svn commit: trunk/busybox: include libbb loginutils

vda at busybox.net vda at busybox.net
Sun Jun 15 18:35:36 UTC 2008


Author: vda
Date: 2008-06-15 11:35:34 -0700 (Sun, 15 Jun 2008)
New Revision: 22352

Log:
Specially for Bernhard Fischer introduce USE_BB_CRYPT
which selects between libc/custom crypt routines.



Modified:
   trunk/busybox/include/libbb.h
   trunk/busybox/libbb/pw_encrypt.c
   trunk/busybox/loginutils/Config.in


Changeset:
Modified: trunk/busybox/include/libbb.h
===================================================================
--- trunk/busybox/include/libbb.h	2008-06-15 17:48:33 UTC (rev 22351)
+++ trunk/busybox/include/libbb.h	2008-06-15 18:35:34 UTC (rev 22352)
@@ -1032,6 +1032,9 @@
 extern void setup_environment(const char *shell, int clear_env, int change_env, const struct passwd *pw);
 extern int correct_password(const struct passwd *pw);
 /* Returns a malloced string */
+#if !ENABLE_USE_BB_CRYPT
+#define pw_encrypt(clear, salt, cleanup) pw_encrypt(clear, salt)
+#endif
 extern char *pw_encrypt(const char *clear, const char *salt, int cleanup);
 extern int obscure(const char *old, const char *newval, const struct passwd *pwdp);
 /* rnd is additional random input. New one is returned.

Modified: trunk/busybox/libbb/pw_encrypt.c
===================================================================
--- trunk/busybox/libbb/pw_encrypt.c	2008-06-15 17:48:33 UTC (rev 22351)
+++ trunk/busybox/libbb/pw_encrypt.c	2008-06-15 18:35:34 UTC (rev 22352)
@@ -9,6 +9,8 @@
 
 #include "libbb.h"
 
+#if ENABLE_USE_BB_CRYPT
+
 /*
  * DES and MD5 crypt implementations are taken from uclibc.
  * They were modified to not use static buffers.
@@ -69,3 +71,18 @@
 
 	return encrypted;
 }
+
+#else /* if !ENABLE_USE_BB_CRYPT */
+
+char *pw_encrypt(const char *clear, const char *salt, int cleanup)
+{
+#if 0 /* was CONFIG_FEATURE_SHA1_PASSWORDS, but there is no such thing??? */
+	if (strncmp(salt, "$2$", 3) == 0) {
+		return xstrdup(sha1_crypt(clear));
+	}
+#endif
+
+	return xstrdup(crypt(clear, salt));
+}
+
+#endif

Modified: trunk/busybox/loginutils/Config.in
===================================================================
--- trunk/busybox/loginutils/Config.in	2008-06-15 17:48:33 UTC (rev 22351)
+++ trunk/busybox/loginutils/Config.in	2008-06-15 18:35:34 UTC (rev 22352)
@@ -13,45 +13,67 @@
 	  readable by root and thus the encrypted passwords are no longer
 	  publicly readable.
 
+config USE_BB_PWD_GRP
+	bool "Use internal password and group functions rather than system functions"
+	default n
+	help
+	  If you leave this disabled, busybox will use the system's password
+	  and group functions.  And if you are using the GNU C library
+	  (glibc), you will then need to install the /etc/nsswitch.conf
+	  configuration file and the required /lib/libnss_* libraries in
+	  order for the password and group functions to work.  This generally
+	  makes your embedded system quite a bit larger.
+
+	  Enabling this option will cause busybox to directly access the
+	  system's /etc/password, /etc/group files (and your system will be
+	  smaller, and I will get fewer emails asking about how glibc NSS
+	  works).  When this option is enabled, you will not be able to use
+	  PAM to access remote LDAP password servers and whatnot.  And if you
+	  want hostname resolution to work with glibc, you still need the
+	  /lib/libnss_* libraries.
+
+	  If you need to use glibc's nsswitch.conf mechanism
+	  (e.g. if user/group database is NOT stored in /etc/passwd etc),
+	  you must NOT use this option.
+
+	  If you enable this option, it will add about 1.5k to busybox.
+
 config USE_BB_SHADOW
 	bool "Use busybox shadow password functions"
 	default y
 	depends on USE_BB_PWD_GRP && FEATURE_SHADOWPASSWDS
 	help
-	    If you leave this disabled, busybox will use the system's shadow
-	    password handling functions.  And if you are using the GNU C library
-	    (glibc), you will then need to install the /etc/nsswitch.conf
-	    configuration file and the required /lib/libnss_* libraries in
-	    order for the shadow password functions to work.  This generally
-	    makes your embedded system quite a bit larger.
+	  If you leave this disabled, busybox will use the system's shadow
+	  password handling functions.  And if you are using the GNU C library
+	  (glibc), you will then need to install the /etc/nsswitch.conf
+	  configuration file and the required /lib/libnss_* libraries in
+	  order for the shadow password functions to work.  This generally
+	  makes your embedded system quite a bit larger.
 
-	    Enabling this option will cause busybox to directly access the
-	    system's /etc/shadow file when handling shadow passwords.  This
-	    makes your system smaller and I will get fewer emails asking about
-	    how glibc NSS works).  When this option is enabled, you will not be
-	    able to use PAM to access shadow passwords from remote LDAP
-	    password servers and whatnot.
+	  Enabling this option will cause busybox to directly access the
+	  system's /etc/shadow file when handling shadow passwords.  This
+	  makes your system smaller and I will get fewer emails asking about
+	  how glibc NSS works).  When this option is enabled, you will not be
+	  able to use PAM to access shadow passwords from remote LDAP
+	  password servers and whatnot.
 
-config USE_BB_PWD_GRP
-	bool "Use internal password and group functions rather than system functions"
-	default n
+config USE_BB_CRYPT
+	bool "Use internal DES and MD5 crypt functions rather than system functions"
+	default y
 	help
-	    If you leave this disabled, busybox will use the system's password
-	    and group functions.  And if you are using the GNU C library
-	    (glibc), you will then need to install the /etc/nsswitch.conf
-	    configuration file and the required /lib/libnss_* libraries in
-	    order for the password and group functions to work.  This generally
-	    makes your embedded system quite a bit larger.
+	  If you leave this disabled, busybox will use the system's password
+	  and group functions.  Most C libraries use large (~70k)
+	  static buffers in these functions, and also combine them
+	  with more general DES encryption/decryption routines.
+	  For busybox, having large static buffers is undesirable,
+	  especially so on NOMMU machines.
 
-	    Enabling this option will cause busybox to directly access the
-	    system's /etc/password, /etc/group files (and your system will be
-	    smaller, and I will get fewer emails asking about how glibc NSS
-	    works).  When this option is enabled, you will not be able to use
-	    PAM to access remote LDAP password servers and whatnot.  And if you
-	    want hostname resolution to work with glibc, you still need the
-	    /lib/libnss_* libraries.
+	  These functions produce results which are identical
+	  to corresponding C library functions.
 
-	    If you enable this option, it will add about 1.5k to busybox.
+	  If you enable this option, it will add about 4.8k to busybox
+	  if you are building dynamically linked executable.
+	  In static build, it makes executable _smaller_ by about 1.2k.
 
 config ADDGROUP
 	bool "addgroup"
@@ -255,4 +277,3 @@
 	  work properly.
 
 endmenu
-




More information about the busybox-cvs mailing list