summaryrefslogtreecommitdiffstats
path: root/auth.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2022-02-23 12:17:10 +0100
committerDamien Miller <djm@mindrot.org>2022-02-23 12:21:35 +0100
commit6e0258c64c901753df695e06498b26f9f4812ea6 (patch)
tree90b1187ac6de43da70170b4fc97a99fd457493c2 /auth.c
parentupstream: use asprintf to construct .rhosts paths (diff)
downloadopenssh-6e0258c64c901753df695e06498b26f9f4812ea6.tar.xz
openssh-6e0258c64c901753df695e06498b26f9f4812ea6.zip
upstream: randomise the password used in fakepw
OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
Diffstat (limited to '')
-rw-r--r--auth.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/auth.c b/auth.c
index 00b168b4e..560e8ecac 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */
+/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -709,12 +709,21 @@ auth_debug_reset(void)
struct passwd *
fakepw(void)
{
+ static int done = 0;
static struct passwd fake;
+ const char hashchars[] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz0123456789"; /* from bcrypt.c */
+ char *cp;
+
+ if (done)
+ return (&fake);
memset(&fake, 0, sizeof(fake));
fake.pw_name = "NOUSER";
- fake.pw_passwd =
- "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
+ fake.pw_passwd = xstrdup("$2a$10$"
+ "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
+ for (cp = fake.pw_passwd + 7; *cp != '\0'; cp++)
+ *cp = hashchars[arc4random_uniform(sizeof(hashchars) - 1)];
#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
fake.pw_gecos = "NOUSER";
#endif
@@ -725,6 +734,7 @@ fakepw(void)
#endif
fake.pw_dir = "/nonexist";
fake.pw_shell = "/nonexist";
+ done = 1;
return (&fake);
}