Cleanup pass on mkpasswd.c

author: Rob Landley <rob@landley.net> 2014-06-25 22:54:59 -0500
committer: Rob Landley <rob@landley.net> 2014-06-25 22:54:59 -0500
commit: 6d15f0d33fbc422689f92fbbf4dc65d3ab1fb970 (patch)
tree: 3b0ebc8603e933bde1c2a465972a1201928e30ec
parent: 6ad3207b65438870dfc9f76a3dcf4bb04096297e (diff)
download: toybox-6d15f0d33fbc422689f92fbbf4dc65d3ab1fb970.tar.gz
4 files changed, 70 insertions, 93 deletions
diff --git a/lib/lib.h b/lib/lib.h
index dfbe5e1c..9deacf22 100644
--- a/lib/lib.h
+++ b/lib/lib.h
@@ -165,6 +165,9 @@ int human_readable(char *buf, unsigned long long num);
 // net.c
 int xsocket(int domain, int type, int protocol);
 
+// password.c
+int get_salt(char *salt, char * algo);
+
 // getmountlist.c
 struct mtab_list {
   struct mtab_list *next, *prev;
diff --git a/lib/password.c b/lib/password.c
index 930e9c36..76f00436 100644
--- a/lib/password.c
+++ b/lib/password.c
@@ -6,48 +6,48 @@
 #include "toys.h"
 #include <time.h>
 
+// generate appropriate random salt string for given encryption algorithm.
 int get_salt(char *salt, char *algo)
 {      
-  int i, len = 0, offset = 0;
-  char buf[12];
-
-  if (!strcmp(algo,"des")) len = 2;
-  else {
-    *salt++ = '$';
-    if (!strcmp(algo,"md5")) {
-      *salt++ = '1';
-      len = 8;
-    } else if (!strcmp(algo,"sha256")) {
-      *salt++ = '5';
-      len = 16;
-    } else if (!strcmp(algo,"sha512")) {
-      *salt++ = '6';
-      len = 16;
-    } else return -1;
-
-    *salt++ = '$';
-    offset = 3;
-  }    
-
-  // Read appropriate number of random bytes for salt
-  i = xopen("/dev/urandom", O_RDONLY);
-  xreadall(i, buf, ((len*6)+7)/8);
-  close(i);
-
-  // Grab 6 bit chunks and convert to characters in ./0-9a-zA-Z
-  for (i=0; i<len; i++) {
-    int bitpos = i*6, bits = bitpos/8;
-
-    bits = ((buf[i]+(buf[i+1]<<8)) >> (bitpos&7)) & 0x3f;
-    bits += 46;
-    if (bits > 57) bits += 7;
-    if (bits > 90) bits += 6;
-
-    salt[i] = bits;
+  struct {
+    char *type, id, len;
+  } al[] = {{"des", 0, 2}, {"md5", 1, 8}, {"sha256", 5, 16}, {"sha512", 6, 16}};
+  int i;
+
+  for (i = 0; i < ARRAY_LEN(al); i++) {
+    if (!strcmp(algo, al[i].type)) {
+      int len = al[i].len;
+      char *s = salt;
+
+      if (al[i].id) {
+        *s++ = '$';
+        *s++ = '0'+al[i].id;
+      }
+      *s++ = '$';
+
+      // Read appropriate number of random bytes for salt
+      i = xopen("/dev/urandom", O_RDONLY);
+      xreadall(i, libbuf, ((len*6)+7)/8);
+      close(i);
+
+      // Grab 6 bit chunks and convert to characters in ./0-9a-zA-Z
+      for (i=0; i<len; i++) {
+        int bitpos = i*6, bits = bitpos/8;
+
+        bits = ((libbuf[i]+(libbuf[i+1]<<8)) >> (bitpos&7)) & 0x3f;
+        bits += 46;
+        if (bits > 57) bits += 7;
+        if (bits > 90) bits += 6;
+
+        s[i] = bits;
+      }
+      salt[len] = 0;
+
+      return s-salt;
+    }
   }
-  salt[i] = 0;
 
-  return offset;
+  return -1;
 }
 
 static void handle(int signo)
diff --git a/lib/pending.h b/lib/pending.h
index aa31ea9e..c99a9f17 100644
--- a/lib/pending.h
+++ b/lib/pending.h
@@ -4,7 +4,6 @@
 #define MAX_SALT_LEN  20 //3 for id, 16 for key, 1 for '\0'
 #define SYS_FIRST_ID  100
 #define SYS_LAST_ID   999
-int get_salt(char *salt, char * algo);
 void is_valid_username(const char *name);
 int read_password(char * buff, int buflen, char* mesg);
 int update_password(char *filename, char* username, char* encrypted);
diff --git a/toys/pending/mkpasswd.c b/toys/pending/mkpasswd.c
index a46c514c..4e6f063e 100644
--- a/toys/pending/mkpasswd.c
+++ b/toys/pending/mkpasswd.c
@@ -11,12 +11,12 @@ config MKPASSWD
   bool "mkpasswd"
   default n
   help
-    usage: mkpasswd [OPTIONS] [PASSWORD] [SALT]
+    usage: mkpasswd [-P FD] [-m TYPE] [-S SALT] [PASSWORD] [SALT]
 
