From ea488580c42e8918445a945484de3c8a5addc761 Mon Sep 17 00:00:00 2001
From: "Andrew G. Morgan" <morgan@kernel.org>
Date: Tue, 20 Jun 2000 22:10:38 +0000
Subject: Initial revision

---
 modules/pam_pwdb/pam_unix_md.-c | 73 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 modules/pam_pwdb/pam_unix_md.-c

(limited to 'modules/pam_pwdb/pam_unix_md.-c')

diff --git a/modules/pam_pwdb/pam_unix_md.-c b/modules/pam_pwdb/pam_unix_md.-c
new file mode 100644
index 00000000..d9b2c51b
--- /dev/null
+++ b/modules/pam_pwdb/pam_unix_md.-c
@@ -0,0 +1,73 @@
+/*
+ * This function is a front-end for the message digest algorithms used
+ * to compute the user's encrypted passwords. No reversible encryption
+ * is used here and I intend to keep it that way.
+ *
+ * While there are many sources of encryption outside the United
+ * States, it *may* be illegal to re-export reversible encryption
+ * computer code. Until such time as it is legal to export encryption
+ * software freely from the US, please do not send me any. (AGM)
+ */
+
+/* this should have been defined in a header file.. Why wasn't it? AGM */
+extern char *crypt(const char *key, const char *salt);
+
+#include "md5.h"
+#include "bigcrypt.-c"
+
+struct cfns {
+    const char *salt;
+    int len;
+    char * (* mdfn)(const char *key, const char *salt);
+};
+
+/* array of non-standard digest algorithms available */
+
+#define N_MDS 1
+const static struct cfns cfn_list[N_MDS] = {
+    { "$1$", 3, Goodcrypt_md5 },
+};
+
+static char *_pam_md(const char *key, const char *salt)
+{
+    char *x,*e=NULL;
+    int i;
+
+    D(("called with key='%s', salt='%s'", key, salt));
+
+    /* check for non-standard salts */
+
+    for (i=0; i<N_MDS; ++i) {
+        if ( !strncmp(cfn_list[i].salt, salt, cfn_list[i].len) ) {
+	    e = cfn_list[i].mdfn(key, salt);
+	    break;
+	}
+    }
+
+    if ( i >= N_MDS ) {
+	e = bigcrypt(key, salt);      /* (defaults to standard algorithm) */
+    }
+
+    x = x_strdup(e);                        /* put e in malloc()ed memory */
+    _pam_overwrite(e);                                        /* clean up */
+    return x;                           /* this must be deleted elsewhere */
+}
+
+#ifndef PWDB_NO_MD_COMPAT
+static char *_pam_md_compat(const char *key, const char *salt)
+{
+    char *x,*e=NULL;
+
+    D(("called with key='%s', salt='%s'", key, salt));
+
+    if ( !strncmp("$1$", salt, 3) ) {
+        e = Brokencrypt_md5(key, salt);
+        x = x_strdup(e);                    /* put e in malloc()ed memory */
+        _pam_overwrite(e);                                    /* clean up */
+    } else {
+        x = x_strdup("*");
+    }
+
+    return x;                           /* this must be deleted elsewhere */
+}
+#endif /* PWDB_NO_MD_COMPAT */
-- 
cgit v1.2.3