From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 23 Apr 2019 16:17:17 +0000 (+0200)
Subject: firstboot: port to make_salt()
X-Git-Tag: v243-rc1~362^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3862043310de6e68bdc7ba0c45f2149445c91aa1;p=thirdparty%2Fsystemd.git

firstboot: port to make_salt()

Also, let's use crypt_r() over crypt(). Not because we actually use
threads, but because it's safer and more future proof in general.
---

diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index c21cf76b932..7d97777b0dc 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -595,12 +595,6 @@ static int write_root_shadow(const char *path, const struct spwd *p) {
 
 static int process_root_password(void) {
 
-        static const char table[] =
-                "abcdefghijklmnopqrstuvwxyz"
-                "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                "0123456789"
-                "./";
-
         struct spwd item = {
                 .sp_namp = (char*) "root",
                 .sp_min = -1,
@@ -610,12 +604,9 @@ static int process_root_password(void) {
                 .sp_expire = -1,
                 .sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */
         };
-
+        _cleanup_free_ char *salt = NULL;
         _cleanup_close_ int lock = -1;
-        char salt[3+16+1+1];
-        uint8_t raw[16];
-        unsigned i;
-        char *j;
+        struct crypt_data cd = {};
 
         const char *etc_shadow;
         int r;
@@ -659,27 +650,15 @@ static int process_root_password(void) {
         if (!arg_root_password)
                 return 0;
 
-        /* Insist on the best randomness by setting RANDOM_BLOCK, this is about keeping passwords secret after all. */
-        r = genuine_random_bytes(raw, 16, RANDOM_BLOCK);
+        r = make_salt(&salt);
         if (r < 0)
                 return log_error_errno(r, "Failed to get salt: %m");
 
-        /* We only bother with SHA512 hashed passwords, the rest is legacy, and we don't do legacy. */
-        assert_cc(sizeof(table) == 64 + 1);
-        j = stpcpy(salt, "$6$");
-        for (i = 0; i < 16; i++)
-                j[i] = table[raw[i] & 63];
-        j[i++] = '$';
-        j[i] = 0;
-
         errno = 0;
-        item.sp_pwdp = crypt(arg_root_password, salt);
-        if (!item.sp_pwdp) {
-                if (!errno)
-                        errno = EINVAL;
-
-                return log_error_errno(errno, "Failed to encrypt password: %m");
-        }
+        item.sp_pwdp = crypt_r(arg_root_password, salt, &cd);
+        if (!item.sp_pwdp)
+                return log_error_errno(errno == 0 ? SYNTHETIC_ERRNO(EINVAL) : errno,
+                                       "Failed to encrypt password: %m");
 
         item.sp_lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);