diff options
Diffstat (limited to 'lib/encrypt.c')
-rw-r--r-- | lib/encrypt.c | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/lib/encrypt.c b/lib/encrypt.c new file mode 100644 index 0000000..c84a255 --- /dev/null +++ b/lib/encrypt.c @@ -0,0 +1,79 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1993, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko + * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <config.h> + +#ident "$Id$" + +#include <unistd.h> +#include <stdio.h> + +#include "prototypes.h" +#include "defines.h" +#include "shadowlog_internal.h" + +/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt) +{ + static char cipher[128]; + char *cp; + + cp = crypt (clear, salt); + if (NULL == cp) { + /* + * Single Unix Spec: crypt() may return a null pointer, + * and set errno to indicate an error. In this case return + * the NULL so the caller can handle appropriately. + */ + return NULL; + } + + /* Some crypt() do not return NULL if the algorithm is not + * supported, and return a DES encrypted password. */ + if ((NULL != salt) && (salt[0] == '$') && (strlen (cp) <= 13)) + { + /*@observer@*/const char *method; + switch (salt[1]) + { + case '1': + method = "MD5"; + break; + case '2': + method = "BCRYPT"; + break; + case '5': + method = "SHA256"; + break; + case '6': + method = "SHA512"; + break; + case 'y': + method = "YESCRYPT"; + break; + default: + { + static char nummethod[4] = "$x$"; + nummethod[1] = salt[1]; + method = &nummethod[0]; + } + } + (void) fprintf (shadow_logfd, + _("crypt method not supported by libcrypt? (%s)\n"), + method); + exit (EXIT_FAILURE); + } + + if (strlen (cp) != 13) { + return cp; /* nonstandard crypt() in libc, better bail out */ + } + + strcpy (cipher, cp); + + return cipher; +} + |