Merge remote-tracking branch 'ripsum/richardipsum/no-saltgen-override-v3'

3 files changed, 51 insertions, 8 deletions

diff --git a/Makefile b/Makefile
index 8e756c1..e32ab37 100644
--- a/Makefile
+++ b/Makefile
@@ -100,11 +100,10 @@ LIBCRYPT_C := lib/crypto/crypto_aesctr.c \
 			   lib/crypto/crypto_scrypt-ref.c \
 			   lib/crypto/sha256.c
 
-CFLAGS ?= -O2 -Wall
 INSTALL := /usr/bin/install
 SCRYPT_LIBS := -lscrypt
 
-CFLAGS := $(CFLAGS) -fPIC
+override CFLAGS := $(CFLAGS) -O2 -Wall -fPIC
 
 all: lua-5.1-try lua-5.2-try
 
diff --git a/README b/README
index 9bed714..281956d 100644
--- a/README
+++ b/README
@@ -6,11 +6,26 @@ verification library.  lua-scrypt uses the [libscrypt][] library and
 provides a simple interface for hashing and verifying passwords.
 
     local scrypt = require "scrypt"
-    
+
     local hash = scrypt.hash_password("Hello world")
 
     assert(scrypt.verify_password(hash, "Hello world"))
 
+Installation
+============
+
+To compile lua-scrypt, on platforms with libscrypt 1.21 or later run,
+
+    $ make CFLAGS+=-DTRUST_LIBSCRYPT_SALT_GEN
+
+for platforms with older versions (earlier than 1.21) of libscrypt run,
+
+    $ make
+
+To install lua-scrypt, run,
+
+    $ make install
+
 Thanks
 ======
 
diff --git a/luascrypt.c b/luascrypt.c
index 181f1e8..11ae799 100644
--- a/luascrypt.c
+++ b/luascrypt.c
@@ -26,7 +26,9 @@ static void
 luascrypt_salt_gen(char *salt, int saltlen)
 {
 	int fd;
-	/* We'd go with libscrypt's implementation, but since libscrypt's salt
+	/* Following comment applies to libscrypt prior to 1.21:
+	 *
+	 * We'd go with libscrypt's implementation, but since libscrypt's salt
 	 * generation is time based, we cannot fully trust it to generate
 	 * unique salts so to improve our chances we assume we have urandom
 	 * and fall back to libscrypt's implementation if we don't.  Since the
@@ -34,11 +36,31 @@ luascrypt_salt_gen(char *salt, int saltlen)
 	 * if we can...
 	 */
 	libscrypt_salt_gen(salt, saltlen);
-	
+
 	fd = open("/dev/urandom", O_RDONLY);
 	if (fd >= 0) {
-		read(fd, salt, saltlen); /* Ignore errors in these two calls */
-		close(fd);               /* Since we have our fallback.      */
+		size_t total = 0;
+		ssize_t n;
+
+		while (total < saltlen) {
+			n = read(fd, salt + total, saltlen - total);
+			if (n == 0) {
+				break;
+			}
+
+			if (n == -1) {
+				if (errno == EINTR) {
+					continue; 	/* just try again */
+				}
+
+				/* Ignore all other errors, since we have our fallback. */
+				break;
+			}
+
+			total += n;
+		}
+
+		close(fd);
 	}
 }
 
@@ -70,8 +92,15 @@ luascrypt_hash_password(lua_State *L)
 		return luaL_error(L, "Unable to generate password hash: %s",
 				  "N is too large (limited to 2^15)");
 	}
-	
+
+#ifdef TRUST_LIBSCRYPT_SALT_GEN
+	/* Modern versions of libscrypt generate sufficiently random salts
+	 * and take a uint8_t * instead of char *
+	 */
+	libscrypt_salt_gen((uint8_t *) salt, sizeof(salt));
+#else
 	luascrypt_salt_gen(salt, sizeof(salt));
+#endif
 	
 	if (libscrypt_scrypt((uint8_t*)passwd, passwd_len,
 			     (uint8_t*)salt, sizeof(salt),