* configure.in: New configure option: --with-sha-crypt enabled by

default. Keeping the feature enabled is safe. Disabling it permits to disable the references to the SHA256 and SHA512 password encryption algorithms from the usage help and manuals (in addition to the support for these algorithms in the code). * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT preprocessor condition. * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00 · 2007-11-24 13:08:08 +00:00 · 4d606cc690
commit 4d606cc690
parent ee5c48d51c
8 changed files with 54 additions and 37 deletions
--- a/16
+++ b/16
@ -1,3 +1,19 @@
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: New configure option: --with-sha-crypt enabled by
+	default. Keeping the feature enabled is safe. Disabling it permits
+	to disable the references to the SHA256 and SHA512 password
+	encryption algorithms from the usage help and manuals (in addition
+	to the support for these algorithms in the code).
+	* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+	src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
+	always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
+	preprocessor condition.
+	* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+	src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
+	SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
+	subset of the ENCRYPTMETHOD_SELECT sections).
+
 2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>

 	* lib/encrypt.c: If we requested a non DES encryption, make sure
--- a/configure.in
+++ b/configure.in
@ -228,6 +228,14 @@ AC_ARG_WITH(skey,
 AC_ARG_WITH(libcrack,
 	[AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=yes if found and if PAM not enabled@:>@])],
 	[with_libcrack=$withval], [with_libcrack=no])
+AC_ARG_WITH(sha-crypt,
+	[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
+	[with_sha_crypt=$withval], [with_sha_crypt=yes])
+
+AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
+if test "$with_sha_crypt" = "yes"; then
+		AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
+fi

 dnl Check for some functions in libc first, only if not found check for
 dnl other libraries.  This should prevent linking libnsl if not really
@ -378,4 +386,5 @@ echo "	PAM support:			$with_libpam"
 echo "	SELinux support:		$with_selinux"
 echo "	shadow group support:		$enable_shadowgrp"
 echo "	S/Key support:			$with_skey"
+echo "	SHA passwords encryption:	$with_sha_crypt"
 echo
--- a/libmisc/obscure.c
+++ b/libmisc/obscure.c
@ -210,9 +210,7 @@ static const char *password_check (const char *old, const char *new,
 	int maxlen, oldlen, newlen;
 	char *new1, *old1;
 	const char *msg;
-#ifdef ENCRYPTMETHOD_SELECT
 	char *result;
-#endif

 	oldlen = strlen (old);
 	newlen = strlen (new);
@ -230,9 +228,7 @@ static const char *password_check (const char *old, const char *new,
 	if (msg)
 		return msg;

-#ifdef ENCRYPTMETHOD_SELECT
 	if ((result = getdef_str ("ENCRYPT_METHOD")) == NULL) {
-#endif
 	/* The traditional crypt() truncates passwords to 8 chars.  It is
 	   possible to circumvent the above checks by choosing an easy
 	   8-char password and adding some random characters to it...
@ -242,16 +238,17 @@ static const char *password_check (const char *old, const char *new,
 		if (getdef_bool ("MD5_CRYPT_ENAB"))
 			return NULL;

-#ifdef ENCRYPTMETHOD_SELECT
 	} else {

-		if (!strcmp (result, "MD5") ||
-		    !strcmp (result, "SHA256") ||
-		    !strcmp (result, "SHA512"))
+		if (   !strcmp (result, "MD5")
+#ifdef USE_SHA_CRYPT
+		    || !strcmp (result, "SHA256")
+		    || !strcmp (result, "SHA512")
+#endif
+		    )
 			return NULL;

 	}
-#endif
 	maxlen = getdef_num ("PASS_MAX_LEN", 8);
 	if (oldlen <= maxlen && newlen <= maxlen)
 		return NULL;
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@ -58,7 +58,7 @@ char *l64a(long value)
 */
 #define MAGNUM(array,ch)	(array)[0]=(array)[2]='$',(array)[1]=(ch),(array)[3]='\0'

-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 /*
 * Return the salt size.
 * The size of the salt string is between 8 and 16 bytes for the SHA crypt
@ -187,15 +187,13 @@ char *crypt_make_salt (char *meth, void *arg)
 	if (NULL != meth)
 		method = meth;
 	else {
-#ifdef ENCRYPTMETHOD_SELECT
 	if ((method = getdef_str ("ENCRYPT_METHOD")) == NULL)
-#endif
 		method = getdef_bool ("MD5_CRYPT_ENAB") ? "MD5" : "DES";
 	}

 	if (!strcmp (method, "MD5")) {
 		MAGNUM(result, '1');
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 	} else if (!strcmp (method, "SHA256")) {
 		MAGNUM(result, '5');
 		strcat(result, SHA_salt_rounds((int *)arg));
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@ -80,7 +80,7 @@ static void usage (void)
 			   "%s"
 			   "\n"),
 			 Prog,
-#ifndef ENCRYPTMETHOD_SELECT
+#ifndef USE_SHA_CRYPT
 			 "NONE DES MD5", ""
 #else
 			 "NONE DES MD5 SHA256 SHA512",
@ -127,7 +127,7 @@ int main (int argc, char **argv)
 			{"encrypted", no_argument, NULL, 'e'},
 			{"help", no_argument, NULL, 'h'},
 			{"md5", no_argument, NULL, 'm'},
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			{"sha-rounds", required_argument, NULL, 's'},
 #endif
 			{NULL, 0, NULL, '\0'}
@ -135,7 +135,7 @@ int main (int argc, char **argv)

