[packages/SysVinit.git] / sysvinit-md5-bigendian.patch

--- sysvinit-2.77/src/md5.c.be	Fri Aug 20 14:05:19 1999
+++ sysvinit-2.77/src/md5.c	Sat Jul 24 02:13:39 1999
@@ -0,0 +1,256 @@
+/*
+ * $Id$
+ *
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest.  This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ *
+ */
+
+#include <string.h>
+#include "md5.h"
+
+#ifndef HIGHFIRST
+#define byteReverse(buf, len)	/* Nothing */
+#else
+static void byteReverse(unsigned char *buf, unsigned longs);
+
+#ifndef ASM_MD5
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+static void byteReverse(unsigned char *buf, unsigned longs)
+{
+	uint32 t;
+	do {
+		t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+		    ((unsigned) buf[1] << 8 | buf[0]);
+		*(uint32 *) buf = t;
+		buf += 4;
+	} while (--longs);
+}
+#endif
+#endif
+
+/*
+ * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+void MD5Name(MD5Init)(struct MD5Context *ctx)
+{
+	ctx->buf[0] = 0x67452301U;
+	ctx->buf[1] = 0xefcdab89U;
+	ctx->buf[2] = 0x98badcfeU;
+	ctx->buf[3] = 0x10325476U;
+
+	ctx->bits[0] = 0;
+	ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsigned len)
+{
+	uint32 t;
+
+	/* Update bitcount */
+
+	t = ctx->bits[0];
+	if ((ctx->bits[0] = t + ((uint32) len << 3)) < t)
+		ctx->bits[1]++;	/* Carry from low to high */
+	ctx->bits[1] += len >> 29;
+
+	t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
+
+	/* Handle any leading odd-sized chunks */
+
+	if (t) {
+		unsigned char *p = (unsigned char *) ctx->in + t;
+
+		t = 64 - t;
+		if (len < t) {
+			memcpy(p, buf, len);
+			return;
+		}
+		memcpy(p, buf, t);
+		byteReverse(ctx->in, 16);
+		MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+		buf += t;
+		len -= t;
+	}
+	/* Process data in 64-byte chunks */
+
+	while (len >= 64) {
+		memcpy(ctx->in, buf, 64);
+		byteReverse(ctx->in, 16);
+		MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+		buf += 64;
+		len -= 64;
+	}
+
+	/* Handle any remaining bytes of data. */
+
+	memcpy(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern 
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
+{
+	unsigned count;
+	unsigned char *p;
+
+	/* Compute number of bytes mod 64 */
+	count = (ctx->bits[0] >> 3) & 0x3F;
+
+	/* Set the first char of padding to 0x80.  This is safe since there is
+	   always at least one byte free */
+	p = ctx->in + count;
+	*p++ = 0x80;
+
+	/* Bytes of padding needed to make 64 bytes */
+	count = 64 - 1 - count;
+
+	/* Pad out to 56 mod 64 */
+	if (count < 8) {
+		/* Two lots of padding:  Pad the first block to 64 bytes */
+		memset(p, 0, count);
+		byteReverse(ctx->in, 16);
+		MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+
+		/* Now fill the next block with 56 bytes */
+		memset(ctx->in, 0, 56);
+	} else {
+		/* Pad block to 56 bytes */
+		memset(p, 0, count - 8);
+	}
+	byteReverse(ctx->in, 14);
+
+	/* Append length in bits and transform */
+	((uint32 *) ctx->in)[14] = ctx->bits[0];
+	((uint32 *) ctx->in)[15] = ctx->bits[1];
+
+	MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
+	byteReverse((unsigned char *) ctx->buf, 4);
+	memcpy(digest, ctx->buf, 16);
+	memset(ctx, 0, sizeof(ctx));	/* In case it's sensitive */
+}
+
+#ifndef ASM_MD5
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data.  MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+void MD5Name(MD5Transform)(uint32 buf[4], uint32 const in[16])
+{
+	register uint32 a, b, c, d;
+
+	a = buf[0];
+	b = buf[1];
+	c = buf[2];
+	d = buf[3];
+
+	MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7);
+	MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12);
+	MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17);
+	MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22);
+	MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7);
+	MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12);
+	MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17);
+	MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22);
+	MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7);
+	MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12);
+	MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17);
+	MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22);
+	MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7);
+	MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12);
+	MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17);
+	MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22);
+
+	MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5);
+	MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9);
+	MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14);
+	MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20);
+	MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5);
+	MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9);
