diff options
| author | Roland Reichwein <mail@reichwein.it> | 2020-04-27 07:58:15 +0200 |
|---|---|---|
| committer | Roland Reichwein <mail@reichwein.it> | 2020-04-27 07:58:15 +0200 |
| commit | 0d8329bd3aea1874f6fd41c066ec45fd73607504 (patch) | |
| tree | a839451db8faf8aae678421881053db4171447ed /auth.cpp | |
| parent | 5b7e374d60985852a3b7388c0b622865cfb2dfc4 (diff) | |
Fix crypt
Diffstat (limited to 'auth.cpp')
| -rw-r--r-- | auth.cpp | 31 |
1 files changed, 20 insertions, 11 deletions
@@ -3,8 +3,10 @@ #include <crypt.h> #include <string.h> -#include <stdexcept> +#include <algorithm> #include <iostream> +#include <random> +#include <stdexcept> // crypt specified password std::string Auth::generate(const std::string& pw) @@ -12,14 +14,22 @@ std::string Auth::generate(const std::string& pw) struct crypt_data data; memset((void *)&data, '\0', sizeof(data)); - char setting[1000]; - - if (crypt_gensalt_rn("$6$", 2000, nullptr, 0, setting, sizeof(setting)) == nullptr) - throw std::runtime_error("Error on crypt_gensalt_r()"); + std::random_device rd; + std::mt19937 rng{rd()}; + std::uniform_int_distribution<int> uid(0, 63); + + std::string chars{std::string(std::string::size_type(64), char('a'))}; + std::iota(chars.begin() , chars.begin() + 26, 'a'); + std::iota(chars.begin() + 26, chars.begin() + 52, 'A'); + std::iota(chars.begin() + 52, chars.begin() + 62, '0'); + chars[62] = '.'; + chars[63] = '/'; + + std::string salt{{chars[uid(rng)], chars[uid(rng)]}}; char* result; - if ((result = crypt_r(pw.data(), setting, &data)) == nullptr) + if ((result = crypt_r(pw.data(), salt.data(), &data)) == nullptr) throw std::runtime_error("Error on crypt_r()"); return result; @@ -31,16 +41,15 @@ bool Auth::validate(const std::string& crypted, const std::string& pw) struct crypt_data data; memset((void *)&data, '\0', sizeof(data)); - size_t pos = crypted.find_last_of('$'); - if (pos == crypted.npos) { - std::cerr << "Warning: Bad password hash configured (format)" << std::endl; + if (crypted.size() < 2) { + std::cerr << "Warning: Bad password hash configured (size)" << std::endl; return false; } - std::string setting{crypted.substr(0, pos)}; + std::string salt{crypted.substr(0, 2)}; char* output; - if ((output = crypt_r(pw.data(), setting.data(), &data)) == nullptr) { + if ((output = crypt_r(pw.data(), salt.data(), &data)) == nullptr) { std::cerr << "Warning: Error on crypt_r()" << std::endl; return false; } |