diff -ruN --exclude-from=diffignore dovecot/configure.in dovecot-xtrahash/configure.in --- dovecot/configure.in Sun Jul 25 17:56:23 2004 +++ dovecot-xtrahash/configure.in Sun Jul 25 16:16:14 2004 @@ -588,13 +588,6 @@ fi AC_SUBST(RAND_LIBS) -AC_CHECK_LIB(crypto, SHA1_Init, [ - AC_CHECK_HEADER(openssl/sha.h, [ - AC_DEFINE(HAVE_OPENSSL_SHA1,, Define if you have SHA1 in OpenSSL) - AUTH_LIBS=-lcrypto - ]) -]) - dnl * do we have tm_gmtoff AC_MSG_CHECKING([for tm_gmtoff]) AC_CACHE_VAL(i_cv_field_tm_gmtoff, diff -ruN --exclude-from=diffignore dovecot/src/auth/passdb.c dovecot-xtrahash/src/auth/passdb.c --- dovecot/src/auth/passdb.c Thu Jun 24 03:47:06 2004 +++ dovecot-xtrahash/src/auth/passdb.c Sun Jul 25 12:14:05 2004 @@ -52,7 +52,8 @@ if (password != NULL) { wanted_scheme = passdb_credentials_to_str(credentials); if (strcasecmp(scheme, wanted_scheme) != 0) { - if (strcasecmp(scheme, "PLAIN") == 0) { + if (strcasecmp(scheme, "PLAIN") == 0 + || strcasecmp(scheme, "CLEARTEXT") == 0) { /* we can generate anything out of plaintext passwords */ password = password_generate(password, user, diff -ruN --exclude-from=diffignore dovecot/src/auth/password-scheme.c dovecot-xtrahash/src/auth/password-scheme.c --- dovecot/src/auth/password-scheme.c Sat Jul 24 04:07:14 2004 +++ dovecot-xtrahash/src/auth/password-scheme.c Sun Jul 25 12:02:32 2004 @@ -8,13 +8,10 @@ #include "module-dir.h" #include "mycrypt.h" #include "randgen.h" +#include "sha1.h" #include "str.h" #include "password-scheme.h" -#ifdef HAVE_OPENSSL_SHA1 -# include -#endif - static const char salt_chars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; @@ -40,6 +37,19 @@ return -1; } +const char *password_list_schemes(const struct password_scheme **listptr) +{ + if (*listptr == NULL) + *listptr = schemes; + + if ((*listptr)->name == NULL) { + *listptr = NULL; + return NULL; + } + + return (*listptr)++->name; +} + const char *password_get_scheme(const char **password) { const char *p, *scheme; @@ -68,6 +78,14 @@ scheme = t_strdup_until(*password + 1, p); *password = p + 1; + + /* LDAP's RFC2307 specifies the MD5 scheme for what we call PLAIN-MD5, + * only base64-encoded rather than hex-encoded. + * We can detect this case - base64 doesn't use '$'. */ + if (strncasecmp(scheme, "MD5", 3) == 0 + && strncmp(*password, "$1$", 3) != 0) { + scheme = "LDAP-MD5"; + } return scheme; } @@ -124,20 +142,146 @@ return password_generate_md5_crypt(plaintext, salt); } -#ifdef HAVE_OPENSSL_SHA1 -static int sha_verify(const char *plaintext, const char *password, +static const char *sha1_generate(const char *plaintext, + const char *user __attr_unused__) +{ + unsigned char digest[SHA1_RESULTLEN]; + string_t *str; + + sha1_get_digest(plaintext, strlen(plaintext), digest); + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(digest)+1)); + base64_encode(digest, sizeof(digest), str); + return str_c(str); +} + +static int sha1_verify(const char *plaintext, const char *password, const char *user __attr_unused__) { - unsigned char digest[SHA_DIGEST_LENGTH]; + unsigned char sha1_digest[SHA1_RESULTLEN]; + const char *data; + buffer_t *buf; + size_t size; + + sha1_get_digest(plaintext, strlen(plaintext), sha1_digest); + + buf = buffer_create_static(pool_datastack_create(), + MAX_BASE64_DECODED_SIZE(strlen(password)+1)); + + if (base64_decode(password, strlen(password), NULL, buf) == 1) { + data = buffer_get_data(buf, &size); + if (size < SHA1_RESULTLEN) { + i_error("sha1_verify(%s): invalid SHA base64 decode", user); + return 0; + } + + return memcmp(sha1_digest, data, SHA1_RESULTLEN) == 0; + } else { + i_error("sha1_verify(%s): failed decoding SHA base64", user); + return 0; + } +} + +static const char *ssha_generate(const char *plaintext, + const char *user __attr_unused__) +{ + unsigned char ssha_digest[SHA1_RESULTLEN+4]; + unsigned char *salt = &ssha_digest[SHA1_RESULTLEN]; + struct sha1_ctxt ctx; string_t *str; - SHA1(plaintext, strlen(plaintext), digest); + random_fill(salt, 4); - str = t_str_new(64); - base64_encode(digest, sizeof(digest), str); - return strcasecmp(str_c(str), password) == 0; + sha1_init(&ctx); + sha1_loop(&ctx, plaintext, strlen(plaintext)); + sha1_loop(&ctx, salt, 4); + sha1_result(&ctx, ssha_digest); + + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(ssha_digest))+1); + base64_encode(ssha_digest, sizeof(ssha_digest), str); + return str_c(str); +} + +static int ssha_verify(const char *plaintext, const char *password, + const char *user __attr_unused__) +{ + unsigned char sha1_digest[SHA1_RESULTLEN]; + buffer_t *buf; + const char *data; + size_t size; + struct sha1_ctxt ctx; + + /* format: base64-encoded MD5 hash and salt */ + buf = buffer_create_static(pool_datastack_create(), + MAX_BASE64_DECODED_SIZE(strlen(password)+1)); + + if (base64_decode(password, strlen(password), NULL, buf) == 1) { + data = buffer_get_data(buf, &size); + if (size <= SHA1_RESULTLEN) { + i_error("ssha_verify(%s): invalid SSHA base64 decode", user); + return 0; + } + + sha1_init(&ctx); + sha1_loop(&ctx, plaintext, strlen(plaintext)); + sha1_loop(&ctx, &data[SHA1_RESULTLEN], size-SHA1_RESULTLEN); + sha1_result(&ctx, sha1_digest); + return memcmp(sha1_digest, data, SHA1_RESULTLEN) == 0; + } else { + i_error("ssha_verify(%s): failed decoding SSHA base64", user); + return 0; + } +} + +static const char *smd5_generate(const char *plaintext, + const char *user __attr_unused__) +{ + unsigned char smd5_digest[20]; + unsigned char *salt = &smd5_digest[16]; + struct md5_context ctx; + string_t *str; + + random_fill(salt, 4); + + md5_init(&ctx); + md5_update(&ctx, plaintext, strlen(plaintext)); + md5_update(&ctx, salt, 4); + md5_final(&ctx, smd5_digest); + + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(smd5_digest))+1); + base64_encode(smd5_digest, sizeof(smd5_digest), str); + return str_c(str); +} + +static int smd5_verify(const char *plaintext, const char *password, + const char *user __attr_unused__) +{ + unsigned char md5_digest[16]; + buffer_t *buf; + const char *data; + size_t size; + struct md5_context ctx; + + /* format: base64-encoded MD5 hash and salt */ + buf = buffer_create_static(pool_datastack_create(), + MAX_BASE64_DECODED_SIZE(strlen(password)+1)); + + if (base64_decode(password, strlen(password), NULL, buf) == 1) { + data = buffer_get_data(buf, &size); + if (size <= 16) { + i_error("smd5_verify(%s): invalid SMD5 base64 decode", user); + return 0; + } + + md5_init(&ctx); + md5_update(&ctx, plaintext, strlen(plaintext)); + md5_update(&ctx, &data[16], size-16); + md5_final(&ctx, md5_digest); + return memcmp(md5_digest, data, 16) == 0; + } else { + i_error("smd5_verify(%s): failed decoding SMD5 base64", user); + return 0; + } } -#endif static int plain_verify(const char *plaintext, const char *password, const char *user __attr_unused__) @@ -216,17 +360,58 @@ return binary_to_hex(digest, sizeof(digest)); } +static const char *ldap_md5_generate(const char *plaintext, + const char *user __attr_unused__) +{ + unsigned char digest[16]; + string_t *str; + + md5_get_digest(plaintext, strlen(plaintext), digest); + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(digest)+1)); + base64_encode(digest, sizeof(digest), str); + return str_c(str); +} + +static int ldap_md5_verify(const char *plaintext, const char *password, + const char *user __attr_unused__) +{ + unsigned char md5_digest[16]; + buffer_t *buf; + const char *data; + size_t size; + + md5_get_digest(plaintext, strlen(plaintext), md5_digest); + + buf = buffer_create_static(pool_datastack_create(), + MAX_BASE64_DECODED_SIZE(strlen(password)+1)); + + if (base64_decode(password, strlen(password), NULL, buf) == 1) { + data = buffer_get_data(buf, &size); + if (size != 16) { + i_error("ldap_md5_verify(%s): invalid MD5 base64 decode", user); + return 0; + } + + return memcmp(md5_digest, data, 16) == 0; + } else { + i_error("ldap_md5_verify(%s): failed decoding MD5 base64", user); + return 0; + } +} + static const struct password_scheme default_schemes[] = { { "CRYPT", crypt_verify, crypt_generate }, { "MD5", md5_verify, md5_generate }, -#ifdef HAVE_OPENSSL_SHA1 - { "SHA", sha_verify, NULL }, - { "SHA1", sha_verify, NULL }, -#endif + { "SHA", sha1_verify, sha1_generate }, + { "SHA1", sha1_verify, sha1_generate }, + { "SMD5", smd5_verify, smd5_generate }, + { "SSHA", ssha_verify, ssha_generate }, { "PLAIN", plain_verify, plain_generate }, + { "CLEARTEXT", plain_verify, plain_generate }, { "HMAC-MD5", hmac_md5_verify, hmac_md5_generate }, { "DIGEST-MD5", digest_md5_verify, digest_md5_generate }, { "PLAIN-MD5", plain_md5_verify, plain_md5_generate }, + { "LDAP-MD5", ldap_md5_verify, ldap_md5_generate }, { NULL, NULL, NULL } }; diff -ruN --exclude-from=diffignore dovecot/src/auth/password-scheme.h dovecot-xtrahash/src/auth/password-scheme.h --- dovecot/src/auth/password-scheme.h Sun May 30 13:57:15 2004 +++ dovecot-xtrahash/src/auth/password-scheme.h Sun Jul 25 16:15:41 2004 @@ -21,6 +21,9 @@ const char *password_generate(const char *plaintext, const char *user, const char *scheme); +/* Iterate through the list of password schemes, returning names */ +const char *password_list_schemes(const struct password_scheme **listptr); + void password_schemes_init(void); void password_schemes_deinit(void); diff -ruN --exclude-from=diffignore dovecot/src/lib/Makefile.am dovecot-xtrahash/src/lib/Makefile.am --- dovecot/src/lib/Makefile.am Wed Apr 28 06:25:52 2004 +++ dovecot-xtrahash/src/lib/Makefile.am Sat Jul 24 20:59:55 2004 @@ -54,6 +54,7 @@ safe-memset.c \ safe-mkdir.c \ sendfile-util.c \ + sha1.c \ str.c \ strescape.c \ strfuncs.c \ @@ -109,6 +110,7 @@ safe-memset.h \ safe-mkdir.h \ sendfile-util.h \ + sha1.h \ str.h \ strescape.h \ strfuncs.h \ diff -ruN --exclude-from=diffignore dovecot/src/lib/sha1.c dovecot-xtrahash/src/lib/sha1.c --- dovecot/src/lib/sha1.c Thu Jan 1 10:00:00 1970 +++ dovecot-xtrahash/src/lib/sha1.c Sat Jul 24 21:28:32 2004 @@ -0,0 +1,286 @@ +/* $KAME: sha1.c,v 1.5 2000/11/08 06:13:08 itojun Exp $ */ +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * FIPS pub 180-1: Secure Hash Algorithm (SHA-1) + * based on: http://csrc.nist.gov/fips/fip180-1.txt + * implemented by Jun-ichiro itojun Itoh + */ + +#include +#include +#include + +#include "sha1.h" +#include "safe-memset.h" + +/* sanity check */ +#if BYTE_ORDER != BIG_ENDIAN +# if BYTE_ORDER != LITTLE_ENDIAN +# define unsupported 1 +# endif +#endif + +#ifndef unsupported + +/* constant table */ +static u_int32_t _K[] = { 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6 }; +#define K(t) _K[(t) / 20] + +#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d))) +#define F1(b, c, d) (((b) ^ (c)) ^ (d)) +#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d))) +#define F3(b, c, d) (((b) ^ (c)) ^ (d)) + +#define S(n, x) (((x) << (n)) | ((x) >> (32 - n))) + +#define H(n) (ctxt->h.b32[(n)]) +#define COUNT (ctxt->count) +#define BCOUNT (ctxt->c.b64[0] / 8) +#define W(n) (ctxt->m.b32[(n)]) + +#define PUTBYTE(x) { \ + ctxt->m.b8[(COUNT % 64)] = (x); \ + COUNT++; \ + COUNT %= 64; \ + ctxt->c.b64[0] += 8; \ + if (COUNT % 64 == 0) \ + sha1_step(ctxt); \ + } + +#define PUTPAD(x) { \ + ctxt->m.b8[(COUNT % 64)] = (x); \ + COUNT++; \ + COUNT %= 64; \ + if (COUNT % 64 == 0) \ + sha1_step(ctxt); \ + } + +static void sha1_step(struct sha1_ctxt *); + +static void +sha1_step(ctxt) + struct sha1_ctxt *ctxt; +{ + u_int32_t a, b, c, d, e; + size_t t, s; + u_int32_t tmp; + +#if BYTE_ORDER == LITTLE_ENDIAN + struct sha1_ctxt tctxt; + memmove(&tctxt.m.b8[0], &ctxt->m.b8[0], 64); + ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2]; + ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0]; + ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6]; + ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4]; + ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10]; + ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8]; + ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14]; + ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12]; + ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18]; + ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16]; + ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22]; + ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20]; + ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26]; + ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24]; + ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30]; + ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28]; + ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34]; + ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32]; + ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38]; + ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36]; + ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42]; + ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40]; + ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46]; + ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44]; + ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50]; + ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48]; + ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54]; + ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52]; + ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58]; + ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56]; + ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62]; + ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60]; +#endif + + a = H(0); b = H(1); c = H(2); d = H(3); e = H(4); + + for (t = 0; t < 20; t++) { + s = t & 0x0f; + if (t >= 16) { + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s)); + } + tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 20; t < 40; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 40; t < 60; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 60; t < 80; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + + H(0) = H(0) + a; + H(1) = H(1) + b; + H(2) = H(2) + c; + H(3) = H(3) + d; + H(4) = H(4) + e; + + memset(&ctxt->m.b8[0], 0, 64); +} + +/*------------------------------------------------------------*/ + +void +sha1_init(ctxt) + struct sha1_ctxt *ctxt; +{ + memset(ctxt, 0, sizeof(struct sha1_ctxt)); + H(0) = 0x67452301; + H(1) = 0xefcdab89; + H(2) = 0x98badcfe; + H(3) = 0x10325476; + H(4) = 0xc3d2e1f0; +} + +void +sha1_pad(ctxt) + struct sha1_ctxt *ctxt; +{ + size_t padlen; /*pad length in bytes*/ + size_t padstart; + + PUTPAD(0x80); + + padstart = COUNT % 64; + padlen = 64 - padstart; + if (padlen < 8) { + memset(&ctxt->m.b8[padstart], 0, padlen); + COUNT += padlen; + COUNT %= 64; + sha1_step(ctxt); + padstart = COUNT % 64; /* should be 0 */ + padlen = 64 - padstart; /* should be 64 */ + } + memset(&ctxt->m.b8[padstart], 0, padlen - 8); + COUNT += (padlen - 8); + COUNT %= 64; +#if