+	MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14);
+	MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20);
+	MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5);
+	MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9);
+	MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14);
+	MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20);
+	MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5);
+	MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9);
+	MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14);
+	MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20);
+
+	MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4);
+	MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11);
+	MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16);
+	MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23);
+	MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4);
+	MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11);
+	MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16);
+	MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23);
+	MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4);
+	MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11);
+	MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16);
+	MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23);
+	MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4);
+	MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11);
+	MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16);
+	MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23);
+
+	MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6);
+	MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10);
+	MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15);
+	MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21);
+	MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6);
+	MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10);
+	MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15);
+	MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21);
+	MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6);
+	MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10);
+	MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15);
+	MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21);
+	MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6);
+	MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10);
+	MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15);
+	MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21);
+
+	buf[0] += a;
+	buf[1] += b;
+	buf[2] += c;
+	buf[3] += d;
+}
+
+#endif
--- sysvinit-2.77/src/md5.h.be	Fri Aug 20 14:05:22 1999
+++ sysvinit-2.77/src/md5.h	Fri Aug 20 13:54:09 1999
@@ -0,0 +1,40 @@
+#ifndef MD5_H
+#define MD5_H
+
+#include <features.h>
+#if defined(__GLIBC__) && __GLIBC__ > 1
+# include <stdint.h>
+typedef uint32_t uint32;
+#else
+# ifdef __alpha
+typedef unsigned int uint32;
+# else
+typedef unsigned long uint32;
+# endif
+#endif
+
+struct MD5Context {
+    uint32 buf[4];
+    uint32 bits[2];
+    unsigned char in[64];
+};
+
+void GoodMD5Init(struct MD5Context *);
+void GoodMD5Update(struct MD5Context *, unsigned const char *, unsigned);
+void GoodMD5Final(unsigned char digest[16], struct MD5Context *);
+void GoodMD5Transform(uint32 buf[4], uint32 const in[16]);
+void BrokenMD5Init(struct MD5Context *);
+void BrokenMD5Update(struct MD5Context *, unsigned const char *, unsigned);
+void BrokenMD5Final(unsigned char digest[16], struct MD5Context *);
+void BrokenMD5Transform(uint32 buf[4], uint32 const in[16]);
+
+char *Goodcrypt_md5(const char *pw, const char *salt);
+char *Brokencrypt_md5(const char *pw, const char *salt);
+
+/*
+* This is needed to make RSAREF happy on some MS-DOS compilers.
+*/
+
+typedef struct MD5Context MD5_CTX;
+
+#endif /* MD5_H */
--- sysvinit-2.77/src/md5_crypt.c.be	Fri Aug 20 14:05:25 1999
+++ sysvinit-2.77/src/md5_crypt.c	Sat Jul 24 02:13:39 1999
@@ -0,0 +1,149 @@
+/*
+ * $Id$
+ *
+ * ----------------------------------------------------------------------------
+ * "THE BEER-WARE LICENSE" (Revision 42):
+ * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
+ * can do whatever you want with this stuff. If we meet some day, and you think
+ * this stuff is worth it, you can buy me a beer in return.   Poul-Henning Kamp
+ * ----------------------------------------------------------------------------
+ *
+ * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp
+ *
+ */
+
+#include <string.h>
+#include "md5.h"
+
+static unsigned char itoa64[] =	/* 0 ... 63 => ascii - 64 */
+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+static void to64(char *s, unsigned long v, int n)
+{
+	while (--n >= 0) {
+		*s++ = itoa64[v & 0x3f];
+		v >>= 6;
+	}
+}
+
+/*
+ * UNIX password
+ *
+ * Use MD5 for what it is best at...
