[git commit] libcrypt: return NULL on unsupported salt

Bernhard Reutner-Fischer rep.dot.nop at gmail.com
Mon Jan 19 16:29:21 UTC 2015


commit: http://git.uclibc.org/uClibc/commit/?id=78b154a95b507c205241dd883396952e0dfbede7
branch: http://git.uclibc.org/uClibc/commit/?id=refs/heads/master

BZ #7808 asks us not to fallback to DES if the optional SHA are disabled
but requested by the user.

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop at gmail.com>
---
 libcrypt/crypt.c |   18 +++++++++++-------
 1 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c
index f79c9fe..10061a0 100644
--- a/libcrypt/crypt.c
+++ b/libcrypt/crypt.c
@@ -14,17 +14,21 @@ char *crypt(const char *key, const char *salt)
 	const unsigned char *ukey = (const unsigned char *)key;
 	const unsigned char *usalt = (const unsigned char *)salt;
 
-	if (salt[0] == '$' && salt[2] == '$') {
-		if (*++salt == '1')
-			return __md5_crypt(ukey, usalt);
+	if (salt[0] == '$') {
+		if (salt[1] && salt[2] == '$') { /* no blowfish '2X' here ATM */
+			if (*++salt == '1')
+				return __md5_crypt(ukey, usalt);
 #ifdef __UCLIBC_HAS_SHA256_CRYPT_IMPL__
-		else if (*salt == '5')
-			return __sha256_crypt(ukey, usalt);
+			else if (*salt == '5')
+				return __sha256_crypt(ukey, usalt);
 #endif
 #ifdef __UCLIBC_HAS_SHA512_CRYPT_IMPL__
-		else if (*salt == '6')
-			return __sha512_crypt(ukey, usalt);
+			else if (*salt == '6')
+				return __sha512_crypt(ukey, usalt);
 #endif
+		}
+		/* __set_errno(EINVAL);*/ /* ENOSYS might be misleading */
+		return NULL;
 	}
 	return __des_crypt(ukey, usalt);
 }


More information about the uClibc-cvs mailing list