tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: randomise the password used in fakepw 

OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
This commit is contained in:
djm@openbsd.org 2022-02-23 11:17:10 +00:00 committed by Damien Miller
parent bf114d6f0a
commit 6e0258c64c
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
auth.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */ /* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* *
@ -709,12 +709,21 @@ auth_debug_reset(void)
struct passwd * struct passwd *
fakepw(void) fakepw(void)
{ {
static int done = 0;
static struct passwd fake; static struct passwd fake;
const char hashchars[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz0123456789"; /* from bcrypt.c */
char *cp;
if (done)
return (&fake);
memset(&fake, 0, sizeof(fake)); memset(&fake, 0, sizeof(fake));
fake.pw_name = "NOUSER"; fake.pw_name = "NOUSER";
fake.pw_passwd = fake.pw_passwd = xstrdup("$2a$10$"
"$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
for (cp = fake.pw_passwd + 7; *cp != '\0'; cp++)
*cp = hashchars[arc4random_uniform(sizeof(hashchars) - 1)];
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS #ifdef HAVE_STRUCT_PASSWD_PW_GECOS
fake.pw_gecos = "NOUSER"; fake.pw_gecos = "NOUSER";
#endif #endif
@ -725,6 +734,7 @@ fakepw(void)
#endif #endif
fake.pw_dir = "/nonexist"; fake.pw_dir = "/nonexist";
fake.pw_shell = "/nonexist"; fake.pw_shell = "/nonexist";
done = 1;
return (&fake); return (&fake);
} }