Module Name: src
Committed By: jhigh
Date: Sat Oct 5 18:06:17 UTC 2019
Modified Files:
src/distrib/sets/lists/tests: mi
src/etc/mtree: NetBSD.dist.tests
src/lib/libcrypt: crypt.c
src/tests/usr.bin: Makefile
Added Files:
src/tests/usr.bin/pwhash: Makefile t_pwhash.sh
Log Message:
adding full scheme comparison to libcrypt:crypt and pwhash tests
To generate a diff of this commit:
cvs rdiff -u -r1.821 -r1.822 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.158 -r1.159 src/etc/mtree/NetBSD.dist.tests
cvs rdiff -u -r1.34 -r1.35 src/lib/libcrypt/crypt.c
cvs rdiff -u -r1.27 -r1.28 src/tests/usr.bin/Makefile
cvs rdiff -u -r0 -r1.1 src/tests/usr.bin/pwhash/Makefile \
src/tests/usr.bin/pwhash/t_pwhash.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/sets/lists/tests/mi
diff -u src/distrib/sets/lists/tests/mi:1.821 src/distrib/sets/lists/tests/mi:1.822
--- src/distrib/sets/lists/tests/mi:1.821 Sun Sep 15 16:58:11 2019
+++ src/distrib/sets/lists/tests/mi Sat Oct 5 18:06:16 2019
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.821 2019/09/15 16:58:11 christos Exp $
+# $NetBSD: mi,v 1.822 2019/10/05 18:06:16 jhigh Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@@ -4208,6 +4208,10 @@
./usr/tests/usr.bin/pr/d_basic.in tests-usr.bin-tests compattestfile,atf
./usr/tests/usr.bin/pr/d_basic.out tests-usr.bin-tests compattestfile,atf
./usr/tests/usr.bin/pr/t_basic tests-usr.bin-tests compattestfile,atf
+./usr/tests/usr.bin/pwhash tests-usr.bin-tests compattestfile,atf
+./usr/tests/usr.bin/pwhash/Atffile tests-usr.bin-tests compattestfile,atf
+./usr/tests/usr.bin/pwhash/Kyuafile tests-usr.bin-tests compattestfile,atf,kyua
+./usr/tests/usr.bin/pwhash/t_pwhash tests-usr.bin-tests compattestfile,atf
./usr/tests/usr.bin/printf tests-usr.bin-tests compattestfile,atf
./usr/tests/usr.bin/printf/Atffile tests-usr.bin-tests compattestfile,atf
./usr/tests/usr.bin/printf/Kyuafile tests-usr.bin-tests compattestfile,atf,kyua
Index: src/etc/mtree/NetBSD.dist.tests
diff -u src/etc/mtree/NetBSD.dist.tests:1.158 src/etc/mtree/NetBSD.dist.tests:1.159
--- src/etc/mtree/NetBSD.dist.tests:1.158 Thu Apr 4 19:50:47 2019
+++ src/etc/mtree/NetBSD.dist.tests Sat Oct 5 18:06:16 2019
@@ -1,4 +1,4 @@
-# $NetBSD: NetBSD.dist.tests,v 1.158 2019/04/04 19:50:47 kamil Exp $
+# $NetBSD: NetBSD.dist.tests,v 1.159 2019/10/05 18:06:16 jhigh Exp $
./usr/libdata/debug/usr/tests
./usr/libdata/debug/usr/tests/atf
@@ -416,6 +416,7 @@
./usr/tests/usr.bin/pkill
./usr/tests/usr.bin/pr
./usr/tests/usr.bin/printf
+./usr/tests/usr.bin/pwhash
./usr/tests/usr.bin/rump_server
./usr/tests/usr.bin/sdiff
./usr/tests/usr.bin/sed
Index: src/lib/libcrypt/crypt.c
diff -u src/lib/libcrypt/crypt.c:1.34 src/lib/libcrypt/crypt.c:1.35
--- src/lib/libcrypt/crypt.c:1.34 Wed Jun 17 00:15:26 2015
+++ src/lib/libcrypt/crypt.c Sat Oct 5 18:06:16 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: crypt.c,v 1.34 2015/06/17 00:15:26 christos Exp $ */
+/* $NetBSD: crypt.c,v 1.35 2019/10/05 18:06:16 jhigh Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -37,13 +37,14 @@
#if 0
static char sccsid[] = "@(#)crypt.c 8.1.1.1 (Berkeley) 8/18/93";
#else
-__RCSID("$NetBSD: crypt.c,v 1.34 2015/06/17 00:15:26 christos Exp $");
+__RCSID("$NetBSD: crypt.c,v 1.35 2019/10/05 18:06:16 jhigh Exp $");
#endif
#endif /* not lint */
#include <limits.h>
#include <pwd.h>
#include <stdlib.h>
+#include <string.h> /* for strcmp */
#include <unistd.h>
#if defined(DEBUG) || defined(MAIN) || defined(UNIT_TEST)
#include <stdio.h>
@@ -498,6 +499,48 @@ ascii_is_unsafe(char ch)
}
/*
+ * We extract the scheme from setting str to allow for
+ * full scheme name comparison
+ * Updated to reflect alc suggestion(s)
+ *
+ * retuns boolean 0 on failure, 1 on success,
+ */
+static int
+nondes_scheme_substr(const char * setting,char * scheme, unsigned int len)
+{
+ const char * start;
+ const char * sep;
+
+ /* initialize head pointer */
+ start = setting;
+
+ /* clear out scheme buffer regardless of result */
+ memset(scheme, 0, len);
+
+ /* make sure we are working on non-des scheme string */
+ if (*start != _PASSWORD_NONDES) {
+ return 0;
+ }
+
+ /* increment passed initial _PASSWORD_NONDES */
+ start++;
+
+ if ((sep = memchr(start, _PASSWORD_NONDES,len-1)) == NULL) {
+ return 0;
+ }
+
+ /* if empty string, we are done */
+ if (sep == start) {
+ return 1;
+ }
+
+ /* copy scheme substr to buffer */
+ memcpy(scheme, start, (size_t)(sep - start));
+
+ return 1;
+}
+
+/*
* Return a pointer to static data consisting of the "setting"
* followed by an encryption produced by the "key" and "setting".
