diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-08-16 12:27:38 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-08-16 12:27:38 +0000 |
| commit | 23624ea6f78ec8acc167a2491c00998907fc76b1 (patch) | |
| tree | a57b3caee23a167d442d7d4e0419c4689dfba565 /modules/pam_pwdb | |
| parent | 2b5457bbf7352200f7bc77795adbbcfd47550855 (diff) | |
| download | pam-23624ea6f78ec8acc167a2491c00998907fc76b1.tar.gz pam-23624ea6f78ec8acc167a2491c00998907fc76b1.tar.bz2 pam-23624ea6f78ec8acc167a2491c00998907fc76b1.zip | |
Relevant BUGIDs: none
Purpose of commit: new feature
Commit summary:
---------------
Big "automake/autoconf/libtool" commit
Diffstat (limited to 'modules/pam_pwdb')
| -rw-r--r-- | modules/pam_pwdb/Makefile | 131 | ||||
| -rw-r--r-- | modules/pam_pwdb/Makefile.am | 29 | ||||
| -rw-r--r-- | modules/pam_pwdb/md5_crypt.c | 88 |
3 files changed, 81 insertions, 167 deletions
diff --git a/modules/pam_pwdb/Makefile b/modules/pam_pwdb/Makefile deleted file mode 100644 index f136a820..00000000 --- a/modules/pam_pwdb/Makefile +++ /dev/null @@ -1,131 +0,0 @@ -# $Id$ -# -# This Makefile controls a build process of the pam_unix module -# for Linux-PAM. You should not modify this Makefile. -# -# rewritten to compile new module Andrew Morgan -# <morgan@parc.power.net> 1996/11/6 -# - -include ../../Make.Rules - -ifeq ($(HAVE_LIBPWDB),yes) - -EXTRALS += -lpwdb -EXTRAS += -DCHKPWD_HELPER=\"$(SUPLEMENTED)/$(CHKPWD)\" - -ifeq ($(HAVE_LIBSELINUX),yes) - EXTRALS += -lselinux -endif - -ifeq ($(HAVE_LIBCRYPT),yes) - EXTRALS += -lcrypt -endif -ifeq ($(HAVE_LIBNSL),yes) - EXTRALS += -lnsl -endif - -TITLE=pam_pwdb -CHKPWD=pwdb_chkpwd - -LIBSRC = $(TITLE).c -LIBOBJ = $(TITLE).o -LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) -#LIBOBJS = $(addprefix static/,$(LIBOBJ)) -LIBDEPS = pam_unix_acct.-c pam_unix_auth.-c pam_unix_passwd.-c \ - pam_unix_sess.-c pam_unix_pwupd.-c support.-c bigcrypt.-c - -PLUS += md5_good.o md5_broken.o md5_crypt_good.o md5_crypt_broken.o -CFLAGS += $(EXTRAS) - -ifdef DYNAMIC -LIBSHARED = $(TITLE).so -endif -#ifdef STATIC -#LIBSTATIC = lib$(TITLE).o -#endif - -all: info dirs $(PLUS) $(LIBSHARED) $(LIBSTATIC) register $(CHKPWD) - -dynamic/$(LIBOBJ) : $(LIBSRC) $(LIBDEPS) - $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -#static/$(LIBOBJ) : $(LIBSRC) $(LIBDEPS) -# $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -info: - @echo - @echo "*** Building PAM_pwdb module..." - @echo - -$(CHKPWD): pwdb_chkpwd.o md5_good.o md5_broken.o \ - md5_crypt_good.o md5_crypt_broken.o - $(CC) $(CFLAGS) -o $(CHKPWD) $^ $(LDFLAGS) -lpwdb $(EXTRALS) - -pwdb_chkpwd.o: pwdb_chkpwd.c pam_unix_md.-c bigcrypt.-c - -md5_good.o: md5.c - $(CC) $(CFLAGS) $(CPPFLAGS) -DHIGHFIRST -D'MD5Name(x)=Good##x' \ - $(TARGET_ARCH) -c $< -o $@ - -md5_broken.o: md5.c - $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \ - $(TARGET_ARCH) -c $< -o $@ - -md5_crypt_good.o: md5_crypt.c - $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Good##x' \ - $(TARGET_ARCH) -c $< -o $@ - -md5_crypt_broken.o: md5_crypt.c - $(CC) $(CFLAGS) $(CPPFLAGS) -D'MD5Name(x)=Broken##x' \ - $(TARGET_ARCH) -c $< -o $@ - -dirs: -ifdef DYNAMIC - @$(MKDIR) ./dynamic -endif -#ifdef STATIC -# @$(MKDIR) ./static -#endif - -register: -#ifdef STATIC -# ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) ) -#endif - -ifdef DYNAMIC -$(LIBOBJD): $(LIBSRC) - -$(LIBSHARED): $(LIBOBJD) - $(LD_D) -o $@ $(LIBOBJD) $(PLUS) $(EXTRALS) -endif - -#ifdef STATIC -#$(LIBOBJS): $(LIBSRC) -# -#$(LIBSTATIC): $(LIBOBJS) -# $(LD) -r -o $@ $(LIBOBJS) $(PLUS) $(EXTRALS) -#endif - -install: all - $(MKDIR) $(FAKEROOT)$(SECUREDIR) -ifdef DYNAMIC - $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR) -endif - $(MKDIR) $(FAKEROOT)$(SUPLEMENTED) - $(INSTALL) -m 4555 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED) - -remove: - rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so - rm -f $(FAKEROOT)$(SUPLEMENTED)/$(CHKPWD) - -clean: - rm -f $(CHKPWD) $(LIBOBJD) $(LIBOBJS) $(MOREDELS) core *~ *.o *.so - rm -f *.a *.o *.so *.bak - rm -fr dynamic static - -else - -include ../dont_makefile - -endif diff --git a/modules/pam_pwdb/Makefile.am b/modules/pam_pwdb/Makefile.am new file mode 100644 index 00000000..330ce3d2 --- /dev/null +++ b/modules/pam_pwdb/Makefile.am @@ -0,0 +1,29 @@ +# +# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de> +# + +CLEANFILES = *~ + +EXTRA_DIST = TODO README md5.c md5_crypt.c bigcrypt.-c pam_unix_acct.-c \ + pam_unix_auth.-c pam_unix_md.-c pam_unix_passwd.-c \ + pam_unix_pwupd.-c pam_unix_sess.-c support.-c + +noinst_HEADERS = md5.h + +securelibdir = $(SECUREDIR) +secureconfdir = $(SCONFIGDIR) + +AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ + -I$(top_srcdir)/modules/pammodutil/include/ \ + -DCHKPWD_HELPER=\"$(sbindir)/$(CHKPWD)\" +AM_LDFLAGS = -avoid-version -module \ + -L$(top_builddir)/modules/pammodutil -lpammodutil \ + -L$(top_builddir)/libpam -lpam @LIBCRYPT@ @LIBPWDB@ + +if HAVE_LIBPWDB + securelib_LTLIBRARIES = pam_pwdb.la + sbin_BINARIES = pwdb_chkpwd +endif + +pam_pwdb_la_SOURCES = md5_good.c md5_broken.c pam_pwdb.c +pwdb_checkpwd = md5_good.c md5_broken.c pwdb_chkpwd.c diff --git a/modules/pam_pwdb/md5_crypt.c b/modules/pam_pwdb/md5_crypt.c index 4226dd1e..53972fcc 100644 --- a/modules/pam_pwdb/md5_crypt.c +++ b/modules/pam_pwdb/md5_crypt.c @@ -1,4 +1,5 @@ -/* $Id$ +/* + * $Id$ * * ---------------------------------------------------------------------------- * "THE BEER-WARE LICENSE" (Revision 42): @@ -12,16 +13,16 @@ */ #include <string.h> +#include <stdlib.h> #include "md5.h" -static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ - "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; +static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ +"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -static void -to64(char *s, unsigned long v, int n) +static void to64(char *s, unsigned long v, int n) { while (--n >= 0) { - *s++ = itoa64[v&0x3f]; + *s++ = itoa64[v & 0x3f]; v >>= 6; } } @@ -32,27 +33,31 @@ to64(char *s, unsigned long v, int n) * Use MD5 for what it is best at... */ -char * MD5Name(crypt_md5)(const char *pw, const char *salt) +char *MD5Name(crypt_md5)(const char *pw, const char *salt) { const char *magic = "$1$"; /* This string is magic for this algorithm. Having * it this way, we can get get better later on */ - static char passwd[120], *p; - static const char *sp,*ep; - unsigned char final[16]; - int sl,pl,i,j; - MD5_CTX ctx,ctx1; + char *passwd, *p; + const char *sp, *ep; + unsigned char final[16]; + int sl, pl, i, j; + MD5_CTX ctx, ctx1; unsigned long l; /* Refine the Salt first */ sp = salt; + /* TODO: now that we're using malloc'ed memory, get rid of the + strange constant buffer size. */ + passwd = malloc(120); + /* If it starts with the magic string, then skip that */ - if(!strncmp(sp,magic,strlen(magic))) + if (!strncmp(sp, magic, strlen(magic))) sp += strlen(magic); /* It stops at the first '$', max 8 chars */ - for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++) + for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) continue; /* get the length of the true salt */ @@ -75,23 +80,23 @@ char * MD5Name(crypt_md5)(const char *pw, const char *salt) MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); MD5Name(MD5Final)(final,&ctx1); - for(pl = strlen(pw); pl > 0; pl -= 16) + for (pl = strlen(pw); pl > 0; pl -= 16) MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl); /* Don't leave anything around in vm they could use. */ - memset(final,0,sizeof final); + memset(final, 0, sizeof final); /* Then something really weird... */ - for (j=0,i = strlen(pw); i ; i >>= 1) - if(i&1) - MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1); + for (j = 0, i = strlen(pw); i; i >>= 1) + if (i & 1) + MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1); else - MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1); + MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1); /* Now make the output string */ - strcpy(passwd,magic); - strncat(passwd,sp,sl); - strcat(passwd,"$"); + strcpy(passwd, magic); + strncat(passwd, sp, sl); + strcat(passwd, "$"); MD5Name(MD5Final)(final,&ctx); @@ -100,20 +105,20 @@ char * MD5Name(crypt_md5)(const char *pw, const char *salt) * On a 60 Mhz Pentium this takes 34 msec, so you would * need 30 seconds to build a 1000 entry dictionary... */ - for(i=0;i<1000;i++) { + for (i = 0; i < 1000; i++) { MD5Name(MD5Init)(&ctx1); - if(i & 1) + if (i & 1) MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); else MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); - if(i % 3) + if (i % 3) MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); - if(i % 7) + if (i % 7) MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - if(i & 1) + if (i & 1) MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); else MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); @@ -122,17 +127,28 @@ char * MD5Name(crypt_md5)(const char *pw, const char *salt) p = passwd + strlen(passwd); - l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4; - l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4; - l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4; - l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4; - l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4; - l = final[11] ; to64(p,l,2); p += 2; + l = (final[0] << 16) | (final[6] << 8) | final[12]; + to64(p, l, 4); + p += 4; + l = (final[1] << 16) | (final[7] << 8) | final[13]; + to64(p, l, 4); + p += 4; + l = (final[2] << 16) | (final[8] << 8) | final[14]; + to64(p, l, 4); + p += 4; + l = (final[3] << 16) | (final[9] << 8) | final[15]; + to64(p, l, 4); + p += 4; + l = (final[4] << 16) | (final[10] << 8) | final[5]; + to64(p, l, 4); + p += 4; + l = final[11]; + to64(p, l, 2); + p += 2; *p = '\0'; /* Don't leave anything around in vm they could use. */ - memset(final,0,sizeof final); + memset(final, 0, sizeof final); return passwd; } - |