summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile.am3
-rw-r--r--README3
-rw-r--r--configure.ac4
-rw-r--r--crypt-des.c17
-rw-r--r--crypt-obsolete.h6
-rw-r--r--crypt-private.h2
-rw-r--r--crypt-static.c20
-rw-r--r--crypt-symbols.h4
-rw-r--r--libcrypt.map.in2
-rw-r--r--test-bigcrypt.c27
10 files changed, 14 insertions, 74 deletions
diff --git a/Makefile.am b/Makefile.am
index 5b1d781..e4ee20c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -65,7 +65,7 @@ endif
if ENABLE_OBSOLETE_API
libcrypt_la_SOURCES += crypt-des-obsolete.c
-check_PROGRAMS += test-des-obsolete test-bigcrypt
+check_PROGRAMS += test-des-obsolete
endif
TESTS = $(check_PROGRAMS) test-symbols.sh
@@ -79,7 +79,6 @@ test_crypt_des_LDADD = libcrypt.la
test_crypt_md5_LDADD = libcrypt.la
test_crypt_sha256_LDADD = libcrypt.la
test_crypt_sha512_LDADD = libcrypt.la
-test_bigcrypt_LDADD = libcrypt.la
test_gensalt_LDADD = libcrypt.la
# These tests call internal APIs that may not be accessible from the
diff --git a/README b/README
index 52b6752..18e91ae 100644
--- a/README
+++ b/README
@@ -9,7 +9,6 @@ don't need to work with libcrypt. You can replace libcrypt with a
symlink to libxcrypt.
The advantage of libxcrypt against libcrypt is, that it supports
-bigcrypt and blowfish password encryption and exports md5_crypt and
-the other md5 functions.
+blowfish password encryption.
Thorsten Kukuk, 21. October 2002
diff --git a/configure.ac b/configure.ac
index 73b2965..cfeec77 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,7 +49,7 @@ zw_C_ALIGNOF
AC_ARG_ENABLE([obsolete-api],
AS_HELP_STRING(
[--disable-obsolete-api],
- [do not include obsolete APIs (bigcrypt, fcrypt, encrypt, setkey).
+ [do not include obsolete APIs (fcrypt, encrypt, setkey).
Breaks binary compatibility.]
),
[case "${enableval}" in
@@ -84,7 +84,7 @@ if test $enable_weak_hashes = 0; then enable_obsolete_api=0; fi
if test x$enable_shared != xyes; then enable_obsolete_api=0; fi
AC_DEFINE_UNQUOTED([ENABLE_OBSOLETE_API], [$enable_obsolete_api],
- [Define as 1 if the obsolete APIs (bigcrypt, fcrypt, encrypt, setkey)
+ [Define as 1 if the obsolete APIs (fcrypt, encrypt, setkey)
should be included, 0 otherwise.])
AM_CONDITIONAL([ENABLE_OBSOLETE_API], [test $enable_obsolete_api = 1])
diff --git a/crypt-des.c b/crypt-des.c
index 5b34dc4..d6a56ea 100644
--- a/crypt-des.c
+++ b/crypt-des.c
@@ -209,10 +209,7 @@ crypt_des_trd_rn (const char *key, const char *setting,
return buf->output;
}
-/* This is called directly by the obsolete API functions bigcrypt()
- and bigcrypt_r().
-
- This algorithm is algorithm 0 (default) shipped with the C2 secure
+/* This algorithm is algorithm 0 (default) shipped with the C2 secure
implementation of Digital UNIX.
Disclaimer: This work is not based on the source code to Digital
@@ -228,7 +225,7 @@ crypt_des_trd_rn (const char *key, const char *setting,
(that is, the password can be no more than 128 characters long).
