xref: /freebsd/crypto/openssh/openbsd-compat/xcrypt.c (revision a521f2116473fbd8c09db395518f060a27d02334)
1 /*
2  * Copyright (c) 2003 Ben Lindstrom.  All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 
25 #include "includes.h"
26 
27 #include <sys/types.h>
28 #include <string.h>
29 #include <unistd.h>
30 #include <pwd.h>
31 
32 # if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE)
33 #  include <crypt.h>
34 # endif
35 
36 # ifdef __hpux
37 #  include <hpsecurity.h>
38 #  include <prot.h>
39 # endif
40 
41 # ifdef HAVE_SECUREWARE
42 #  include <sys/security.h>
43 #  include <sys/audit.h>
44 #  include <prot.h>
45 # endif
46 
47 # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
48 #  include <shadow.h>
49 # endif
50 
51 # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
52 #  include <sys/label.h>
53 #  include <sys/audit.h>
54 #  include <pwdadj.h>
55 # endif
56 
57 # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
58 #  include "md5crypt.h"
59 # endif
60 
61 # if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
62 #  include <openssl/des.h>
63 #  define crypt DES_crypt
64 # endif
65 
66 /*
67  * Pick an appropriate password encryption type and salt for the running
68  * system by searching through accounts until we find one that has a valid
69  * salt.  Usually this will be root unless the root account is locked out.
70  * If we don't find one we return a traditional DES-based salt.
71  */
72 static const char *
73 pick_salt(void)
74 {
75 	struct passwd *pw;
76 	char *passwd, *p;
77 	size_t typelen;
78 	static char salt[32];
79 
80 	if (salt[0] != '\0')
81 		return salt;
82 	strlcpy(salt, "xx", sizeof(salt));
83 	setpwent();
84 	while ((pw = getpwent()) != NULL) {
85 		if ((passwd = shadow_pw(pw)) == NULL)
86 			continue;
87 		if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
88 			typelen = p - passwd + 1;
89 			strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));
90 			explicit_bzero(passwd, strlen(passwd));
91 			goto out;
92 		}
93 	}
94  out:
95 	endpwent();
96 	return salt;
97 }
98 
99 char *
100 xcrypt(const char *password, const char *salt)
101 {
102 	char *crypted;
103 
104 	/*
105 	 * If we don't have a salt we are encrypting a fake password for
106 	 * for timing purposes.  Pick an appropriate salt.
107 	 */
108 	if (salt == NULL)
109 		salt = pick_salt();
110 
111 # ifdef HAVE_MD5_PASSWORDS
112 	if (is_md5_salt(salt))
113 		crypted = md5_crypt(password, salt);
114 	else
115 		crypted = crypt(password, salt);
116 # elif defined(__hpux) && !defined(HAVE_SECUREWARE)
117 	if (iscomsec())
118 		crypted = bigcrypt(password, salt);
119 	else
120 		crypted = crypt(password, salt);
121 # elif defined(HAVE_SECUREWARE)
122 	crypted = bigcrypt(password, salt);
123 # else
124 	crypted = crypt(password, salt);
125 # endif
126 
127 	return crypted;
128 }
129 
130 /*
131  * Handle shadowed password systems in a cleaner way for portable
132  * version.
133  */
134 
135 char *
136 shadow_pw(struct passwd *pw)
137 {
138 	char *pw_password = pw->pw_passwd;
139 
140 # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
141 	struct spwd *spw = getspnam(pw->pw_name);
142 
143 	if (spw != NULL)
144 		pw_password = spw->sp_pwdp;
145 # endif
146 
147 #ifdef USE_LIBIAF
148 	return(get_iaf_password(pw));
149 #endif
150 
151 # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
152 	struct passwd_adjunct *spw;
153 	if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL)
154 		pw_password = spw->pwa_passwd;
155 # elif defined(HAVE_SECUREWARE)
156 	struct pr_passwd *spw = getprpwnam(pw->pw_name);
157 
158 	if (spw != NULL)
159 		pw_password = spw->ufld.fd_encrypt;
160 # endif
161 
162 	return pw_password;
163 }
164