remove built-in support for md5crypt()

Users of MD5-hashed password should arrange for ./configure to link
against libxcrypt or similar. Though it would be better to avoid use
of MD5 password hashing entirely, it's arguably worse than DEScrypt.

feedback and ok dtucker@

diff --git a/INSTALL b/INSTALL
index dddd912c5da2a3612bccb2f4ff89ad6a841aba6f..b6e53ab6c0888ae4de29b3766d150f90a2a3648f 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -197,11 +197,6 @@ it if lastlog is installed in a different place.
 --with-osfsia, --without-osfsia will enable or disable OSF1's Security
 Integration Architecture.  The default for OSF1 machines is enable.
 
---with-md5-passwords will enable the use of MD5 passwords. Enable this
-if your operating system uses MD5 passwords and the system crypt() does
-not support them directly (see the crypt(3/3c) man page). If enabled, the
-resulting binary will support both MD5 and traditional crypt passwords.
-
 --with-utmpx enables utmpx support. utmpx support is automatic for
 some platforms.
 

diff --git a/LICENCE b/LICENCE
index 5999c5e9d50d74aaad3f5da36863e6d585de48a8..173561904174f88400864959aae2a35df13ff710 100644 (file)
--- a/LICENCE
+++ b/LICENCE
@@ -210,22 +210,14 @@ OpenSSH contains no GPL code.
 
 8) Portable OpenSSH contains the following additional licenses:
 
-    a) md5crypt.c, md5crypt.h
-
-        * "THE BEER-WARE LICENSE" (Revision 42):
-        * <phk@login.dknet.dk> wrote this file.  As long as you retain this
-        * notice you can do whatever you want with this stuff. If we meet
-        * some day, and you think this stuff is worth it, you can buy me a
-        * beer in return.   Poul-Henning Kamp
-
-    b) snprintf replacement
+    a) snprintf replacement
 
        * Copyright Patrick Powell 1995
        * This code is based on code written by Patrick Powell
        * (papowell@astart.com) It may be used for any purpose as long as this
        * notice remains intact on all source code distributions
 
-    c) Compatibility code (openbsd-compat)
+    b) Compatibility code (openbsd-compat)
 
        Apart from the previously mentioned licenses, various pieces of code
        in the openbsd-compat/ subdirectory are licensed as follows:

diff --git a/Makefile.in b/Makefile.in
index 84bd0dc072bae568e8cf72fa1ee1629eac3e2223..6d82c1b14c2fd8eb28a3281f2ed61edf00a186e2 100644 (file)
--- a/Makefile.in
+++ b/Makefile.in
@@ -127,7 +127,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
        auth2-none.o auth2-passwd.o auth2-pubkey.o \
        monitor.o monitor_wrap.o auth-krb5.o \
        auth2-gss.o gss-serv.o gss-serv-krb5.o \
-       loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
+       loginrec.o auth-pam.o auth-shadow.o auth-sia.o \
        srclimit.o sftp-server.o sftp-common.o \
        sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
        sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \

diff --git a/configure.ac b/configure.ac
index 3722b1514a46f853591be416d518ed0dabf9053b..f103b3bfbed9ffefffd183963a8d382e8468ccd3 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -1859,7 +1859,6 @@ AC_CHECK_FUNCS([ \
        localtime_r \
        login_getcapbool \
        login_getpwclass \
-       md5_crypt \
        memmem \
        memmove \
        memset_s \
@@ -4943,19 +4942,6 @@ else
 fi
 AC_SUBST([mansubdir])
 
-# Check whether to enable MD5 passwords
-MD5_MSG="no"
-AC_ARG_WITH([md5-passwords],
-       [  --with-md5-passwords    Enable use of MD5 passwords],
-       [
-               if test "x$withval" != "xno" ; then
-                       AC_DEFINE([HAVE_MD5_PASSWORDS], [1],
-                               [Define if you want to allow MD5 passwords])
-                       MD5_MSG="yes"
-               fi
-       ]
-)
-
 # Whether to disable shadow password support
 AC_ARG_WITH([shadow],
        [  --without-shadow        Disable shadow password support],
@@ -5550,7 +5536,6 @@ echo "                       PAM support: $PAM_MSG"
 echo "                   OSF SIA support: $SIA_MSG"
 echo "                 KerberosV support: $KRB5_MSG"
 echo "                   SELinux support: $SELINUX_MSG"
-echo "              MD5 password support: $MD5_MSG"
 echo "                   libedit support: $LIBEDIT_MSG"
 echo "                   libldns support: $LDNS_MSG"
 echo "  Solaris process contract support: $SPC_MSG"

diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 2905db0e8c392cb21fbc19d4a7b7052ac47933b5..f86b035debbf2b75161f99054ca2f2946bc2d546 100644 (file)
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -66,7 +66,7 @@
 # rpm -ba|--rebuild --define "smartcard 1"
 %{?smartcard:%global scard 1}
 
-# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
+# Is this a build for the rescue CD (without PAM)? (1=yes 0=no)
 %global rescue 0
 %{?build_rescue:%global rescue 1}
 
@@ -211,7 +211,6 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
        --with-default-path=/usr/local/bin:/bin:/usr/bin \
        --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
        --with-privsep-path=%{_var}/empty/sshd \
-       --with-md5-passwords \
        --mandir=%{_mandir} \
        --with-mantype=man \
        --disable-strip \
@@ -424,7 +423,10 @@ fi
 %endif
 
 %changelog
-* Mon Jul 20 2020 Damien Miller <djm@mindrto.org>
+* Thu Oct 28 2021 Damien Miller <djm@mindrot.org>
+- Remove remaining traces of --with-md5-passwords
+
+* Mon Jul 20 2020 Damien Miller <djm@mindrot.org>
 - Add ssh-sk-helper and corresponding manual page.
 
 * Sat Feb 10 2018 Darren Tucker <dtucker@dtucker.net>

diff --git a/md5crypt.c b/md5crypt.c
deleted file mode 100644 (file)
index 52cf295..0000000
--- a/md5crypt.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this
- * notice you can do whatever you want with this stuff. If we meet some
- * day, and you think this stuff is worth it, you can buy me a beer in
- * return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- */
-
-#include "includes.h"
-
-#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-#include <sys/types.h>
-
-#include <string.h>
-
-#include <openssl/md5.h>
-
-/* 0 ... 63 => ascii - 64 */
-static unsigned char itoa64[] =
-    "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-static char *magic = "$1$";
-
-static char *
-to64(unsigned long v, int n)
-{
-       static char buf[5];
-       char *s = buf;
-
-       if (n > 4)
-               return (NULL);
-
-       memset(buf, '\0', sizeof(buf));
-       while (--n >= 0) {
-               *s++ = itoa64[v&0x3f];
-               v >>= 6;
-       }
-
-       return (buf);
-}
-
-int
-is_md5_salt(const char *salt)
-{
-       return (strncmp(salt, magic, strlen(magic)) == 0);
-}
-
-char *
-md5_crypt(const char *pw, const char *salt)
-{
-       static char passwd[120], salt_copy[9];
-       static const char *sp, *ep;
-       unsigned char final[16];
-       int sl, pl, i, j;
-       MD5_CTX ctx, ctx1;
-       unsigned long l;
-
-       /* Refine the Salt first */
-       sp = salt;
-
-       /* If it starts with the magic string, then skip that */
-       if(strncmp(sp, magic, strlen(magic)) == 0)
-               sp += strlen(magic);
-
-       /* It stops at the first '$', max 8 chars */
-       for (ep = sp; *ep != '$'; ep++) {
-               if (*ep == '\0' || ep >= (sp + 8))
-                       return (NULL);
-       }
-
-       /* get the length of the true salt */
-       sl = ep - sp;
-
-       /* Stash the salt */
-       memcpy(salt_copy, sp, sl);
-       salt_copy[sl] = '\0';
-
-       MD5_Init(&ctx);
-
-       /* The password first, since that is what is most unknown */
-       MD5_Update(&ctx, pw, strlen(pw));
-
-       /* Then our magic string */
-       MD5_Update(&ctx, magic, strlen(magic));
-
-       /* Then the raw salt */
-       MD5_Update(&ctx, sp, sl);
-
-       /* Then just as many characters of the MD5(pw, salt, pw) */
-       MD5_Init(&ctx1);
-       MD5_Update(&ctx1, pw, strlen(pw));
-       MD5_Update(&ctx1, sp, sl);
-       MD5_Update(&ctx1, pw, strlen(pw));
-       MD5_Final(final, &ctx1);
-
-       for(pl = strlen(pw); pl > 0; pl -= 16)
-               MD5_Update(&ctx, final, pl > 16 ? 16 : pl);
-
-       /* Don't leave anything around in vm they could use. */
-       memset(final, '\0', sizeof final);
-
-       /* Then something really weird... */
-       for (j = 0, i = strlen(pw); i != 0; i >>= 1)
-               if (i & 1)
-                       MD5_Update(&ctx, final + j, 1);
-               else
-                       MD5_Update(&ctx, pw + j, 1);
-
-       /* Now make the output string */
-       snprintf(passwd, sizeof(passwd), "%s%s$", magic, salt_copy);
-
-       MD5_Final(final, &ctx);
-
-       /*
-        * and now, just to make sure things don't run too fast
-        * On a 60 Mhz Pentium this takes 34 msec, so you would
-        * need 30 seconds to build a 1000 entry dictionary...
-        */
-       for(i = 0; i < 1000; i++) {
-               MD5_Init(&ctx1);
-               if (i & 1)
-                       MD5_Update(&ctx1, pw, strlen(pw));
-               else
-                       MD5_Update(&ctx1, final, 16);
-
-               if (i % 3)
-                       MD5_Update(&ctx1, sp, sl);
-
-               if (i % 7)
-                       MD5_Update(&ctx1, pw, strlen(pw));
-
-               if (i & 1)
-                       MD5_Update(&ctx1, final, 16);
-               else
-                       MD5_Update(&ctx1, pw, strlen(pw));
-
-               MD5_Final(final, &ctx1);
-       }
-
-       l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
-       strlcat(passwd, to64(l, 4), sizeof(passwd));
-       l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
-       strlcat(passwd, to64(l, 4), sizeof(passwd));
-       l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
-       strlcat(passwd, to64(l, 4), sizeof(passwd));
-       l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
-       strlcat(passwd, to64(l, 4), sizeof(passwd));
-       l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
-       strlcat(passwd, to64(l, 4), sizeof(passwd));
-       l =                    final[11]                ;
-       strlcat(passwd, to64(l, 2), sizeof(passwd));
-
-       /* Don't leave anything around in vm they could use. */
-       memset(final, 0, sizeof(final));
-       memset(salt_copy, 0, sizeof(salt_copy));
-       memset(&ctx, 0, sizeof(ctx));
-       memset(&ctx1, 0, sizeof(ctx1));
-       (void)to64(0, 4);
-
-       return (passwd);
-}
-
-#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */

diff --git a/md5crypt.h b/md5crypt.h
deleted file mode 100644 (file)
index 978e579..0000000
--- a/md5crypt.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * ----------------------------------------------------------------------------
- * "THE BEER-WARE LICENSE" (Revision 42):
- * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
- * can do whatever you want with this stuff. If we meet some day, and you think
- * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
- * ----------------------------------------------------------------------------
- */
-
-#ifndef _MD5CRYPT_H
-#define _MD5CRYPT_H
-
-#include "config.h"
-
-#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-
-int is_md5_salt(const char *);
-char *md5_crypt(const char *, const char *);
-
-#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */
-
-#endif /* MD5CRYPT_H */

diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 360b187af9fbbcea2284b8eb1d914618a44c547f..e493dd31f221f5b31db1f6cd8b84d9ac5825414d 100644 (file)
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -54,10 +54,6 @@
 #  include <pwdadj.h>
 # endif
 
-# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
-#  include "md5crypt.h"
-# endif
-
 # if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
 #  include <openssl/des.h>
 #  define crypt DES_crypt
@@ -108,12 +104,7 @@ xcrypt(const char *password, const char *salt)
        if (salt == NULL)
                salt = pick_salt();
 
-# ifdef HAVE_MD5_PASSWORDS
-       if (is_md5_salt(salt))
-               crypted = md5_crypt(password, salt);
-       else
-               crypted = crypt(password, salt);
-# elif defined(__hpux) && !defined(HAVE_SECUREWARE)
+#if defined(__hpux) && !defined(HAVE_SECUREWARE)
        if (iscomsec())
                crypted = bigcrypt(password, salt);
        else
@@ -122,7 +113,7 @@ xcrypt(const char *password, const char *salt)
        crypted = bigcrypt(password, salt);
 # else
        crypted = crypt(password, salt);
-# endif
+#endif
 
        return crypted;
 }