+ */
+
+char *MD5Name(crypt_md5)(const char *pw, const char *salt)
+{
+	const char *magic = "$1$";
+	/* This string is magic for this algorithm.  Having
+	 * it this way, we can get get better later on */
+	static char passwd[120], *p;
+	static const char *sp, *ep;
+	unsigned char final[16];
+	int sl, pl, i, j;
+	MD5_CTX ctx, ctx1;
+	unsigned long l;
+
+	/* Refine the Salt first */
+	sp = salt;
+
+	/* If it starts with the magic string, then skip that */
+	if (!strncmp(sp, magic, strlen(magic)))
+		sp += strlen(magic);
+
+	/* It stops at the first '$', max 8 chars */
+	for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
+		continue;
+
+	/* get the length of the true salt */
+	sl = ep - sp;
+
+	MD5Name(MD5Init)(&ctx);
+
+	/* The password first, since that is what is most unknown */
+	MD5Name(MD5Update)(&ctx,(unsigned const char *)pw,strlen(pw));
+
+	/* Then our magic string */
+	MD5Name(MD5Update)(&ctx,(unsigned const char *)magic,strlen(magic));
+
+	/* Then the raw salt */
+	MD5Name(MD5Update)(&ctx,(unsigned const char *)sp,sl);
+
+	/* Then just as many characters of the MD5(pw,salt,pw) */
+	MD5Name(MD5Init)(&ctx1);
+	MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
+	MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
+	MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
+	MD5Name(MD5Final)(final,&ctx1);
+	for (pl = strlen(pw); pl > 0; pl -= 16)
+		MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl);
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final, 0, sizeof final);
+
+	/* Then something really weird... */
+	for (j = 0, i = strlen(pw); i; i >>= 1)
+		if (i & 1)
+			MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1);
+		else
+			MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1);
+
+	/* Now make the output string */
+	strcpy(passwd, magic);
+	strncat(passwd, sp, sl);
+	strcat(passwd, "$");
+
+	MD5Name(MD5Final)(final,&ctx);
+
+	/*
+	 * and now, just to make sure things don't run too fast
+	 * On a 60 Mhz Pentium this takes 34 msec, so you would
+	 * need 30 seconds to build a 1000 entry dictionary...
+	 */
+	for (i = 0; i < 1000; i++) {
+		MD5Name(MD5Init)(&ctx1);
+		if (i & 1)
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
+		else
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
+
+		if (i % 3)
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
+
+		if (i % 7)
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
+
+		if (i & 1)
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
+		else
+			MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
+		MD5Name(MD5Final)(final,&ctx1);
+	}
+
+	p = passwd + strlen(passwd);
+
+	l = (final[0] << 16) | (final[6] << 8) | final[12];
+	to64(p, l, 4);
+	p += 4;
+	l = (final[1] << 16) | (final[7] << 8) | final[13];
+	to64(p, l, 4);
+	p += 4;
+	l = (final[2] << 16) | (final[8] << 8) | final[14];
+	to64(p, l, 4);
+	p += 4;
+	l = (final[3] << 16) | (final[9] << 8) | final[15];
+	to64(p, l, 4);
+	p += 4;
+	l = (final[4] << 16) | (final[10] << 8) | final[5];
