pike.git / lib / modules / Crypto.pmod / Password.pmod

version» Context lines:

pike.git/lib/modules/Crypto.pmod/Password.pmod:121:    string scheme = "crypt";    sscanf(hash, "{%s}%s", scheme, hash);    // NB: RFC2307 proscribes lower case schemes, while    // in practise they are usually in upper case.    switch(lower_case(scheme)) {    case "md5": // RFC 2307    case "smd5":    hash = MIME.decode_base64(hash);    password += hash[16..];    hash = hash[..15]; -  return Crypto.MD5.hash(password) == hash; +  return Crypto.MD5.hash(password) == [string(0..255)]hash;       case "sha": // RFC 2307    case "ssha":    // SHA1 and Salted SHA1.    hash = MIME.decode_base64(hash);    password += hash[20..];    hash = hash[..19]; -  return Crypto.SHA1.hash(password) == hash; +  return Crypto.SHA1.hash(password) == [string(0..255)]hash;       case "crypt": // RFC 2307    // First try the operating systems crypt(3C),    // since it might support more schemes than we do.    if ((hash == "") || crypt(password, hash)) return 1;    if (hash[0] != '$') {    if (hash[0] == '_') {    // FIXME: BSDI-style crypt(3C).    }    return 0;
pike.git/lib/modules/Crypto.pmod/Password.pmod:151:       // Then try our implementations.    sscanf(hash, "$%s$%s$%s", scheme, string salt, string hash);    int rounds = UNDEFINED;    if (has_prefix(salt, "rounds=")) {    sscanf(salt, "rounds=%d", rounds);    sscanf(hash, "%s$%s", salt, hash);    }    switch(scheme) {    case "1": // crypt_md5 -  return Nettle.crypt_md5(password, salt) == hash; +  return Nettle.crypt_md5(password, salt) == [string(0..255)]hash;       case "2": // Blowfish (obsolete)    case "2a": // Blowfish (possibly weak)    case "2x": // Blowfish (weak)    case "2y": // Blowfish (stronger)    break;       case "3": // MD4 NT LANMANAGER (FreeBSD)    break;      #if constant(Nettle.SHA256_Info)    // cf http://www.akkadia.org/drepper/SHA-crypt.txt    case "5": // SHA-256 -  return Crypto.SHA256.crypt_hash(password, salt, rounds) == hash; +  return Crypto.SHA256.crypt_hash(password, salt, rounds) == +  [string(0..255)]hash;   #endif   #if constant(Nettle.SHA512_Info)    case "6": // SHA-512 -  return Crypto.SHA512.crypt_hash(password, salt, rounds) == hash; +  return Crypto.SHA512.crypt_hash(password, salt, rounds) == +  [string(0..255)]hash;   #endif    }    break;    }    return 0;   }      //! Generate a hash of @[password] suitable for @[verify()].   //!   //! @param password