From 4d606cc6909018d039fa48724789e25f873e777f Mon Sep 17 00:00:00 2001 From: nekral-guest Date: Sat, 24 Nov 2007 13:08:08 +0000 Subject: [PATCH] * configure.in: New configure option: --with-sha-crypt enabled by default. Keeping the feature enabled is safe. Disabling it permits to disable the references to the SHA256 and SHA512 password encryption algorithms from the usage help and manuals (in addition to the support for these algorithms in the code). * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT preprocessor condition. * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a subset of the ENCRYPTMETHOD_SELECT sections). --- ChangeLog | 16 ++++++++++++++++ configure.in | 9 +++++++++ libmisc/obscure.c | 15 ++++++--------- libmisc/salt.c | 6 ++---- src/chgpasswd.c | 10 +++++----- src/chpasswd.c | 10 +++++----- src/newusers.c | 10 +++++----- src/passwd.c | 15 ++++++--------- 8 files changed, 54 insertions(+), 37 deletions(-) diff --git a/ChangeLog b/ChangeLog index ddd49437..5649f04d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,19 @@ +2007-11-24 Nicolas François + + * configure.in: New configure option: --with-sha-crypt enabled by + default. Keeping the feature enabled is safe. Disabling it permits + to disable the references to the SHA256 and SHA512 password + encryption algorithms from the usage help and manuals (in addition + to the support for these algorithms in the code). + * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, + src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is + always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT + preprocessor condition. + * libmisc/obscure.c, libmisc/salt.c, src/newusers.c, + src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and + SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a + subset of the ENCRYPTMETHOD_SELECT sections). + 2007-11-24 Nicolas François * lib/encrypt.c: If we requested a non DES encryption, make sure diff --git a/configure.in b/configure.in index a25560d1..4d905579 100644 --- a/configure.in +++ b/configure.in @@ -228,6 +228,14 @@ AC_ARG_WITH(skey, AC_ARG_WITH(libcrack, [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=yes if found and if PAM not enabled@:>@])], [with_libcrack=$withval], [with_libcrack=no]) +AC_ARG_WITH(sha-crypt, + [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])], + [with_sha_crypt=$withval], [with_sha_crypt=yes]) + +AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes") +if test "$with_sha_crypt" = "yes"; then + AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms]) +fi dnl Check for some functions in libc first, only if not found check for dnl other libraries. This should prevent linking libnsl if not really @@ -378,4 +386,5 @@ echo " PAM support: $with_libpam" echo " SELinux support: $with_selinux" echo " shadow group support: $enable_shadowgrp" echo " S/Key support: $with_skey" +echo " SHA passwords encryption: $with_sha_crypt" echo diff --git a/libmisc/obscure.c b/libmisc/obscure.c index a87d7ee4..27f15a75 100644 --- a/libmisc/obscure.c +++ b/libmisc/obscure.c @@ -210,9 +210,7 @@ static const char *password_check (const char *old, const char *new, int maxlen, oldlen, newlen; char *new1, *old1; const char *msg; -#ifdef ENCRYPTMETHOD_SELECT char *result; -#endif oldlen = strlen (old); newlen = strlen (new); @@ -230,9 +228,7 @@ static const char *password_check (const char *old, const char *new, if (msg) return msg; -#ifdef ENCRYPTMETHOD_SELECT if ((result = getdef_str ("ENCRYPT_METHOD")) == NULL) { -#endif /* The traditional crypt() truncates passwords to 8 chars. It is possible to circumvent the above checks by choosing an easy 8-char password and adding some random characters to it... @@ -242,16 +238,17 @@ static const char *password_check (const char *old, const char *new, if (getdef_bool ("MD5_CRYPT_ENAB")) return NULL; -#ifdef ENCRYPTMETHOD_SELECT } else { - if (!strcmp (result, "MD5") || - !strcmp (result, "SHA256") || - !strcmp (result, "SHA512")) + if ( !strcmp (result, "MD5") +#ifdef USE_SHA_CRYPT + || !strcmp (result, "SHA256") + || !strcmp (result, "SHA512") +#endif + ) return NULL; } -#endif maxlen = getdef_num ("PASS_MAX_LEN", 8); if (oldlen <= maxlen && newlen <= maxlen) return NULL; diff --git a/libmisc/salt.c b/libmisc/salt.c index 259f6096..2a9ecd2e 100644 --- a/libmisc/salt.c +++ b/libmisc/salt.c @@ -58,7 +58,7 @@ char *l64a(long value) */ #define MAGNUM(array,ch) (array)[0]=(array)[2]='$',(array)[1]=(ch),(array)[3]='\0' -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT /* * Return the salt size. * The size of the salt string is between 8 and 16 bytes for the SHA crypt @@ -187,15 +187,13 @@ char *crypt_make_salt (char *meth, void *arg) if (NULL != meth) method = meth; else { -#ifdef ENCRYPTMETHOD_SELECT if ((method = getdef_str ("ENCRYPT_METHOD")) == NULL) -#endif method = getdef_bool ("MD5_CRYPT_ENAB") ? "MD5" : "DES"; } if (!strcmp (method, "MD5")) { MAGNUM(result, '1'); -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT } else if (!strcmp (method, "SHA256")) { MAGNUM(result, '5'); strcat(result, SHA_salt_rounds((int *)arg)); diff --git a/src/chgpasswd.c b/src/chgpasswd.c index 6a829df5..b96cb2a5 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -80,7 +80,7 @@ static void usage (void) "%s" "\n"), Prog, -#ifndef ENCRYPTMETHOD_SELECT +#ifndef USE_SHA_CRYPT "NONE DES MD5", "" #else "NONE DES MD5 SHA256 SHA512", @@ -127,7 +127,7 @@ int main (int argc, char **argv) {"encrypted", no_argument, NULL, 'e'}, {"help", no_argument, NULL, 'h'}, {"md5", no_argument, NULL, 'm'}, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT {"sha-rounds", required_argument, NULL, 's'}, #endif {NULL, 0, NULL, '\0'} @@ -135,7 +135,7 @@ int main (int argc, char **argv) while ((c = getopt_long (argc, argv, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT "c:ehms:", #else "c:ehm", @@ -156,7 +156,7 @@ int main (int argc, char **argv) case 'm': md5flg = 1; break; -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT case 's': sflg = 1; if (!getlong(optarg, &sha_rounds)) { @@ -195,7 +195,7 @@ int main (int argc, char **argv) if ( 0 != strcmp (crypt_method, "DES") && 0 != strcmp (crypt_method, "MD5") && 0 != strcmp (crypt_method, "NONE") -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT && 0 != strcmp (crypt_method, "SHA256") && 0 != strcmp (crypt_method, "SHA512") #endif diff --git a/src/chpasswd.c b/src/chpasswd.c index 78d4919f..81e301d5 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -77,7 +77,7 @@ static void usage (void) "%s" "\n"), Prog, -#ifndef ENCRYPTMETHOD_SELECT +#ifndef USE_SHA_CRYPT "NONE DES MD5", "" #else "NONE DES MD5 SHA256 SHA512", @@ -123,7 +123,7 @@ int main (int argc, char **argv) {"encrypted", no_argument, NULL, 'e'}, {"help", no_argument, NULL, 'h'}, {"md5", no_argument, NULL, 'm'}, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT {"sha-rounds", required_argument, NULL, 's'}, #endif {NULL, 0, NULL, '\0'} @@ -131,7 +131,7 @@ int main (int argc, char **argv) while ((c = getopt_long (argc, argv, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT "c:ehms:", #else "c:ehm", @@ -152,7 +152,7 @@ int main (int argc, char **argv) case 'm': md5flg = 1; break; -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT case 's': sflg = 1; if (!getlong(optarg, &sha_rounds)) { @@ -191,7 +191,7 @@ int main (int argc, char **argv) if ( 0 != strcmp (crypt_method, "DES") && 0 != strcmp (crypt_method, "MD5") && 0 != strcmp (crypt_method, "NONE") -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT && 0 != strcmp (crypt_method, "SHA256") && 0 != strcmp (crypt_method, "SHA512") #endif diff --git a/src/newusers.c b/src/newusers.c index df82bd0f..a625ea8a 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -84,7 +84,7 @@ static void usage (void) "%s" "\n"), Prog, -#ifndef ENCRYPTMETHOD_SELECT +#ifndef USE_SHA_CRYPT "NONE DES MD5", "" #else "NONE DES MD5 SHA256 SHA512", @@ -344,7 +344,7 @@ int main (int argc, char **argv) static struct option long_options[] = { {"crypt-method", required_argument, NULL, 'c'}, {"help", no_argument, NULL, 'h'}, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT {"sha-rounds", required_argument, NULL, 's'}, #endif {NULL, 0, NULL, '\0'} @@ -352,7 +352,7 @@ int main (int argc, char **argv) while ((c = getopt_long (argc, argv, -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT "c:hs:", #else "c:h", @@ -367,7 +367,7 @@ int main (int argc, char **argv) case 'h': usage (); break; -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT case 's': sflg = 1; if (!getlong(optarg, &sha_rounds)) { @@ -399,7 +399,7 @@ int main (int argc, char **argv) if ( 0 != strcmp (crypt_method, "DES") && 0 != strcmp (crypt_method, "MD5") && 0 != strcmp (crypt_method, "NONE") -#ifdef ENCRYPTMETHOD_SELECT +#ifdef USE_SHA_CRYPT && 0 != strcmp (crypt_method, "SHA256") && 0 != strcmp (crypt_method, "SHA512") #endif diff --git a/src/passwd.c b/src/passwd.c index 282ffef1..d5479880 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -204,9 +204,7 @@ static int new_password (const struct passwd *pw) int i; /* Counter for retries */ int warned; int pass_max_len = -1; -#ifdef ENCRYPTMETHOD_SELECT char *method; -#endif #ifdef HAVE_LIBCRACK_HIST int HistUpdate (const char *, const char *); @@ -244,21 +242,20 @@ static int new_password (const struct passwd *pw) * for strength, unless it is the root user. This provides an escape * for initial login passwords. */ -#ifdef ENCRYPTMETHOD_SELECT if ((method = getdef_str ("ENCRYPT_METHOD")) == NULL) { -#endif if (!getdef_bool ("MD5_CRYPT_ENAB")) pass_max_len = getdef_num ("PASS_MAX_LEN", 8); -#ifdef ENCRYPTMETHOD_SELECT } else { - if (!strcmp (method, "MD5") || - !strcmp (method, "SHA256") || - !strcmp (method, "SHA512")) + if ( !strcmp (method, "MD5") +#ifdef USE_SHA_CRYPT + || !strcmp (method, "SHA256") + || !strcmp (method, "SHA512") +#endif + ) pass_max_len = -1; else pass_max_len = getdef_num ("PASS_MAX_LEN", 8); } -#endif if (!qflg) { if (pass_max_len == -1) { printf (_(