+	to64(p, l, 4);
+	p += 4;
+	l = final[11];
+	to64(p, l, 2);
+	p += 2;
+	*p = '\0';
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final, 0, sizeof final);
+
+	return passwd;
+}
--- sysvinit-2.77/src/Makefile.be	Fri Aug 20 12:05:26 1999
+++ sysvinit-2.77/src/Makefile	Fri Aug 20 14:20:42 1999
@@ -50,8 +50,8 @@ utmpdump:	utmpdump.o
 runlevel:	runlevel.o
 		$(CC) $(LDFLAGS) -o $@ runlevel.o
 
-sulogin:	sulogin.o
-		$(CC) $(LDFLAGS) $(STATIC) -o $@ sulogin.o $(LCRYPT)
+sulogin:	sulogin.o md5_broken.o md5_crypt_broken.o
+		$(CC) $(LDFLAGS) $(STATIC) -o $@ $^ $(LCRYPT)
 
 wall:		dowall.o wall.o
 		$(CC) $(LDFLAGS) -o $@ dowall.o wall.o
@@ -67,6 +67,12 @@ utmp.o:		utmp.c init.h
 
 init_utmp.o:	utmp.c init.h
 		$(CC) -c $(CFLAGS) -DINIT_MAIN utmp.c -o init_utmp.o
+
+md5_broken.o: md5.c
+		$(CC) $(CFLAGS) -D'MD5Name(x)=Broken##x' -c $< -o $@
+
+md5_crypt_broken.o: md5_crypt.c
+		$(CC) $(CFLAGS) -D'MD5Name(x)=Broken##x' -c $< -o $@
 
 cleanobjs:
 		rm -f *.o *.bak
--- sysvinit-2.77/src/sulogin.c.be	Fri Aug 20 12:05:26 1999
+++ sysvinit-2.77/src/sulogin.c	Fri Aug 20 14:20:09 1999
@@ -29,6 +29,7 @@
 #if defined(__GLIBC__)
 #  include <crypt.h>
 #endif
+#include "md5.h"
 
 #define CHECK_DES	1
 #define CHECK_MD5	1
@@ -392,7 +393,12 @@ int main(int argc, char **argv)
 	while(1) {
 		if ((p = getpasswd()) == NULL) break;
 		if (pwd->pw_passwd[0] == 0 ||
-		    strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd) == 0)
+		    strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd) == 0
+#ifdef CHECK_MD5
+		    || (strncmp(pwd->pw_passwd, "$1$", 3) == 0 &&
+			strcmp(Brokencrypt_md5(p, pwd->pw_passwd), pwd->pw_passwd) == 0)
+#endif
+		    )
 			sushell(pwd);
 		printf("Login incorrect.\n");
 	}
Commit	Line	Data
ef49bd8c	1	--- sysvinit-2.77/src/md5.c.be Fri Aug 20 14:05:19 1999
	2	+++ sysvinit-2.77/src/md5.c Sat Jul 24 02:13:39 1999
	3	@@ -0,0 +1,256 @@
	4	+/*
	5	+ * $Id$
	6	+ *
	7	+ * This code implements the MD5 message-digest algorithm.
	8	+ * The algorithm is due to Ron Rivest. This code was
	9	+ * written by Colin Plumb in 1993, no copyright is claimed.
	10	+ * This code is in the public domain; do with it what you wish.
	11	+ *
	12	+ * Equivalent code is available from RSA Data Security, Inc.
	13	+ * This code has been tested against that, and is equivalent,
	14	+ * except that you don't need to include two pages of legalese
	15	+ * with every copy.
	16	+ *
	17	+ * To compute the message digest of a chunk of bytes, declare an
	18	+ * MD5Context structure, pass it to MD5Init, call MD5Update as
	19	+ * needed on buffers full of bytes, and then call MD5Final, which
	20	+ * will fill a supplied 16-byte array with the digest.
	21	+ *
	22	+ */
	23	+
	24	+#include <string.h>
	25	+#include "md5.h"
	26	+
	27	+#ifndef HIGHFIRST
	28	+#define byteReverse(buf, len) /* Nothing */
	29	+#else
	30	+static void byteReverse(unsigned char *buf, unsigned longs);
	31	+
	32	+#ifndef ASM_MD5
	33	+/*
	34	+ * Note: this code is harmless on little-endian machines.