     Crypt PASSWORD using crypt(3)
 
-    -P N    Read password from fd N
-    -m TYPE Encryption method, when TYPE='help', then show the methods available
+    -P FD   Read password from file descriptor FD
+    -m TYPE Encryption method (des, md5, sha256, or sha512; default is des)
     -S SALT
 */
 
@@ -29,74 +29,49 @@ GLOBALS(
   char *salt;
 )
 
-
-/*
- * validate the salt provided by user.
- * the allowed character set for salt is [./A-Za-z0-9]
- */
-static void is_salt_valid(char *salt)
-{
-  regex_t rp;
-  regmatch_t rm[1];
-  char *regex = "[./A-Za-z0-9]*"; //salt REGEX
-
-  xregcomp(&rp, regex, REG_NEWLINE);
-
-  /* compare string against pattern --  remember that patterns 
-     are anchored to the beginning of the line */
-  if (regexec(&rp, salt, 1, rm, 0) == 0 && rm[0].rm_so == 0 
-      && rm[0].rm_eo == strlen(salt))
-      return;
-
-  error_exit("salt should be in character set [./A-Za-z0-9]");
-}
-
 void mkpasswd_main(void)
 {
-  int offset = 0;
   char salt[MAX_SALT_LEN] = {0,};
+  int i;
 
-  if (!(toys.optflags & FLAG_m)) TT.method = "des";
-  else if (!strcmp(TT.method, "help")) {
-    xprintf("Available encryption methods are:\n"
-        " des\n md5\n sha256\n sha512\n");
-    return;
+  if (!TT.method) TT.method = "des";
+  if (toys.optc == 2) {
+    if (TT.salt) error_exit("duplicate salt");
+    TT.salt = toys.optargs[1];
   }
-  // If arguments are there, then the second argument is Salt, can be NULL also
-  if ((toys.optc == 2) && !(toys.optflags & FLAG_S)) TT.salt = toys.optargs[1];
 
-  offset= get_salt(salt, TT.method);
-  if (offset == -1) error_exit("unknown encryption method");
+  if (-1 == (i = get_salt(salt, TT.method))) error_exit("bad -m");
   if (TT.salt) {
-    is_salt_valid(TT.salt);
-    snprintf(salt + offset, MAX_SALT_LEN - offset, "%s", TT.salt);
+    char *s = TT.salt;
+
+    // In C locale, isalnum() means [A-Za-Z0-0]
+    while (isalnum(*s) || *s == '.' || *s == '/') s++;
+    if (*s) error_exit("salt not in [./A-Za-z0-9]");
+
+    snprintf(salt+i, sizeof(salt)-i, "%s", TT.salt);
   }
 
-  if (toys.optflags & FLAG_P) {
-    if (dup2(TT.pfd, STDIN_FILENO) == -1) perror_exit("fd");
+  // Because read_password() doesn't have an fd argument
+  if (TT.pfd) {
+    if (dup2(TT.pfd, 0) == -1) perror_exit("fd");
     close(TT.pfd);
   }
 
-  if (!toys.optc) {
-    if (isatty(STDIN_FILENO)) {
+  // If we haven't got a password on the command line, read it from tty or FD
+  if (!*toys.optargs) {
+    // Prompt and read interactively?
+    if (isatty(0)) {
       if (read_password(toybuf, sizeof(toybuf), "Password: ")) 
         perror_exit("password read failed");
     } else {
-      // read from the given FD
-      int i = 0;
-      while (1) {
-        int ret = read(0, &toybuf[i], 1);
-        if ( ret < 0 ) perror_exit("password read failed");
-        else if (ret == 0 || toybuf[i] == '\n' || toybuf[i] == '\r' ||
-            sizeof(toybuf) == i+1) {
-          toybuf[i] = '\0';
-          break;
-        }
-        i++;
+      for (i = 0; i<sizeof(toybuf)-1; i++) {
+        if (!xread(0, toybuf+i, 1)) break;
+        if (toybuf[i] == '\n' || toybuf[i] == '\r') break;
       }
+      toybuf[i] = 0;
     }
-  } else snprintf(toybuf, sizeof(toybuf), "%s", toys.optargs[0]);
+  }
 
   // encrypt & print the password
-  xprintf("%s\n",crypt(toybuf, salt));
+  xprintf("%s\n",crypt(*toys.optargs ? *toys.optargs : toybuf, salt));
 }
author	Rob Landley <rob@landley.net>	2014-06-25 22:54:59 -0500
committer	Rob Landley <rob@landley.net>	2014-06-25 22:54:59 -0500
commit	6d15f0d33fbc422689f92fbbf4dc65d3ab1fb970 (patch)
tree	3b0ebc8603e933bde1c2a465972a1201928e30ec
parent	6ad3207b65438870dfc9f76a3dcf4bb04096297e (diff)
download	toybox-6d15f0d33fbc422689f92fbbf4dc65d3ab1fb970.tar.gz