main/busybox/loginutils-sha512.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index 39ffa08..432551c 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -59,7 +59,7 @@ char* FAST_FUNC crypt_make_pw_salt(char salt[MAX_PW_SALT_LEN], const char *algo)
 		*salt_ptr++ = '$';
 #if !ENABLE_USE_BB_CRYPT || ENABLE_USE_BB_CRYPT_SHA
 		if (algo[0] == 's') { /* sha */
-			salt[1] = '5' + (strcmp(algo, "sha512") == 0);
+			salt[1] = '6' - (strcmp(algo, "sha256") == 0);
 			len = 16/2;
 		}
 #endif
diff --git a/loginutils/chpasswd.c b/loginutils/chpasswd.c
index 54ed737..59ea602 100644
--- a/loginutils/chpasswd.c
+++ b/loginutils/chpasswd.c
@@ -13,11 +13,13 @@
 //usage:       "Read user:password from stdin and update /etc/passwd\n"
 //usage:	IF_LONG_OPTS(
 //usage:     "\n	-e,--encrypted	Supplied passwords are in encrypted form"
-//usage:     "\n	-m,--md5	Use MD5 encryption instead of DES"
+//usage:     "\n	-m,--md5	Use MD5 encryption instead of SHA512"
+//usage:     "\n	-d,--des	Use DES encryption instead of SHA512"
 //usage:	)
 //usage:	IF_NOT_LONG_OPTS(
 //usage:     "\n	-e	Supplied passwords are in encrypted form"
-//usage:     "\n	-m	Use MD5 encryption instead of DES"
+//usage:     "\n	-m	Use MD5 encryption instead of SHA512"
+//usage:     "\n	-d	Use DES encryption instead of SHA512"
 //usage:	)
 
 //TODO: implement -c ALGO
@@ -26,11 +28,13 @@
 static const char chpasswd_longopts[] ALIGN1 =
 	"encrypted\0" No_argument "e"
 	"md5\0"       No_argument "m"
+	"des\0"       No_argument "d"
 	;
 #endif
 
 #define OPT_ENC  1
 #define OPT_MD5  2
+#define OPT_DES  4
 
 int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int chpasswd_main(int argc UNUSED_PARAM, char **argv)
@@ -41,9 +45,9 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
 	if (getuid() != 0)
 		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
 
-	opt_complementary = "m--e:e--m";
+	opt_complementary = "m--e:e--m:d--e:e--d:m--d:d--m";
 	IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
-	opt = getopt32(argv, "em");
+	opt = getopt32(argv, "emd");
 
 	while ((name = xmalloc_fgetline(stdin)) != NULL) {
 		char *free_me;
@@ -61,12 +65,14 @@ int chpasswd_main(int argc UNUSED_PARAM, char **argv)
 		if (!(opt & OPT_ENC)) {
 			char salt[sizeof("$N$XXXXXXXX")];
 
-			crypt_make_salt(salt, 1);
+			salt[0] = '$';
+			salt[1] = '6';
+			salt[2] = '$';
+			crypt_make_salt(salt + 3, 4);
 			if (opt & OPT_MD5) {
-				salt[0] = '$';
 				salt[1] = '1';
-				salt[2] = '$';
-				crypt_make_salt(salt + 3, 4);
+			} else if (opt & OPT_DES) {
+				crypt_make_salt(salt, 1);
 			}
 			free_me = pass = pw_encrypt(pass, salt, 0);
 		}