summaryrefslogtreecommitdiffstats
path: root/lib/encrypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/encrypt.c')
-rw-r--r--lib/encrypt.c79
1 files changed, 79 insertions, 0 deletions
diff --git a/lib/encrypt.c b/lib/encrypt.c
new file mode 100644
index 0000000..c84a255
--- /dev/null
+++ b/lib/encrypt.c
@@ -0,0 +1,79 @@
+/*
+ * SPDX-FileCopyrightText: 1990 - 1993, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <unistd.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+#include "defines.h"
+#include "shadowlog_internal.h"
+
+/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
+{
+ static char cipher[128];
+ char *cp;
+
+ cp = crypt (clear, salt);
+ if (NULL == cp) {
+ /*
+ * Single Unix Spec: crypt() may return a null pointer,
+ * and set errno to indicate an error. In this case return
+ * the NULL so the caller can handle appropriately.
+ */
+ return NULL;
+ }
+
+ /* Some crypt() do not return NULL if the algorithm is not
+ * supported, and return a DES encrypted password. */
+ if ((NULL != salt) && (salt[0] == '$') && (strlen (cp) <= 13))
+ {
+ /*@observer@*/const char *method;
+ switch (salt[1])
+ {
+ case '1':
+ method = "MD5";
+ break;
+ case '2':
+ method = "BCRYPT";
+ break;
+ case '5':
+ method = "SHA256";
+ break;
+ case '6':
+ method = "SHA512";
+ break;
+ case 'y':
+ method = "YESCRYPT";
+ break;
+ default:
+ {
+ static char nummethod[4] = "$x$";
+ nummethod[1] = salt[1];
+ method = &nummethod[0];
+ }
+ }
+ (void) fprintf (shadow_logfd,
+ _("crypt method not supported by libcrypt? (%s)\n"),
+ method);
+ exit (EXIT_FAILURE);
+ }
+
+ if (strlen (cp) != 13) {
+ return cp; /* nonstandard crypt() in libc, better bail out */
+ }
+
+ strcpy (cipher, cp);
+
+ return cipher;
+}
+