diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2022-02-23 11:17:10 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2022-02-23 22:21:35 +1100 |
| commit | 6e0258c64c901753df695e06498b26f9f4812ea6 (patch) | |
| tree | 90b1187ac6de43da70170b4fc97a99fd457493c2 /auth.c | |
| parent | bf114d6f0a9df0b8369823d9a0daa6c72b0c4cc9 (diff) | |
| download | openssh-git-6e0258c64c901753df695e06498b26f9f4812ea6.tar.gz | |
upstream: randomise the password used in fakepw
OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
Diffstat (limited to 'auth.c')
| -rw-r--r-- | auth.c | 16 |
1 files changed, 13 insertions, 3 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */ +/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -709,12 +709,21 @@ auth_debug_reset(void) struct passwd * fakepw(void) { + static int done = 0; static struct passwd fake; + const char hashchars[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789"; /* from bcrypt.c */ + char *cp; + + if (done) + return (&fake); memset(&fake, 0, sizeof(fake)); fake.pw_name = "NOUSER"; - fake.pw_passwd = - "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; + fake.pw_passwd = xstrdup("$2a$10$" + "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); + for (cp = fake.pw_passwd + 7; *cp != '\0'; cp++) + *cp = hashchars[arc4random_uniform(sizeof(hashchars) - 1)]; #ifdef HAVE_STRUCT_PASSWD_PW_GECOS fake.pw_gecos = "NOUSER"; #endif @@ -725,6 +734,7 @@ fakepw(void) #endif fake.pw_dir = "/nonexist"; fake.pw_shell = "/nonexist"; + done = 1; return (&fake); } |