diff options
| author | Sam Hartman <hartmans@debian.org> | 2024-12-02 09:55:34 -0700 |
|---|---|---|
| committer | Sam Hartman <hartmans@debian.org> | 2024-12-02 09:55:34 -0700 |
| commit | 4f3cfaf827bfa42a239c255092a128a3a02198bf (patch) | |
| tree | eac7f023f043739b79b2a51bd68c3006acb12964 /modules/pam_unix/md5_crypt.c | |
| parent | 6408d4b1baff9a7e58fd66e1d1c0871be0823777 (diff) | |
| parent | 7c9fb6472dcfae34ddbf4fbc9ecfafae2cf173c3 (diff) | |
| download | pam-4f3cfaf827bfa42a239c255092a128a3a02198bf.tar.gz pam-4f3cfaf827bfa42a239c255092a128a3a02198bf.tar.bz2 pam-4f3cfaf827bfa42a239c255092a128a3a02198bf.zip | |
Update upstream source from tag 'upstream/1.7.0'
Update to upstream version '1.7.0'
with Debian dir 0b3cd490884352e14273caeca2f05c6a525499fa
Diffstat (limited to 'modules/pam_unix/md5_crypt.c')
| -rw-r--r-- | modules/pam_unix/md5_crypt.c | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/modules/pam_unix/md5_crypt.c b/modules/pam_unix/md5_crypt.c index ed5ecda4..9451f376 100644 --- a/modules/pam_unix/md5_crypt.c +++ b/modules/pam_unix/md5_crypt.c @@ -12,12 +12,13 @@ * */ +#include "pam_inline.h" #include <string.h> +#include <stdio.h> #include <stdlib.h> #include "md5.h" -#include "pam_inline.h" -static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ +static const unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; static void to64(char *s, unsigned long v, int n) @@ -38,9 +39,10 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt) { const char *magic = "$1$"; /* This string is magic for this algorithm. Having - * it this way, we can get get better later on */ + * it this way, we can get better later on */ char *passwd, *p; const char *sp, *ep; + char buf[23]; unsigned char final[16]; int sl, pl, i, j; MD5_CTX ctx, ctx1; @@ -49,12 +51,6 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt) /* Refine the Salt first */ sp = salt; - /* TODO: now that we're using malloc'ed memory, get rid of the - strange constant buffer size. */ - passwd = malloc(120); - if (passwd == NULL) - return NULL; - /* If it starts with the magic string, then skip that */ if ((ep = pam_str_skip_prefix_len(sp, magic, strlen(magic))) != NULL) sp = ep; @@ -96,11 +92,6 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt) else MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1); - /* Now make the output string */ - strcpy(passwd, magic); - strncat(passwd, sp, sl); - strcat(passwd, "$"); - MD5Name(MD5Final)(final,&ctx); /* @@ -128,7 +119,7 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt) MD5Name(MD5Final)(final,&ctx1); } - p = passwd + strlen(passwd); + p = buf; l = (final[0] << 16) | (final[6] << 8) | final[12]; to64(p, l, 4); @@ -150,7 +141,12 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt) p += 2; *p = '\0'; + /* Now make the output string */ + if (asprintf(&passwd, "%s%.*s$%s", magic, sl, sp, buf) < 0) + passwd = NULL; + /* Don't leave anything around in vm they could use. */ + pam_overwrite_array(buf); pam_overwrite_array(final); return passwd; |