* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
- * $Id$
*/
-/*
+/**
+ * @file
+ * @brief Core password encryption routines.
+ * @version $Id$
+ *
* This is a new look crypto API for ircu, it can handle different
- * password formats by the grace of the standard magic tokens at the
- * begining of the password e.g. $1 for MD5, $2 for Blowfish, etc.
+ * password formats by the grace of magic tokens at the beginning of the
+ * password e.g. $SMD5 for Salted MD5, $CRYPT for native crypt(), etc.
*
* Currently crypt routines are implemented for: the native crypt()
* function, Salted MD5 and a plain text mechanism which should only
- * be used for testing. I intend to add Blowish, 3DES and possibly
+ * be used for testing. I intend to add Blowfish, 3DES and possibly
* SHA1 support as well at some point, but I'll need to check the
* possible problems that'll cause with stupid crypto laws.
*
#include "ircd_crypt.h"
#include "ircd_alloc.h"
#include "ircd_features.h"
+#include "ircd_log.h"
#include "ircd_string.h"
#include "s_debug.h"
#include "ircd_crypt_plain.h"
#include "ircd_crypt_smd5.h"
-#include <assert.h>
+/* #include <assert.h> -- Now using assert in ircd_log.h */
#include <unistd.h>
#include <string.h>
/* evil global */
crypt_mechs_t* crypt_mechs_root;
-/*
- * add a crypt mechanism to the list
+/** Add a crypt mechanism to the list
+ * @param mechanism Pointer to the mechanism details struct
+ * @return 0 on success, anything else on fail.
+ *
+ * This routine registers a new crypt mechanism in the loaded mechanisms list,
+ * making it availabe for comparing passwords.
*/
int ircd_crypt_register_mech(crypt_mech_t* mechanism)
{
crypt_mechs_t* crypt_mech;
- Debug((DEBUG_INFO, "ircd_crypt_register_mech: resistering mechanism: %s", mechanism->shortname));
+ Debug((DEBUG_INFO, "ircd_crypt_register_mech: registering mechanism: %s", mechanism->shortname));
/* try to allocate some memory for the new mechanism */
if ((crypt_mech = (crypt_mechs_t*)MyMalloc(sizeof(crypt_mechs_t))) == NULL)
}
/* we're done */
- Debug((DEBUG_INFO, "ircd_crypt_register_mech: resistered mechanism: %s, crypt_function is at 0x%X.", crypt_mech->mech->shortname, &crypt_mech->mech->crypt_function));
+ Debug((DEBUG_INFO, "ircd_crypt_register_mech: registered mechanism: %s, crypt_function is at 0x%X.", crypt_mech->mech->shortname, &crypt_mech->mech->crypt_function));
Debug((DEBUG_INFO, "ircd_crypt_register_mech: %s: %s", crypt_mech->mech->shortname, crypt_mech->mech->description));
return 0;
}
-/*
- * remove a crypt mechanism from the list
+/** Remove a crypt mechanism from the list
+ * @param mechanism Pointer to the mechanism we want to remove
+ * @return 0 on success, anything else on fail.
*/
int ircd_crypt_unregister_mech(crypt_mech_t* mechanism)
{
return 0;
}
-/*
- * this is now a wrapper function which attempts to establish the password
- * format and funnel it off to the correct handler function.
+/** Wrapper for generating a hashed password passed on the supplied password
+ * @param key Pointer to the password we want crypted
+ * @param salt Pointer to the password we're comparing to (for the salt)
+ * @return Pointer to the generated password (must be MyFree()'d).
+ *
+ * This is a wrapper function which attempts to establish the password
+ * format and funnel it off to the correct mechanism handler function. The
+ * returned password is compared in the oper_password_match() routine.
*/
-const char* ircd_crypt(const char* key, const char* salt)
+char* ircd_crypt(const char* key, const char* salt)
{
char *hashed_pass = NULL;
const char *temp_hashed_pass, *mysalt;
ircd_strncpy(hashed_pass + crypt_mech->mech->crypt_token_size, temp_hashed_pass, strlen(temp_hashed_pass));
Debug((DEBUG_DEBUG, "ircd_crypt: tagged pass is %s", hashed_pass));
} else {
- Debug((DEBUG_DEBUG, "ircd_crypt: will try next mechansim at 0x%X",
+ Debug((DEBUG_DEBUG, "ircd_crypt: will try next mechanism at 0x%X",
crypt_mech->next));
crypt_mech = crypt_mech->next;
continue;
/* try to use native crypt for an old-style (untagged) password */
if (strlen(salt) > 2)
{
+ char *s;
temp_hashed_pass = (char*)ircd_crypt_native(key, salt);
if (!ircd_strcmp(temp_hashed_pass, salt))
- return strdup(temp_hashed_pass);
+ {
+ DupString(s, temp_hashed_pass);
+ return s;
+ }
}
return NULL;
}
-/*
- * some basic init, when we're modular this will be our entry
- * function.
+/** Some basic init.
+ * This function loads initalises the crypt mechanisms linked list and
+ * currently loads the default mechanisms (Salted MD5, Crypt() and PLAIN).
+ * The last step is only needed while ircu is not properly modular.
+ *
+ * When ircu is modular this will be the entry function for the ircd_crypt
+ * module.
+ *
*/
void ircd_crypt_init(void)
{
crypt_mechs_root->mech = NULL;
crypt_mechs_root->next = crypt_mechs_root->prev = NULL;
-/* temporary kludge until we're modular. manualy call the
- register funtions for crypt mechanisms */
+/* temporary kludge until we're modular. manually call the
+ register functions for crypt mechanisms */
ircd_register_crypt_smd5();
ircd_register_crypt_plain();
ircd_register_crypt_native();