pike.git / src / post_modules / Nettle / hash.cmod

version» Context lines:

pike.git/src/post_modules/Nettle/hash.cmod:250:    *! @url{http://www.akkadia.org/drepper/SHA-crypt.txt@}.    *!    *! This is the algorithm used by @tt{crypt(2)@} in    *! methods @tt{$5$@} (SHA256) and @tt{$6$@} (SHA512).    *!    *! The @[password] memory will be cleared before released.    *!    *! @seealso    *! @[crypt_md5()]    */ -  PIKEFUN string(0..127) crypt_hash(string(0..255) password, -  string(0..255) salt, int rounds) +  PIKEFUN string(0..127) crypt_hash(string password, +  string salt, int rounds) +  /* NB: We use a weaker type above to allow us to delay +  * throwing errors on wide strings until we've had +  * time to censor the password string. +  */ +  rawtype tFunc(tStr8 tStr8 tInt, tStr7);    {    struct pike_string *res;    const struct nettle_hash *meta = THIS->meta;    void *ctx;    uint8_t *abcbuf;    uint8_t *dpbuf;    uint8_t *dsbuf;       unsigned char *p;    unsigned char *s;
pike.git/src/post_modules/Nettle/hash.cmod:278:       int a, b, c;       if (!meta)    Pike_error("HashInfo not properly initialized.\n");       if (!rounds) rounds = 5000;    if (rounds < 1000) rounds = 1000;    if (rounds > 999999999) rounds = 999999999;    +  /* Censor the password. */ +  push_string(password); +  args++; +  add_ref(Pike_sp[-args].u.string = MK_STRING("censored")); +     NO_WIDE_STRING(password);    NO_WIDE_STRING(salt);       password->flags |= STRING_CLEAR_ON_EXIT;       ctx = alloca(meta->context_size);    if (!ctx)    SIMPLE_OUT_OF_MEMORY_ERROR("crypt_hash", meta->context_size);       abcbuf = alloca(meta->digest_size * 3);