diff -Naurp glibc-2.14-121-g5551a7b/crypt/crypt_gensalt.c glibc-2.14-121-g5551a7b.oden/crypt/crypt_gensalt.c --- glibc-2.14-121-g5551a7b/crypt/crypt_gensalt.c 2011-07-16 11:06:53.000000000 -0400 +++ glibc-2.14-121-g5551a7b.oden/crypt/crypt_gensalt.c 2011-11-25 04:08:39.264489146 -0500 @@ -122,3 +122,78 @@ char *_crypt_gensalt_md5_rn(const char * return output; } + +char *_crypt_gensalt_sha256c_rn(unsigned long count, + const char *input, int size, char *output, int output_size) +{ + unsigned long value; + + if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL); + return NULL; + } + + output[0] = '$'; + output[1] = '5'; + output[2] = '$'; + value = (unsigned long)(unsigned char)input[0] | + ((unsigned long)(unsigned char)input[1] << 8) | + ((unsigned long)(unsigned char)input[2] << 16); + output[3] = _crypt_itoa64[value & 0x3f]; + output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[6] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[7] = '\0'; + + if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { + value = (unsigned long)(unsigned char)input[3] | + ((unsigned long)(unsigned char)input[4] << 8) | + ((unsigned long)(unsigned char)input[5] << 16); + output[7] = _crypt_itoa64[value & 0x3f]; + output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[10] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[11] = '\0'; + } + + return output; +} + + +char *_crypt_gensalt_sha512c_rn(unsigned long count, + const char *input, int size, char *output, int output_size) +{ + unsigned long value; + + if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL); + return NULL; + } + + output[0] = '$'; + output[1] = '6'; + output[2] = '$'; + value = (unsigned long)(unsigned char)input[0] | + ((unsigned long)(unsigned char)input[1] << 8) | + ((unsigned long)(unsigned char)input[2] << 16); + output[3] = _crypt_itoa64[value & 0x3f]; + output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[6] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[7] = '\0'; + + if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { + value = (unsigned long)(unsigned char)input[3] | + ((unsigned long)(unsigned char)input[4] << 8) | + ((unsigned long)(unsigned char)input[5] << 16); + output[7] = _crypt_itoa64[value & 0x3f]; + output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[10] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[11] = '\0'; + } + + return output; +} diff -Naurp glibc-2.14-121-g5551a7b/crypt/crypt_gensalt.h glibc-2.14-121-g5551a7b.oden/crypt/crypt_gensalt.h --- glibc-2.14-121-g5551a7b/crypt/crypt_gensalt.h 2011-07-16 10:58:39.000000000 -0400 +++ glibc-2.14-121-g5551a7b.oden/crypt/crypt_gensalt.h 2011-11-25 04:13:34.984489216 -0500 @@ -26,5 +26,8 @@ extern char *_crypt_gensalt_extended_rn( const char *input, int size, char *output, int output_size); extern char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count, const char *input, int size, char *output, int output_size); - +extern char *_crypt_gensalt_sha256c_rn(unsigned long count, + const char *input, int size, char *output, int output_size); +extern char *_crypt_gensalt_sha512c_rn(unsigned long count, + const char *input, int size, char *output, int output_size); #endif diff -Naurp glibc-2.14-121-g5551a7b/crypt/wrapper.c glibc-2.14-121-g5551a7b.oden/crypt/wrapper.c --- glibc-2.14-121-g5551a7b/crypt/wrapper.c 2011-11-25 04:08:23.654489356 -0500 +++ glibc-2.14-121-g5551a7b.oden/crypt/wrapper.c 2011-11-25 04:08:39.264489146 -0500 @@ -55,6 +55,11 @@ extern char *__md5_crypt_r(const char *k extern char *__des_crypt_r(const char *key, const char *salt, struct crypt_data *data); extern struct crypt_data _ufc_foobar; +/* support for sha256-crypt and sha512-crypt */ +extern char *__sha256_crypt_r (const char *key, const char *salt, + char *buffer, int buflen); +extern char *__sha512_crypt_r (const char *key, const char *salt, + char *buffer, int buflen); #endif static int _crypt_data_alloc(void **data, int *size, int need) @@ -140,6 +145,10 @@ char *__crypt_rn(__const char *key, __co return _crypt_blowfish_rn(key, setting, (char *)data, size); if (setting[0] == '$' && setting[1] == '1') return __md5_crypt_r(key, setting, (char *)data, size); + if (setting[0] == '$' && setting[1] == '5') + return __sha256_crypt_r(key, setting, (char *)data, size); + if (setting[0] == '$' && setting[1] == '6') + return __sha512_crypt_r(key, setting, (char *)data, size); if (setting[0] == '$') goto out_einval; if (setting[0] == '_') { if (size < sizeof(struct _crypt_extended_data)) goto out_erange; @@ -179,6 +188,16 @@ char *__crypt_ra(__const char *key, __co return NULL; return __md5_crypt_r(key, setting, (char *)*data, *size); } + if (setting[0] == '$' && setting[1] == '5') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return __sha256_crypt_r(key, setting, (char *)*data, *size); + } + if (setting[0] == '$' && setting[1] == '6') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return __sha512_crypt_r(key, setting, (char *)*data, *size); + } if (setting[0] == '$') goto out_einval; if (setting[0] == '_') { if (_crypt_data_alloc(data, size, @@ -270,6 +289,12 @@ char *__crypt_gensalt_rn(const char *pre if (!strncmp(prefix, "$1$", 3)) use = _crypt_gensalt_md5_rn; else + if (!strncmp(prefix, "$5$", 3)) + use = _crypt_gensalt_sha256c_rn; + else + if (!strncmp(prefix, "$6$", 3)) + use = _crypt_gensalt_sha512c_rn; + else if (prefix[0] == '_') use = _crypt_gensalt_extended_rn; else