Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/lib/libcrypt/crypt-sha1.c,v rcsdiff: /ftp/cvs/cvsroot/src/lib/libcrypt/crypt-sha1.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.3 retrieving revision 1.4 diff -u -p -r1.3 -r1.4 --- src/lib/libcrypt/crypt-sha1.c 2006/10/27 18:22:56 1.3 +++ src/lib/libcrypt/crypt-sha1.c 2011/05/09 19:15:28 1.4 @@ -1,4 +1,4 @@ -/* $NetBSD: crypt-sha1.c,v 1.3 2006/10/27 18:22:56 drochner Exp $ */ +/* $NetBSD: crypt-sha1.c,v 1.4 2011/05/09 19:15:28 drochner Exp $ */ /* * Copyright (c) 2004, Juniper Networks, Inc. @@ -31,7 +31,7 @@ #include #if !defined(lint) -__RCSID("$NetBSD: crypt-sha1.c,v 1.3 2006/10/27 18:22:56 drochner Exp $"); +__RCSID("$NetBSD: crypt-sha1.c,v 1.4 2011/05/09 19:15:28 drochner Exp $"); #endif /* not lint */ #include @@ -122,7 +122,7 @@ __crypt_sha1 (const char *pw, const char static unsigned char hmac_buf[SHA1_SIZE]; static char passwd[(2 * sizeof(SHA1_MAGIC)) + CRYPT_SHA1_SALT_LENGTH + SHA1_SIZE]; - char *sp; + const char *sp; char *ep; unsigned long ul; int sl; @@ -136,26 +136,25 @@ __crypt_sha1 (const char *pw, const char * $$$salt[$] * If it does not start with $ we use our default iterations. */ - sp = __UNCONST(salt); /* If it starts with the magic string, then skip that */ - if (!strncmp(sp, magic, strlen(magic))) { - sp += strlen(magic); + if (!strncmp(salt, magic, strlen(magic))) { + salt += strlen(magic); /* and get the iteration count */ - iterations = strtoul(sp, &ep, 10); + iterations = strtoul(salt, &ep, 10); if (*ep != '$') return NULL; /* invalid input */ - sp = ep + 1; /* skip over the '$' */ + salt = ep + 1; /* skip over the '$' */ } else { iterations = __crypt_sha1_iterations(0); } /* It stops at the next '$', max CRYPT_SHA1_ITERATIONS chars */ - for (ep = sp; *ep && *ep != '$' && ep < (sp + CRYPT_SHA1_ITERATIONS); ep++) + for (sp = salt; *sp && *sp != '$' && sp < (salt + CRYPT_SHA1_ITERATIONS); sp++) continue; /* Get the length of the actual salt */ - sl = ep - sp; + sl = sp - salt; pl = strlen(pw); /* @@ -163,18 +162,17 @@ __crypt_sha1 (const char *pw, const char * Prime the pump with */ dl = snprintf(passwd, sizeof (passwd), "%.*s%s%u", - sl, sp, magic, iterations); + sl, salt, magic, iterations); /* * Then hmac using as key, and repeat... */ - ep = __UNCONST(pw); /* keep gcc happy */ - __hmac_sha1(passwd, dl, ep, pl, hmac_buf); + __hmac_sha1(passwd, dl, pw, pl, hmac_buf); for (i = 1; i < iterations; i++) { - __hmac_sha1(hmac_buf, SHA1_SIZE, ep, pl, hmac_buf); + __hmac_sha1(hmac_buf, SHA1_SIZE, pw, pl, hmac_buf); } /* Now output... */ pl = snprintf(passwd, sizeof(passwd), "%s%u$%.*s$", - magic, iterations, sl, sp); + magic, iterations, sl, salt); ep = passwd + pl; /* Every 3 bytes of hash gives 24 bits which is 4 base64 chars */