 		while ((c =
 			getopt_long (argc, argv,
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			             "c:ehms:",
 #else
 			             "c:ehm",
@ -156,7 +156,7 @@ int main (int argc, char **argv)
 			case 'm':
 				md5flg = 1;
 				break;
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			case 's':
 				sflg = 1;
 				if (!getlong(optarg, &sha_rounds)) {
@ -195,7 +195,7 @@ int main (int argc, char **argv)
 		if (   0 != strcmp (crypt_method, "DES")
 		    && 0 != strcmp (crypt_method, "MD5")
 		    && 0 != strcmp (crypt_method, "NONE")
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 		    && 0 != strcmp (crypt_method, "SHA256")
 		    && 0 != strcmp (crypt_method, "SHA512")
 #endif
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@ -77,7 +77,7 @@ static void usage (void)
 			   "%s"
 			   "\n"),
 			 Prog,
-#ifndef ENCRYPTMETHOD_SELECT
+#ifndef USE_SHA_CRYPT
 			 "NONE DES MD5", ""
 #else
 			 "NONE DES MD5 SHA256 SHA512",
@ -123,7 +123,7 @@ int main (int argc, char **argv)
 			{"encrypted", no_argument, NULL, 'e'},
 			{"help", no_argument, NULL, 'h'},
 			{"md5", no_argument, NULL, 'm'},
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			{"sha-rounds", required_argument, NULL, 's'},
 #endif
 			{NULL, 0, NULL, '\0'}
@ -131,7 +131,7 @@ int main (int argc, char **argv)

 		while ((c =
 			getopt_long (argc, argv,
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			             "c:ehms:",
 #else
 			             "c:ehm",
@ -152,7 +152,7 @@ int main (int argc, char **argv)
 			case 'm':
 				md5flg = 1;
 				break;
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			case 's':
 				sflg = 1;
 				if (!getlong(optarg, &sha_rounds)) {
@ -191,7 +191,7 @@ int main (int argc, char **argv)
 		if (   0 != strcmp (crypt_method, "DES")
 		    && 0 != strcmp (crypt_method, "MD5")
 		    && 0 != strcmp (crypt_method, "NONE")
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 		    && 0 != strcmp (crypt_method, "SHA256")
 		    && 0 != strcmp (crypt_method, "SHA512")
 #endif
--- a/src/newusers.c
+++ b/src/newusers.c
@ -84,7 +84,7 @@ static void usage (void)
 			   "%s"
 			   "\n"),
 			 Prog,
-#ifndef ENCRYPTMETHOD_SELECT
+#ifndef USE_SHA_CRYPT
 			 "NONE DES MD5", ""
 #else
 			 "NONE DES MD5 SHA256 SHA512",
@ -344,7 +344,7 @@ int main (int argc, char **argv)
 		static struct option long_options[] = {
 			{"crypt-method", required_argument, NULL, 'c'},
 			{"help", no_argument, NULL, 'h'},
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			{"sha-rounds", required_argument, NULL, 's'},
 #endif
 			{NULL, 0, NULL, '\0'}
@ -352,7 +352,7 @@ int main (int argc, char **argv)

 		while ((c =
 			getopt_long (argc, argv,
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			             "c:hs:",
 #else
 			             "c:h",
@ -367,7 +367,7 @@ int main (int argc, char **argv)
 			case 'h':
 				usage ();
 				break;
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 			case 's':
 				sflg = 1;
 				if (!getlong(optarg, &sha_rounds)) {
@ -399,7 +399,7 @@ int main (int argc, char **argv)
 		if (   0 != strcmp (crypt_method, "DES")
 		    && 0 != strcmp (crypt_method, "MD5")
 		    && 0 != strcmp (crypt_method, "NONE")
-#ifdef ENCRYPTMETHOD_SELECT
+#ifdef USE_SHA_CRYPT
 		    && 0 != strcmp (crypt_method, "SHA256")
 		    && 0 != strcmp (crypt_method, "SHA512")
 #endif
--- a/src/passwd.c
+++ b/src/passwd.c
@ -204,9 +204,7 @@ static int new_password (const struct passwd *pw)
 	int i;			/* Counter for retries */
 	int warned;
 	int pass_max_len = -1;
-#ifdef ENCRYPTMETHOD_SELECT
 	char *method;
-#endif

 #ifdef HAVE_LIBCRACK_HIST
 	int HistUpdate (const char *, const char *);
@ -244,21 +242,20 @@ static int new_password (const struct passwd *pw)
 	 * for strength, unless it is the root user. This provides an escape
 	 * for initial login passwords.
 	 */
-#ifdef ENCRYPTMETHOD_SELECT
 	if ((method = getdef_str ("ENCRYPT_METHOD")) == NULL) {
-#endif
 		if (!getdef_bool ("MD5_CRYPT_ENAB"))
 			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
-#ifdef ENCRYPTMETHOD_SELECT
 	} else {
-		if (!strcmp (method, "MD5") ||
-		    !strcmp (method, "SHA256") ||
-		    !strcmp (method, "SHA512"))
+		if (   !strcmp (method, "MD5")
+#ifdef USE_SHA_CRYPT
+		    || !strcmp (method, "SHA256")
+		    || !strcmp (method, "SHA512")
+#endif
+		    )
 			pass_max_len = -1;
 		else
 			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
 	}
-#endif
 	if (!qflg) {
 		if (pass_max_len == -1) {
 			printf (_(