Andy Phillips <atp@mssl.ucl.ac.uk> */
-char *
+static char *
crypt_des_big_rn (const char *key, const char *setting,
char *data, size_t size)
{
@@ -283,9 +280,9 @@ crypt_des_big_rn (const char *key, const char *setting,
return buf->output;
}
-/* crypt_rn() entry point for both the original UNIX password hash, with
- its 8-character length limit, and the "bigcrypt" extension to
- permit longer passwords. */
+/* crypt_rn() entry point for both the original UNIX password hash,
+ with its 8-character length limit, and the Digital UNIX "bigcrypt"
+ extension to permit longer passwords. */
char *
crypt_des_trd_or_big_rn (const char *key, const char *salt,
char *data, size_t size)
@@ -296,7 +293,9 @@ crypt_des_trd_or_big_rn (const char *key, const char *salt,
return crypt_des_trd_rn (key, salt, data, size);
}
-/* crypt_rn() entry point for BSD-style extended DES hashes. */
+/* crypt_rn() entry point for BSD-style extended DES hashes. These
+ permit long passwords and have more salt and a controllable iteration
+ count, but are still unacceptably weak by modern standards. */
char *
crypt_des_xbsd_rn (const char *key, const char *setting,
char *data, size_t size)
diff --git a/crypt-obsolete.h b/crypt-obsolete.h
index c76d8f2..41b97a9 100644
--- a/crypt-obsolete.h
+++ b/crypt-obsolete.h
@@ -46,12 +46,6 @@ extern void encrypt_r (char *__block, int __edflag,
struct crypt_data *restrict __data)
__THROW __nonnull ((1, 3));
-/* Hash a password using the "bigcrypt" algorithm, which is a variant
- of the traditional DES algorithm that considers more than the first
- eight characters of the password. */
-extern char *bigcrypt (const char *key, const char *salt)
- __THROW __nonnull ((1, 2));
-
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/crypt-private.h b/crypt-private.h
index bf9e9bb..784a9af 100644
--- a/crypt-private.h
+++ b/crypt-private.h
@@ -32,8 +32,6 @@ extern char *crypt_des_trd_or_big_rn (const char *key, const char *salt,
char *data, size_t size);
extern char *crypt_des_xbsd_rn (const char *key, const char *salt,
char *data, size_t size);
-extern char *crypt_des_big_rn (const char *key, const char *salt,
- char *data, size_t size);
extern char *crypt_md5_rn (const char *key, const char *salt,
char *data, size_t size);
diff --git a/crypt-static.c b/crypt-static.c
index 21f95d3..2075092 100644
--- a/crypt-static.c
+++ b/crypt-static.c
@@ -21,7 +21,7 @@
file so that a statically-linked program that doesn't use them will
not have the state object its data segment. */
-/* Static buffer used by crypt() and bigcrypt(). */
+/* Static buffer used by crypt(). */
static struct crypt_data nr_crypt_ctx;
char *
@@ -42,21 +42,3 @@ compat_symbol(crypt, crypt__glibc);
strong_alias (crypt, fcrypt);
compat_symbol (fcrypt, fcrypt);
#endif
-
-#if COMPAT_bigcrypt
-/* Obsolete interface - not to be used in new code. This function is
- the same as crypt, but it forces the use of the Digital Unix
- "bigcrypt" hash, which is nearly as weak as traditional DES.
- Because it is obsolete, we have not added a reentrant version. */
-char *
-bigcrypt (const char *key, const char *salt)
-{
- char *retval = crypt_des_big_rn
- (key, salt, (char *)&nr_crypt_ctx, sizeof nr_crypt_ctx);
- if (retval)
- return retval;
- make_failure_token (salt, (char *)&nr_crypt_ctx, sizeof nr_crypt_ctx);
- return (char *)&nr_crypt_ctx;
-}
-compat_symbol (bigcrypt, bigcrypt);
-#endif
diff --git a/crypt-symbols.h b/crypt-symbols.h
index c15ad8c..ea59fd2 100644
--- a/crypt-symbols.h
+++ b/crypt-symbols.h
@@ -101,7 +101,6 @@
#if !defined PIC || !ENABLE_OBSOLETE_API
-#define COMPAT_bigcrypt 0
#define COMPAT_crypt__glibc 0
#define COMPAT_crypt_r__glibc 0
#define COMPAT_encrypt 0
@@ -112,7 +111,6 @@
#else
-#define COMPAT_bigcrypt 1
#define COMPAT_crypt__glibc 1
#define COMPAT_crypt_r__glibc 1
#define COMPAT_encrypt 1
@@ -126,7 +124,6 @@
#define VERSION_crypt XCRYPT_2.0
#define VERSION_crypt_r XCRYPT_2.0
-#define VERSION_bigcrypt GLIBC_2.0
#define VERSION_crypt__glibc GLIBC_2.0
#define VERSION_crypt_r__glibc GLIBC_2.0
#define VERSION_encrypt GLIBC_2.0
@@ -142,7 +139,6 @@
#define comp_maskl _crypt_comp_maskl
#define comp_maskr _crypt_comp_maskr
#define crypt_bcrypt_rn _crypt_crypt_bcrypt_rn
-#define crypt_des_big_rn _crypt_crypt_des_big_rn
#define crypt_des_trd_or_big_rn _crypt_crypt_des_trd_or_big_rn
#define crypt_des_xbsd_rn _crypt_crypt_des_xbsd_rn
#define crypt_md5_rn _crypt_crypt_md5_rn
diff --git a/libcrypt.map.in b/libcrypt.map.in
index a00c6b8..24fa629 100644
--- a/libcrypt.map.in
+++ b/libcrypt.map.in
@@ -4,7 +4,7 @@
GLIBC_2.0 {
global:
crypt; crypt_r;
- bigcrypt; fcrypt;
+ fcrypt;
encrypt; encrypt_r; setkey; setkey_r;
local:
*;
diff --git a/test-bigcrypt.c b/test-bigcrypt.c
deleted file mode 100644
index c434d3e..0000000
--- a/test-bigcrypt.c
+++ /dev/null
@@ -1,27 +0,0 @@
-#include <string.h>
-#include <stdio.h>
-
-#include "crypt.h"
-#include "crypt-obsolete.h"
-
-compat_symbol_ref (bigcrypt, bigcrypt);
-
-int
-main (void)
-{
- char *newpassword = bigcrypt ("1234567890123", "GA");
-
- if (strlen (newpassword) != 24)
- {
- fprintf (stderr, "bigcrypt result was wrong length\n");
- return 1;
- }
-
- if (strcmp (newpassword, crypt ("1234567890123", newpassword)) != 0)
- {
- fprintf (stderr, "crypt cannot encrypt bigcrypt passwords\n");
- return 1;
- }
-
- return 0;
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 14:46:12 +0000