*/
@@ -505,24 +548,39 @@ static char *
__crypt(const char *key, const char *setting)
{
char *encp;
+ char scheme[12];
int32_t i;
int t;
+ int r;
int32_t salt;
int num_iter, salt_size;
C_block keyblock, rsltblock;
/* Non-DES encryption schemes hook in here. */
if (setting[0] == _PASSWORD_NONDES) {
- switch (setting[1]) {
- case '2':
+ r = nondes_scheme_substr(
+ setting, scheme, sizeof(scheme));
+
+ /* return NULL if we are unable to extract substring */
+ if (!r) {
+ return NULL;
+ }
+
+ /* $2a$ found in bcrypt.c:encode_salt */
+ if (strcmp(scheme, "2a") == 0) {
return (__bcrypt(key, setting));
- case 's':
+ } else if (strcmp(scheme, "sha1") == 0) {
+ /* $sha1$ found in crypt.h:SHA1_MAGIC */
return (__crypt_sha1(key, setting));
- case '1':
- default:
+ } else if (strcmp(scheme, "1") == 0) {
+ /* $1$ found in pw_gensalt.c:__gensalt_md5 */
return (__md5crypt(key, setting));
+ } else {
+ /* invalid scheme, including empty string */
+ return NULL;
}
}
+ /* End non-DES handling */
for (i = 0; i < 8; i++) {
if ((t = 2*(unsigned char)(*key)) != 0)
Index: src/tests/usr.bin/Makefile
diff -u src/tests/usr.bin/Makefile:1.27 src/tests/usr.bin/Makefile:1.28
--- src/tests/usr.bin/Makefile:1.27 Thu Apr 4 15:22:13 2019
+++ src/tests/usr.bin/Makefile Sat Oct 5 18:06:16 2019
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.27 2019/04/04 15:22:13 kamil Exp $
+# $NetBSD: Makefile,v 1.28 2019/10/05 18:06:16 jhigh Exp $
#
.include <bsd.own.mk>
@@ -8,7 +8,7 @@ TESTSDIR= ${TESTSBASE}/usr.bin
TESTS_SUBDIRS= awk basename bzip2 cc cmp config cut \
diff dirname find gdb grep gzip id indent \
infocmp jot ld m4 make mixerctl mkdep nbperf netpgpverify \
- pkill pr printf rump_server shmif_dumpbus sdiff \
+ pkill pr printf pwhash rump_server shmif_dumpbus sdiff \
sed sort tmux tr unifdef uniq vmstat xlint
.if ${MKCXX} != "no"
Added files:
Index: src/tests/usr.bin/pwhash/Makefile
diff -u /dev/null src/tests/usr.bin/pwhash/Makefile:1.1
--- /dev/null Sat Oct 5 18:06:17 2019
+++ src/tests/usr.bin/pwhash/Makefile Sat Oct 5 18:06:17 2019
@@ -0,0 +1,8 @@
+# $NetBSD: Makefile,v 1.1 2019/10/05 18:06:17 jhigh Exp $
+
+.include <bsd.own.mk>
+
+TESTSDIR= ${TESTSBASE}/usr.bin/pwhash
+TESTS_SH= t_pwhash
+
+.include <bsd.test.mk>
Index: src/tests/usr.bin/pwhash/t_pwhash.sh
diff -u /dev/null src/tests/usr.bin/pwhash/t_pwhash.sh:1.1
--- /dev/null Sat Oct 5 18:06:17 2019
+++ src/tests/usr.bin/pwhash/t_pwhash.sh Sat Oct 5 18:06:17 2019
@@ -0,0 +1,47 @@
+atf_test_case pwhash_blowfish_r12
+pwhash_blowfish_r12_head() {
+ atf_set "descr" "ATF test for pwhash using blowfish 12 rounds"
+}
+
+pwhash_blowfish_r12_body() {
+ atf_check -s exit:0 -o match:"^\\\$2a\\\$" -x \
+ 'echo -n password | pwhash -b 12'
+}
+
+atf_test_case pwhash_md5
+pwhash_md5_head() {
+ atf_set "descr" "ATF test for pwhash using MD5"
+}
+
+pwhash_md5_body() {
+ atf_check -s exit:0 -o match:"^\\\$1\\\$" -x \
+ 'echo -n password | pwhash -m'
+}
+
+atf_test_case pwhash_sha1
+pwhash_sha1_head() {
+ atf_set "descr" "ATF test for pwhash using SHA1"
+}
+
+pwhash_sha1_body() {
+ atf_check -s exit:0 -o match:"^\\\$sha1\\\$" -x \
+ 'echo -n password | pwhash'
+}
+
+atf_test_case pwhash_des
+pwhash_des_head() {
+ atf_set "descr" "ATF test for pwhash using DES"
+}
+
+pwhash_des_body() {
+ atf_check -s exit:0 -o ignore -e ignore -x \
+ 'echo -n password | pwhash -s somesalt'
+}
+
+atf_init_test_cases()
+{
+ atf_add_test_case pwhash_blowfish_r12
+ atf_add_test_case pwhash_md5
+ atf_add_test_case pwhash_sha1
+ atf_add_test_case pwhash_des
+}
