Mercurial > dovecot > core-2.2
changeset 19347:61eb9ac0d29e
auth: Don't crash when trying to use CRYPT scheme when crypt() doesn't support DES
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 09 Nov 2015 14:11:12 +0200 |
parents | 2f2d78bedeed |
children | a2824031f6a8 |
files | src/auth/password-scheme-crypt.c src/auth/password-scheme.c |
diffstat | 2 files changed, 16 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/password-scheme-crypt.c Mon Nov 09 13:16:50 2015 +0200 +++ b/src/auth/password-scheme-crypt.c Mon Nov 09 14:11:12 2015 +0200 @@ -24,6 +24,19 @@ } static void +crypt_generate_des(const char *plaintext, const char *user ATTR_UNUSED, + const unsigned char **raw_password_r, size_t *size_r) +{ +#define CRYPT_SALT_LEN 2 + const char *password, *salt; + + salt = password_generate_salt(CRYPT_SALT_LEN); + password = t_strdup(mycrypt(plaintext, salt)); + *raw_password_r = (const unsigned char *)password; + *size_r = strlen(password); +} + +static void crypt_generate_blowfisch(const char *plaintext, const char *user ATTR_UNUSED, const unsigned char **raw_password_r, size_t *size_r) { @@ -98,6 +111,7 @@ const char *salt; const char *expected; } sample[] = { + { "08/15!test~4711", "JB", "JBOZ0DgmtucwE" }, { "08/15!test~4711", "$2a$04$0123456789abcdefABCDEF", "$2a$04$0123456789abcdefABCDE.N.drYX5yIAL1LkTaaZotW3yI0hQhZru" }, { "08/15!test~4711", "$5$rounds=1000$0123456789abcdef", @@ -110,6 +124,8 @@ /* keep in sync with the sample struct above */ static const struct password_scheme crypt_schemes[] = { + { "CRYPT", PW_ENCODING_NONE, 0, crypt_verify, + crypt_generate_des }, { "BLF-CRYPT", PW_ENCODING_NONE, 0, crypt_verify, crypt_generate_blowfisch }, { "SHA256-CRYPT", PW_ENCODING_NONE, 0, crypt_verify,
--- a/src/auth/password-scheme.c Mon Nov 09 13:16:50 2015 +0200 +++ b/src/auth/password-scheme.c Mon Nov 09 14:11:12 2015 +0200 @@ -341,19 +341,6 @@ return strcmp(crypted, password) == 0 ? 1 : 0; } -static void -crypt_generate(const char *plaintext, const char *user ATTR_UNUSED, - const unsigned char **raw_password_r, size_t *size_r) -{ -#define CRYPT_SALT_LEN 2 - const char *password, *salt; - - salt = password_generate_salt(CRYPT_SALT_LEN); - password = t_strdup(mycrypt(plaintext, salt)); - *raw_password_r = (const unsigned char *)password; - *size_r = strlen(password); -} - static int md5_verify(const char *plaintext, const char *user, const unsigned char *raw_password, size_t size, const char **error_r) @@ -803,7 +790,6 @@ } static const struct password_scheme builtin_schemes[] = { - { "CRYPT", PW_ENCODING_NONE, 0, crypt_verify, crypt_generate }, { "MD5", PW_ENCODING_NONE, 0, md5_verify, md5_crypt_generate }, { "MD5-CRYPT", PW_ENCODING_NONE, 0, md5_crypt_verify, md5_crypt_generate },