OpenCoverage

xcrypt.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/openbsd-compat/xcrypt.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright (c) 2003 Ben Lindstrom. All rights reserved.-
3 *-
4 * Redistribution and use in source and binary forms, with or without-
5 * modification, are permitted provided that the following conditions-
6 * are met:-
7 * 1. Redistributions of source code must retain the above copyright-
8 * notice, this list of conditions and the following disclaimer.-
9 * 2. Redistributions in binary form must reproduce the above copyright-
10 * notice, this list of conditions and the following disclaimer in the-
11 * documentation and/or other materials provided with the distribution.-
12 *-
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR-
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES-
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.-
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,-
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,-
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY-
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT-
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF-
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.-
23 */-
24-
25#include "includes.h"-
26-
27#include <sys/types.h>-
28#include <string.h>-
29#include <unistd.h>-
30#include <pwd.h>-
31-
32# if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE)-
33# include <crypt.h>-
34# endif-
35-
36# ifdef __hpux-
37# include <hpsecurity.h>-
38# include <prot.h>-
39# endif-
40-
41# ifdef HAVE_SECUREWARE-
42# include <sys/security.h>-
43# include <sys/audit.h>-
44# include <prot.h>-
45# endif-
46-
47# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)-
48# include <shadow.h>-
49# endif-
50-
51# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)-
52# include <sys/label.h>-
53# include <sys/audit.h>-
54# include <pwdadj.h>-
55# endif-
56-
57# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)-
58# include "md5crypt.h"-
59# endif-
60-
61# if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)-
62# include <openssl/des.h>-
63# define crypt DES_crypt-
64# endif-
65-
66/*-
67 * Pick an appropriate password encryption type and salt for the running-
68 * system by searching through accounts until we find one that has a valid-
69 * salt. Usually this will be root unless the root account is locked out.-
70 * If we don't find one we return a traditional DES-based salt.-
71 */-
72static const char *-
73pick_salt(void)-
74{-
75 struct passwd *pw;-
76 char *passwd, *p;-
77 size_t typelen;-
78 static char salt[32];-
79-
80 if (salt[0] != '\0')
salt[0] != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
81 return salt;
never executed: return salt;
0
82 strlcpy(salt, "xx", sizeof(salt));-
83 setpwent();-
84 while ((pw = getpwent()) != NULL) {
(pw = getpwent...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
85 passwd = shadow_pw(pw);-
86 if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
passwd[0] == '$'Description
TRUEnever evaluated
FALSEnever evaluated
(p = strrchr(p...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
87 typelen = p - passwd + 1;-
88 strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));-
89 explicit_bzero(passwd, strlen(passwd));-
90 goto out;
never executed: goto out;
0
91 }-
92 }
never executed: end of block
0
93 out:
code before this statement never executed: out:
0
94 endpwent();-
95 return salt;
never executed: return salt;
0
96}-
97-
98char *-
99xcrypt(const char *password, const char *salt)-
100{-
101 char *crypted;-
102-
103 /*-
104 * If we don't have a salt we are encrypting a fake password for-
105 * for timing purposes. Pick an appropriate salt.-
106 */-
107 if (salt == NULL)
salt == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
108 salt = pick_salt();
never executed: salt = pick_salt();
0
109-
110# ifdef HAVE_MD5_PASSWORDS-
111 if (is_md5_salt(salt))-
112 crypted = md5_crypt(password, salt);-
113 else-
114 crypted = crypt(password, salt);-
115# elif defined(__hpux) && !defined(HAVE_SECUREWARE)-
116 if (iscomsec())-
117 crypted = bigcrypt(password, salt);-
118 else-
119 crypted = crypt(password, salt);-
120# elif defined(HAVE_SECUREWARE)-
121 crypted = bigcrypt(password, salt);-
122# else-
123 crypted = crypt(password, salt);-
124# endif-
125-
126 return crypted;
never executed: return crypted;
0
127}-
128-
129/*-
130 * Handle shadowed password systems in a cleaner way for portable-
131 * version.-
132 */-
133-
134char *-
135shadow_pw(struct passwd *pw)-
136{-
137 char *pw_password = pw->pw_passwd;-
138-
139# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)-
140 struct spwd *spw = getspnam(pw->pw_name);-
141-
142 if (spw != NULL)
spw != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
143 pw_password = spw->sp_pwdp;
never executed: pw_password = spw->sp_pwdp;
0
144# endif-
145-
146#ifdef USE_LIBIAF-
147 return(get_iaf_password(pw));-
148#endif-
149-
150# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)-
151 struct passwd_adjunct *spw;-
152 if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL)-
153 pw_password = spw->pwa_passwd;-
154# elif defined(HAVE_SECUREWARE)-
155 struct pr_passwd *spw = getprpwnam(pw->pw_name);-
156-
157 if (spw != NULL)-
158 pw_password = spw->ufld.fd_encrypt;-
159# endif-
160-
161 return pw_password;
never executed: return pw_password;
0
162}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2