	35	+ */
	36	+static void byteReverse(unsigned char *buf, unsigned longs)
	37	+{
	38	+ uint32 t;
	39	+ do {
	40	+ t = (uint32) ((unsigned) buf[3] << 8 \| buf[2]) << 16 \|
	41	+ ((unsigned) buf[1] << 8 \| buf[0]);
	42	+ (uint32 ) buf = t;
	43	+ buf += 4;
	44	+ } while (--longs);
	45	+}
	46	+#endif
	47	+#endif
	48	+
	49	+/*
	50	+ * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
	51	+ * initialization constants.
	52	+ */
	53	+void MD5Name(MD5Init)(struct MD5Context *ctx)
	54	+{
	55	+ ctx->buf[0] = 0x67452301U;
	56	+ ctx->buf[1] = 0xefcdab89U;
	57	+ ctx->buf[2] = 0x98badcfeU;
	58	+ ctx->buf[3] = 0x10325476U;
	59	+
	60	+ ctx->bits[0] = 0;
	61	+ ctx->bits[1] = 0;
	62	+}
	63	+
	64	+/*
65	+ * Update context to reflect the concatenation of another buffer full
66	+ * of bytes.
67	+ */
68	+void MD5Name(MD5Update)(struct MD5Context ctx, unsigned const char buf, unsigned len)
69	+{
70	+ uint32 t;
71	+
72	+ /* Update bitcount */
73	+
74	+ t = ctx->bits[0];
75	+ if ((ctx->bits[0] = t + ((uint32) len << 3)) < t)
76	+ ctx->bits[1]++; /* Carry from low to high */
77	+ ctx->bits[1] += len >> 29;
78	+
79	+ t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
80	+
81	+ /* Handle any leading odd-sized chunks */
82	+
83	+ if (t) {
84	+ unsigned char p = (unsigned char ) ctx->in + t;
85	+
86	+ t = 64 - t;
87	+ if (len < t) {
88	+ memcpy(p, buf, len);
89	+ return;
90	+ }
91	+ memcpy(p, buf, t);
92	+ byteReverse(ctx->in, 16);
93	+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
94	+ buf += t;
95	+ len -= t;
96	+ }
97	+ /* Process data in 64-byte chunks */
98	+
99	+ while (len >= 64) {
100	+ memcpy(ctx->in, buf, 64);
101	+ byteReverse(ctx->in, 16);
102	+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
103	+ buf += 64;
104	+ len -= 64;
105	+ }
106	+
107	+ /* Handle any remaining bytes of data. */
108	+
109	+ memcpy(ctx->in, buf, len);
110	+}
111	+
112	+/*
113	+ * Final wrapup - pad to 64-byte boundary with the bit pattern
114	+ * 1 0* (64-bit count of bits processed, MSB-first)
115	+ */
116	+void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
117	+{
118	+ unsigned count;
119	+ unsigned char *p;
120	+
121	+ /* Compute number of bytes mod 64 */
122	+ count = (ctx->bits[0] >> 3) & 0x3F;
123	+
124	+ /* Set the first char of padding to 0x80. This is safe since there is
125	+ always at least one byte free */
126	+ p = ctx->in + count;
127	+ *p++ = 0x80;
128	+
129	+ /* Bytes of padding needed to make 64 bytes */
130	+ count = 64 - 1 - count;
131	+
132	+ /* Pad out to 56 mod 64 */
133	+ if (count < 8) {
134	+ /* Two lots of padding: Pad the first block to 64 bytes */
135	+ memset(p, 0, count);
136	+ byteReverse(ctx->in, 16);
137	+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
138	+
139	+ /* Now fill the next block with 56 bytes */
140	+ memset(ctx->in, 0, 56);
141	+ } else {
142	+ /* Pad block to 56 bytes */
143	+ memset(p, 0, count - 8);
144	+ }
145	+ byteReverse(ctx->in, 14);
146	+
147	+ /* Append length in bits and transform */
148	+ ((uint32 *) ctx->in)[14] = ctx->bits[0];
149	+ ((uint32 *) ctx->in)[15] = ctx->bits[1];
150	+
151	+ MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
152	+ byteReverse((unsigned char *) ctx->buf, 4);
153	+ memcpy(digest, ctx->buf, 16);
154	+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
155	+}
156	+
157	+#ifndef ASM_MD5
158	+
159	+/* The four core functions - F1 is optimized somewhat */
160	+
161	+/* #define F1(x, y, z) (x & y \| ~x & z) */
162	+#define F1(x, y, z) (z ^ (x & (y ^ z)))
163	+#define F2(x, y, z) F1(z, x, y)
164	+#define F3(x, y, z) (x ^ y ^ z)
165	+#define F4(x, y, z) (y ^ (x \| ~z))
166	+
167	+/* This is the central step in the MD5 algorithm. */
168	+#define MD5STEP(f, w, x, y, z, data, s) \
169	+ ( w += f(x, y, z) + data, w = w<<s \| w>>(32-s), w += x )
170	+
171	+/*
