.tv_sec ^= getpid();
-
- salt[0]=crypt_salt[ tv.tv_sec % 64 ];
+ random128binbuf randbuf;
- tv.tv_sec /= 64;
+ random128_binary(&randbuf);
- salt[1]=crypt_salt[ tv.tv_sec % 64 ];
- salt[2]=0;
-
- return (crypt(pw, salt));
+ return ssha_hash(pw, randbuf);
}
-#if HAVE_MD5LIB
static const char *crypt_md5_wrapper(const char *pw)
{
struct timeval tv;
return (md5_crypt(pw, salt));
}
-#endif
char *authcryptpasswd(const char *password, const char *encryption_hint)
{
const char *p;
char *pp;
-#if HAVE_MD5LIB
-
if (!encryption_hint || strncmp(encryption_hint, "$1$", 3) == 0)
{
pfix="";
hash_func= &md5_hash_courier;
pfix="{MD5}";
}
-#endif
-#if HAVE_SHA1LIB
+ if (!encryption_hint || strncasecmp(encryption_hint, "{MD5RAW}", 5)
+ == 0)
+ {
+ hash_func= &md5_hash_raw;
+ pfix="{MD5RAW}";
+ }
+
if (!encryption_hint || strncasecmp(encryption_hint, "{SHA}", 5) == 0)
{
hash_func= &sha1_hash;
pfix="{SHA}";
}
+ if (!encryption_hint || strncasecmp(encryption_hint, "{SSHA}", 6) == 0)
+ {
+ hash_func= &ssha_hash_int;
+ pfix="{SSHA}";
+ }
+
if (!encryption_hint ||
strncasecmp(encryption_hint, "{SHA256}", 8) == 0)
{
hash_func= &sha256_hash;
pfix="{SHA256}";
}
-#endif
+
+ if (!encryption_hint ||
+ strncasecmp(encryption_hint, "{SHA512}", 8) == 0)
+ {
+ hash_func= &sha512_hash;
+ pfix="{SHA512}";
+ }
if (!hash_func)
{
- hash_func= &crypt_hash;
- pfix="{CRYPT}";
+ hash_func= &ssha_hash_int;
+ pfix="{SSHA}";
}
p= (*hash_func)(password);