BYTE_ORDER == BIG_ENDIAN + PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]); + PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]); + PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]); + PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]); +#else + PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]); + PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]); + PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]); + PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]); +#endif +} + +void +sha1_loop(ctxt, input, len) + struct sha1_ctxt *ctxt; + const u_int8_t *input; + size_t len; +{ + size_t gaplen; + size_t gapstart; + size_t off; + size_t copysiz; + + off = 0; + + while (off < len) { + gapstart = COUNT % 64; + gaplen = 64 - gapstart; + + copysiz = (gaplen < len - off) ? gaplen : len - off; + memmove(&ctxt->m.b8[gapstart], &input[off], copysiz); + COUNT += copysiz; + COUNT %= 64; + ctxt->c.b64[0] += copysiz * 8; + if (COUNT % 64 == 0) + sha1_step(ctxt); + off += copysiz; + } +} + +void +sha1_result(ctxt, digest0) + struct sha1_ctxt *ctxt; + void *digest0; +{ + u_int8_t *digest; + + digest = (u_int8_t *)digest0; + sha1_pad(ctxt); +#if BYTE_ORDER == BIG_ENDIAN + memmove(digest, &ctxt->h.b8[0], 20); +#else + digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2]; + digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0]; + digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6]; + digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4]; + digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10]; + digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8]; + digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14]; + digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12]; + digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18]; + digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16]; +#endif + safe_memset(ctxt, 0, sizeof(struct sha1_ctxt)); +} + +void sha1_get_digest(data, size, result) + const void *data; + size_t size; + unsigned char result[SHA1_RESULTLEN]; +{ + struct sha1_ctxt ctx; + + sha1_init(&ctx); + sha1_loop(&ctx, data, size); + sha1_result(&ctx, result); +} + +#endif /*unsupported*/ diff -ruN --exclude-from=diffignore dovecot/src/lib/sha1.h dovecot-xtrahash/src/lib/sha1.h --- dovecot/src/lib/sha1.h Thu Jan 1 10:00:00 1970 +++ dovecot-xtrahash/src/lib/sha1.h Sat Jul 24 21:28:41 2004 @@ -0,0 +1,74 @@ +/* $FreeBSD: src/sys/crypto/sha1.h,v 1.8 2002/03/20 05:13:50 alfred Exp $ */ +/* $KAME: sha1.h,v 1.5 2000/03/27 04:36:23 sumikawa Exp $ */ + +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/* + * FIPS pub 180-1: Secure Hash Algorithm (SHA-1) + * based on: http://csrc.nist.gov/fips/fip180-1.txt + * implemented by Jun-ichiro itojun Itoh + */ + +#ifndef __SHA1_H +#define __SHA1_H + +struct sha1_ctxt { + union { + u_int8_t b8[20]; + u_int32_t b32[5]; + } h; + union { + u_int8_t b8[8]; + u_int64_t b64[1]; + } c; + union { + u_int8_t b8[64]; + u_int32_t b32[16]; + } m; + u_int8_t count; +}; + +extern void sha1_init(struct sha1_ctxt *); +extern void sha1_pad(struct sha1_ctxt *); +extern void sha1_loop(struct sha1_ctxt *, const u_int8_t *, size_t); +extern void sha1_result(struct sha1_ctxt *, void *); + + +/* compatibilty with other SHA1 source codes */ +typedef struct sha1_ctxt SHA1_CTX; +#define SHA1Init(x) sha1_init((x)) +#define SHA1Update(x, y, z) sha1_loop((x), (y), (z)) +#define SHA1Final(x, y) sha1_result((y), (x)) + +#define SHA1_RESULTLEN (160/8) + +extern void sha1_get_digest(const void *, size_t, + unsigned char [SHA1_RESULTLEN]); + +#endif /*__SHA1_H*/ diff -ruN --exclude-from=diffignore dovecot/src/util/Makefile.am dovecot-xtrahash/src/util/Makefile.am --- dovecot/src/util/Makefile.am Thu Aug 21 09:26:37 2003 +++ dovecot-xtrahash/src/util/Makefile.am Sat Jul 24 19:37:56 2004 @@ -1,12 +1,25 @@ pkglibexecdir = $(libexecdir)/dovecot pkglibexec_PROGRAMS = rawlog +sbin_PROGRAMS = dovecotpw INCLUDES = \ - -I$(top_srcdir)/src/lib + -I$(top_srcdir)/src/lib \ + -I$(top_srcdir)/src/auth rawlog_LDADD = \ ../lib/liblib.a rawlog_SOURCES = \ rawlog.c + +dovecotpw_LDADD = \ + ../lib/liblib.a \ + ../auth/password-scheme.o \ + ../auth/password-scheme-cram-md5.o \ + ../auth/password-scheme-md5crypt.o \ + ../auth/mycrypt.o \ + $(AUTH_LIBS) + +dovecotpw_SOURCES = \ + dovecotpw.c diff -ruN --exclude-from=diffignore dovecot/src/util/dovecotpw.c dovecot-xtrahash/src/util/dovecotpw.c --- dovecot/src/util/dovecotpw.c Thu Jan 1 10:00:00 1970 +++ dovecot-xtrahash/src/util/dovecotpw.c Sun Jul 25 22:24:22 2004 @@ -0,0 +1,140 @@ +/* Copyright (C) 2004 Joshua Goodall */ + +#include "lib.h" +#include "password-scheme.h" +#include "randgen.h" + +#include +#include +#include +#include +#include +#include +#include + +#define DEFAULT_SCHEME "HMAC-MD5" + +#define STRWIPE(s) do { \ + char *c; \ + for (c = s; *c != '\0'; c++) \ + *c = '\0'; \ +} while (0) + +static void +usage(const char *s) +{ + fprintf(stderr, + "usage: %s [-l] [-p plaintext] [-s scheme] [-u user] [-V]\n", s); + fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n", + " -l List known password schemes", + " -p plaintext New password", + " -s scheme Password scheme", + " -u user Username (if scheme uses it)", + " -V Internally verify the hash"); + + exit(1); +} + +int main(int argc, char *argv[] __attr_unused__) +{ + extern char *optarg; + extern int optind; + const char *hash = NULL; + const char *user = NULL; + char *scheme = NULL; + char *plaintext = NULL; + char ch; + int lflag = 0, Vflag = 0; + + lib_init(); + random_init(); + password_schemes_init(); + + while ((ch = getopt(argc, argv, "lp:s:u:V")) != -1) { + switch (ch) { + case 'l': + lflag = 1; + break; + case 'p': + plaintext = strdup(optarg); + STRWIPE(optarg); + break; + case 's': + scheme = strdup(optarg); + break; + case 'u': + user = strdup(optarg); + break; + case 'V': + Vflag = 1; + break; + case '?': + default: + usage(basename(*argv)); + } + } + + if (lflag) { + const struct password_scheme *p = NULL; + const char *s; + + while ((s = password_list_schemes(&p)) != NULL) + printf("%s ", s); + printf("\n"); + exit(0); + } + + if (argc != optind) + usage(basename(*argv)); + + if (scheme == NULL) + scheme = strdup(DEFAULT_SCHEME); + else { + char *c; + for (c = scheme; *c != '\0'; c++) + *c = toupper(*c); + } + + + while (plaintext == NULL) { + char *check; + static int lives = 3; + + plaintext = strdup(getpass("Enter new password: ")); + check = strdup(getpass("Retype new password: ")); + if (strcmp(plaintext, check) != 0) { + fprintf(stderr, "Passwords don't match!\n"); + if (--lives == 0) + exit(1); + STRWIPE(plaintext); + STRWIPE(check); + free(plaintext); + plaintext = NULL; + } + } + + if ((hash = password_generate(plaintext, user, scheme)) == NULL) { + fprintf(stderr, "error generating password hash\n"); + exit(1); + } + if (Vflag == 1) { + const char *checkscheme, *checkpass; + + checkpass = t_strdup_printf("{%s}%s", scheme, hash); + checkscheme = password_get_scheme(&checkpass); + + if (strcmp(scheme, checkscheme) != 0) { + fprintf(stderr, "reverse scheme lookup check failed\n"); + exit(2); + } + if (password_verify(plaintext, checkpass, checkscheme, user) != 1) { + fprintf(stderr, "reverse password verification check failed\n"); + exit(2); + } + + printf("{%s}%s (verified)\n", scheme, hash); + } else + printf("{%s}%s\n", scheme, hash); + + return 0; +}