172	+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
173	+ * reflect the addition of 16 longwords of new data. MD5Update blocks
174	+ * the data and converts bytes into longwords for this routine.
175	+ */
176	+void MD5Name(MD5Transform)(uint32 buf[4], uint32 const in[16])
177	+{
178	+ register uint32 a, b, c, d;
179	+
180	+ a = buf[0];
181	+ b = buf[1];
182	+ c = buf[2];
183	+ d = buf[3];
184	+
185	+ MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7);
186	+ MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12);
187	+ MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17);
188	+ MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22);
189	+ MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7);
190	+ MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12);
191	+ MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17);
192	+ MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22);
193	+ MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7);
194	+ MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12);
195	+ MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17);
196	+ MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22);
197	+ MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7);
198	+ MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12);
199	+ MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17);
200	+ MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22);
201	+
202	+ MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5);
203	+ MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9);
204	+ MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14);
205	+ MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20);
206	+ MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5);
207	+ MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9);
208	+ MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14);
209	+ MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20);
210	+ MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5);
211	+ MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9);
212	+ MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14);
213	+ MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20);
214	+ MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5);
215	+ MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9);
216	+ MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14);
217	+ MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20);
218	+
219	+ MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4);
220	+ MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11);
221	+ MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16);
222	+ MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23);
223	+ MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4);
224	+ MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11);
225	+ MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16);
226	+ MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23);
227	+ MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4);
228	+ MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11);
229	+ MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16);
230	+ MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23);
231	+ MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4);
232	+ MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11);
233	+ MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16);
234	+ MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23);
235	+
236	+ MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6);
237	+ MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10);
238	+ MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15);
239	+ MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21);
240	+ MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6);
