diff options
Diffstat (limited to 'libmisc/salt.c')
| -rw-r--r-- | libmisc/salt.c | 40 |
1 files changed, 21 insertions, 19 deletions
diff --git a/libmisc/salt.c b/libmisc/salt.c index f8ac5669..e5f633ab 100644 --- a/libmisc/salt.c +++ b/libmisc/salt.c @@ -99,15 +99,15 @@ static /*@observer@*/const char *gensalt (size_t salt_size); static long shadow_random (long min, long max); #endif /* USE_SHA_CRYPT || USE_BCRYPT */ #ifdef USE_SHA_CRYPT -static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *prefered_rounds); +static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds); static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long rounds); #endif /* USE_SHA_CRYPT */ #ifdef USE_BCRYPT -static /*@observer@*/const unsigned long BCRYPT_get_salt_rounds (/*@null@*/int *prefered_rounds); +static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds); static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long rounds); #endif /* USE_BCRYPT */ #ifdef USE_YESCRYPT -static /*@observer@*/const unsigned long YESCRYPT_get_salt_cost (/*@null@*/int *prefered_cost); +static /*@observer@*/unsigned long YESCRYPT_get_salt_cost (/*@null@*/const int *prefered_cost); static /*@observer@*/void YESCRYPT_salt_cost_to_buf (char *buf, unsigned long cost); #endif /* USE_YESCRYPT */ @@ -156,25 +156,27 @@ static long read_random_bytes (void) /* arc4random_buf, if it exists, can never fail. */ arc4random_buf (&randval, sizeof (randval)); goto end; +#endif -#elif defined(HAVE_GETENTROPY) +#ifdef HAVE_GETENTROPY /* getentropy may exist but lack kernel support. */ - if (getentropy (&randval, sizeof (randval))) { - goto fail; + if (getentropy (&randval, sizeof (randval)) == 0) { + goto end; } +#endif - goto end; - -#elif defined(HAVE_GETRANDOM) +#ifdef HAVE_GETRANDOM /* Likewise getrandom. */ - if ((size_t) getrandom (&randval, sizeof (randval), 0) != sizeof (randval)) { - goto fail; + if ((size_t) getrandom (&randval, sizeof (randval), 0) == sizeof (randval)) { + goto end; } +#endif - goto end; - -#else + /* Use /dev/urandom as a last resort. */ FILE *f = fopen ("/dev/urandom", "r"); + if (NULL == f) { + goto fail; + } if (fread (&randval, sizeof (randval), 1, f) != 1) { fclose(f); @@ -183,7 +185,6 @@ static long read_random_bytes (void) fclose(f); goto end; -#endif fail: fprintf (log_get_logfd(), @@ -220,7 +221,7 @@ static long shadow_random (long min, long max) #ifdef USE_SHA_CRYPT /* Return the the rounds number for the SHA crypt methods. */ -static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *prefered_rounds) +static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds) { unsigned long rounds; @@ -294,7 +295,7 @@ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long round #ifdef USE_BCRYPT /* Return the the rounds number for the BCRYPT method. */ -static /*@observer@*/const unsigned long BCRYPT_get_salt_rounds (/*@null@*/int *prefered_rounds) +static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds) { unsigned long rounds; @@ -338,9 +339,10 @@ static /*@observer@*/const unsigned long BCRYPT_get_salt_rounds (/*@null@*/int * /* * Use 19 as an upper bound for now, * because musl doesn't allow rounds >= 20. + * If musl ever supports > 20 rounds, + * rounds should be set to B_ROUNDS_MAX. */ if (rounds > 19) { - /* rounds = B_ROUNDS_MAX; */ rounds = 19; } #endif /* USE_XCRYPT_GENSALT */ @@ -372,7 +374,7 @@ static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long ro #ifdef USE_YESCRYPT /* Return the the cost number for the YESCRYPT method. */ -static /*@observer@*/const unsigned long YESCRYPT_get_salt_cost (/*@null@*/int *prefered_cost) +static /*@observer@*/unsigned long YESCRYPT_get_salt_cost (/*@null@*/const int *prefered_cost) { unsigned long cost; |