dovecot-2.2: auth: Don't crash when trying to use CRYPT scheme w...

Mon Nov 9 12:11:39 UTC 2015

details:   http://hg.dovecot.org/dovecot-2.2/rev/61eb9ac0d29e
changeset: 19347:61eb9ac0d29e
user:      Timo Sirainen <tss at iki.fi>
date:      Mon Nov 09 14:11:12 2015 +0200
description:
auth: Don't crash when trying to use CRYPT scheme when crypt() doesn't support DES

diffstat:

 src/auth/password-scheme-crypt.c |  16 ++++++++++++++++
 src/auth/password-scheme.c       |  14 --------------
 2 files changed, 16 insertions(+), 14 deletions(-)

diffs (71 lines):

diff -r 2f2d78bedeed -r 61eb9ac0d29e src/auth/password-scheme-crypt.c

--- a/src/auth/password-scheme-crypt.c	Mon Nov 09 13:16:50 2015 +0200
+++ b/src/auth/password-scheme-crypt.c	Mon Nov 09 14:11:12 2015 +0200
@@ -24,6 +24,19 @@
 }
 
 static void
+crypt_generate_des(const char *plaintext, const char *user ATTR_UNUSED,
+		   const unsigned char **raw_password_r, size_t *size_r)
+{
+#define CRYPT_SALT_LEN 2
+	const char *password, *salt;
+
+	salt = password_generate_salt(CRYPT_SALT_LEN);
+	password = t_strdup(mycrypt(plaintext, salt));
+	*raw_password_r = (const unsigned char *)password;
+	*size_r = strlen(password);
+}
+
+static void
 crypt_generate_blowfisch(const char *plaintext, const char *user ATTR_UNUSED,
 			 const unsigned char **raw_password_r, size_t *size_r)
 {
@@ -98,6 +111,7 @@
 	const char *salt;
 	const char *expected;
 } sample[] = {
+	{ "08/15!test~4711", "JB", "JBOZ0DgmtucwE" },
 	{ "08/15!test~4711", "$2a$04$0123456789abcdefABCDEF",
 	  "$2a$04$0123456789abcdefABCDE.N.drYX5yIAL1LkTaaZotW3yI0hQhZru" },
 	{ "08/15!test~4711", "$5$rounds=1000$0123456789abcdef",
@@ -110,6 +124,8 @@
 
 /* keep in sync with the sample struct above */
 static const struct password_scheme crypt_schemes[] = {
+	{ "CRYPT", PW_ENCODING_NONE, 0, crypt_verify,
+	  crypt_generate_des },
 	{ "BLF-CRYPT", PW_ENCODING_NONE, 0, crypt_verify,
 	  crypt_generate_blowfisch },
 	{ "SHA256-CRYPT", PW_ENCODING_NONE, 0, crypt_verify,
diff -r 2f2d78bedeed -r 61eb9ac0d29e src/auth/password-scheme.c
--- a/src/auth/password-scheme.c	Mon Nov 09 13:16:50 2015 +0200
+++ b/src/auth/password-scheme.c	Mon Nov 09 14:11:12 2015 +0200
@@ -341,19 +341,6 @@
 	return strcmp(crypted, password) == 0 ? 1 : 0;
 }
 
-static void
-crypt_generate(const char *plaintext, const char *user ATTR_UNUSED,
-	       const unsigned char **raw_password_r, size_t *size_r)
-{
-#define	CRYPT_SALT_LEN 2
-	const char *password, *salt;
-
-	salt = password_generate_salt(CRYPT_SALT_LEN);
-	password = t_strdup(mycrypt(plaintext, salt));
-	*raw_password_r = (const unsigned char *)password;
-	*size_r = strlen(password);
-}
-
 static int
 md5_verify(const char *plaintext, const char *user,
 	   const unsigned char *raw_password, size_t size, const char **error_r)
@@ -803,7 +790,6 @@
 }
 
 static const struct password_scheme builtin_schemes[] = {
-	{ "CRYPT", PW_ENCODING_NONE, 0, crypt_verify, crypt_generate },
 	{ "MD5", PW_ENCODING_NONE, 0, md5_verify, md5_crypt_generate },
 	{ "MD5-CRYPT", PW_ENCODING_NONE, 0,
 	  md5_crypt_verify, md5_crypt_generate },