241	+ MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10);
242	+ MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15);
243	+ MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21);
244	+ MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6);
245	+ MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10);
246	+ MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15);
247	+ MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21);
248	+ MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6);
249	+ MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10);
250	+ MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15);
251	+ MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21);
252	+
253	+ buf[0] += a;
254	+ buf[1] += b;
255	+ buf[2] += c;
256	+ buf[3] += d;
257	+}
258	+
259	+#endif
260	--- sysvinit-2.77/src/md5.h.be Fri Aug 20 14:05:22 1999
261	+++ sysvinit-2.77/src/md5.h Fri Aug 20 13:54:09 1999
262	@@ -0,0 +1,40 @@
263	+#ifndef MD5_H
264	+#define MD5_H
265	+
266	+#include <features.h>
267	+#if defined(__GLIBC__) && __GLIBC__ > 1
268	+# include <stdint.h>
269	+typedef uint32_t uint32;
270	+#else
271	+# ifdef __alpha
272	+typedef unsigned int uint32;
273	+# else
274	+typedef unsigned long uint32;
275	+# endif
276	+#endif
277	+
278	+struct MD5Context {
279	+ uint32 buf[4];
280	+ uint32 bits[2];
281	+ unsigned char in[64];
282	+};
283	+
284	+void GoodMD5Init(struct MD5Context *);
285	+void GoodMD5Update(struct MD5Context , unsigned const char , unsigned);
286	+void GoodMD5Final(unsigned char digest[16], struct MD5Context *);
287	+void GoodMD5Transform(uint32 buf[4], uint32 const in[16]);
288	+void BrokenMD5Init(struct MD5Context *);
289	+void BrokenMD5Update(struct MD5Context , unsigned const char , unsigned);
290	+void BrokenMD5Final(unsigned char digest[16], struct MD5Context *);
291	+void BrokenMD5Transform(uint32 buf[4], uint32 const in[16]);
292	+
293	+char Goodcrypt_md5(const char pw, const char *salt);
294	+char Brokencrypt_md5(const char pw, const char *salt);
295	+
296	+/*
297	+* This is needed to make RSAREF happy on some MS-DOS compilers.
298	+*/
299	+
300	+typedef struct MD5Context MD5_CTX;
301	+
302	+#endif /* MD5_H */
303	--- sysvinit-2.77/src/md5_crypt.c.be Fri Aug 20 14:05:25 1999
304	+++ sysvinit-2.77/src/md5_crypt.c Sat Jul 24 02:13:39 1999
305	@@ -0,0 +1,149 @@
306	+/*
307	+ * $Id$
308	+ *
309	+ * ----------------------------------------------------------------------------
310	+ * "THE BEER-WARE LICENSE" (Revision 42):
311	+ * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you
312	+ * can do whatever you want with this stuff. If we meet some day, and you think
313	+ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
314	+ * ----------------------------------------------------------------------------
315	+ *
316	+ * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp
317	+ *
318	+ */
319	+
320	+#include <string.h>
321	+#include "md5.h"
322	+
323	+static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
324	+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
325	+
326	+static void to64(char *s, unsigned long v, int n)
327	+{
328	+ while (--n >= 0) {
329	+ *s++ = itoa64[v & 0x3f];
330	+ v >>= 6;
331	+ }
332	+}
333	+
334	+/*
335	+ * UNIX password
336	+ *
337	+ * Use MD5 for what it is best at...
338	+ */
339	+
340	+char MD5Name(crypt_md5)(const char pw, const char *salt)
341	+{
342	+ const char *magic = "$1$";
343	+ /* This string is magic for this algorithm. Having
344	+ * it this way, we can get get better later on */
345	+ static char passwd[120], *p;
346	+ static const char sp, ep;
347	+ unsigned char final[16];
348	+ int sl, pl, i, j;
349	+ MD5_CTX ctx, ctx1;
350	+ unsigned long l;
351	+
352	+ /* Refine the Salt first */
353	+ sp = salt;
354	+
355	+ /* If it starts with the magic string, then skip that */
