From 757e8834da0d881c3e0c0c69d14c3bacd655627f Mon Sep 17 00:00:00 2001 From: tedu Date: Sat, 8 Jul 2017 22:19:23 +0000 Subject: [PATCH] use crypt_newhash to protect the password. from Scott Cheloha --- usr.bin/lock/lock.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/usr.bin/lock/lock.c b/usr.bin/lock/lock.c index 1b807dd24b2..3c54159d234 100644 --- a/usr.bin/lock/lock.c +++ b/usr.bin/lock/lock.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lock.c,v 1.37 2017/07/08 22:14:48 tedu Exp $ */ +/* $OpenBSD: lock.c,v 1.38 2017/07/08 22:19:23 tedu Exp $ */ /* $NetBSD: lock.c,v 1.8 1996/05/07 18:32:31 jtc Exp $ */ /* @@ -73,6 +73,7 @@ int main(int argc, char *argv[]) { char hostname[HOST_NAME_MAX+1], s[BUFSIZ], s1[BUFSIZ], date[256]; + char hash[_PASSWORD_LEN]; char *p, *style, *nstyle, *ttynam; struct itimerval ntimer, otimer; struct timeval timeout; @@ -160,7 +161,9 @@ main(int argc, char *argv[]) warnx("\apasswords didn't match."); exit(1); } + crypt_newhash(s, "bcrypt", hash, sizeof(hash)); explicit_bzero(s, sizeof(s)); + explicit_bzero(s1, sizeof(s1)); } /* set signal handlers */ @@ -209,7 +212,7 @@ main(int argc, char *argv[]) explicit_bzero(s, sizeof(s)); break; } - } else if (strcmp(s, s1) == 0) { + } else if (crypt_checkpass(s, hash) == 0) { explicit_bzero(s, sizeof(s)); explicit_bzero(s1, sizeof(s1)); break; -- 2.20.1