mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-19 21:58:04 +00:00
ceb625439a
Instead of silently downgrading any non-MD5 crypt() request to DES, cleanly fail with return NULL and errno = ENOSYS. This allows callers to notice the missing support instead of the unwanted silent fallback to DES. Also add a menuconfig toolchain option to optionally disable the crypt size hack completely. This can be probably made dependant on SMALL_FLASH or a similar feature indicator in a future commit. Ref: https://github.com/openwrt/openwrt/pull/1331 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
76 lines
1.4 KiB
Diff
76 lines
1.4 KiB
Diff
--- a/src/crypt/crypt_sha512.c
|
|
+++ b/src/crypt/crypt_sha512.c
|
|
@@ -13,6 +13,17 @@
|
|
#include <string.h>
|
|
#include <stdint.h>
|
|
|
|
+#ifdef CRYPT_SIZE_HACK
|
|
+#include <errno.h>
|
|
+
|
|
+char *__crypt_sha512(const char *key, const char *setting, char *output)
|
|
+{
|
|
+ errno = ENOSYS;
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
+#else
|
|
+
|
|
/* public domain sha512 implementation based on fips180-3 */
|
|
/* >=2^64 bits messages are not supported (about 2000 peta bytes) */
|
|
|
|
@@ -369,3 +380,4 @@ char *__crypt_sha512(const char *key, co
|
|
return "*";
|
|
return p;
|
|
}
|
|
+#endif
|
|
--- a/src/crypt/crypt_blowfish.c
|
|
+++ b/src/crypt/crypt_blowfish.c
|
|
@@ -50,6 +50,17 @@
|
|
#include <string.h>
|
|
#include <stdint.h>
|
|
|
|
+#ifdef CRYPT_SIZE_HACK
|
|
+#include <errno.h>
|
|
+
|
|
+char *__crypt_blowfish(const char *key, const char *setting, char *output)
|
|
+{
|
|
+ errno = ENOSYS;
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
+#else
|
|
+
|
|
typedef uint32_t BF_word;
|
|
typedef int32_t BF_word_signed;
|
|
|
|
@@ -796,3 +807,4 @@ char *__crypt_blowfish(const char *key,
|
|
|
|
return "*";
|
|
}
|
|
+#endif
|
|
--- a/src/crypt/crypt_sha256.c
|
|
+++ b/src/crypt/crypt_sha256.c
|
|
@@ -13,6 +13,17 @@
|
|
#include <string.h>
|
|
#include <stdint.h>
|
|
|
|
+#ifdef CRYPT_SIZE_HACK
|
|
+#include <errno.h>
|
|
+
|
|
+char *__crypt_sha256(const char *key, const char *setting, char *output)
|
|
+{
|
|
+ errno = ENOSYS;
|
|
+ return NULL;
|
|
+}
|
|
+
|
|
+#else
|
|
+
|
|
/* public domain sha256 implementation based on fips180-3 */
|
|
|
|
struct sha256 {
|
|
@@ -320,3 +331,4 @@ char *__crypt_sha256(const char *key, co
|
|
return "*";
|
|
return p;
|
|
}
|
|
+#endif
|