356	+ if (!strncmp(sp, magic, strlen(magic)))
357	+ sp += strlen(magic);
358	+
359	+ /* It stops at the first '$', max 8 chars */
360	+ for (ep = sp; ep && ep != '$' && ep < (sp + 8); ep++)
361	+ continue;
362	+
363	+ /* get the length of the true salt */
364	+ sl = ep - sp;
365	+
366	+ MD5Name(MD5Init)(&ctx);
367	+
368	+ /* The password first, since that is what is most unknown */
369	+ MD5Name(MD5Update)(&ctx,(unsigned const char *)pw,strlen(pw));
370	+
371	+ /* Then our magic string */
372	+ MD5Name(MD5Update)(&ctx,(unsigned const char *)magic,strlen(magic));
373	+
374	+ /* Then the raw salt */
375	+ MD5Name(MD5Update)(&ctx,(unsigned const char *)sp,sl);
376	+
377	+ /* Then just as many characters of the MD5(pw,salt,pw) */
378	+ MD5Name(MD5Init)(&ctx1);
379	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
380	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
381	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
382	+ MD5Name(MD5Final)(final,&ctx1);
383	+ for (pl = strlen(pw); pl > 0; pl -= 16)
384	+ MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl);
385	+
386	+ /* Don't leave anything around in vm they could use. */
387	+ memset(final, 0, sizeof final);
388	+
389	+ /* Then something really weird... */
390	+ for (j = 0, i = strlen(pw); i; i >>= 1)
391	+ if (i & 1)
392	+ MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1);
393	+ else
394	+ MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1);
395	+
396	+ /* Now make the output string */
397	+ strcpy(passwd, magic);
398	+ strncat(passwd, sp, sl);
399	+ strcat(passwd, "$");
400	+
401	+ MD5Name(MD5Final)(final,&ctx);
402	+
403	+ /*
404	+ * and now, just to make sure things don't run too fast
405	+ * On a 60 Mhz Pentium this takes 34 msec, so you would
406	+ * need 30 seconds to build a 1000 entry dictionary...
407	+ */
408	+ for (i = 0; i < 1000; i++) {
409	+ MD5Name(MD5Init)(&ctx1);
410	+ if (i & 1)
411	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
412	+ else
413	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
414	+
415	+ if (i % 3)
416	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl);
417	+
418	+ if (i % 7)
419	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
420	+
421	+ if (i & 1)
422	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16);
423	+ else
424	+ MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw));
425	+ MD5Name(MD5Final)(final,&ctx1);
426	+ }
427	+
428	+ p = passwd + strlen(passwd);
429	+
430	+ l = (final[0] << 16) \| (final[6] << 8) \| final[12];
431	+ to64(p, l, 4);
432	+ p += 4;
433	+ l = (final[1] << 16) \| (final[7] << 8) \| final[13];
434	+ to64(p, l, 4);
435	+ p += 4;
436	+ l = (final[2] << 16) \| (final[8] << 8) \| final[14];
437	+ to64(p, l, 4);
438	+ p += 4;
439	+ l = (final[3] << 16) \| (final[9] << 8) \| final[15];
440	+ to64(p, l, 4);
441	+ p += 4;
442	+ l = (final[4] << 16) \| (final[10] << 8) \| final[5];
443	+ to64(p, l, 4);
444	+ p += 4;
445	+ l = final[11];
446	+ to64(p, l, 2);
447	+ p += 2;
448	+ *p = '\0';
449	+
450	+ /* Don't leave anything around in vm they could use. */
451	+ memset(final, 0, sizeof final);
452	+
453	+ return passwd;
454	+}
455	--- sysvinit-2.77/src/Makefile.be Fri Aug 20 12:05:26 1999
456	+++ sysvinit-2.77/src/Makefile Fri Aug 20 14:20:42 1999
457	@@ -50,8 +50,8 @@ utmpdump: utmpdump.o
458	runlevel: runlevel.o
459	$(CC) $(LDFLAGS) -o $@ runlevel.o
460
461	-sulogin: sulogin.o
462	- $(CC) $(LDFLAGS) $(STATIC) -o $@ sulogin.o $(LCRYPT)
463	+sulogin: sulogin.o md5_broken.o md5_crypt_broken.o
464	+ $(CC) $(LDFLAGS) $(STATIC) -o $@ $^ $(LCRYPT)
465
466	wall: dowall.o wall.o
467	$(CC) $(LDFLAGS) -o $@ dowall.o wall.o
468	@@ -67,6 +67,12 @@ utmp.o: utmp.c init.h
469
470	init_utmp.o: utmp.c init.h
471	$(CC) -c $(CFLAGS) -DINIT_MAIN utmp.c -o init_utmp.o
472	+
473	+md5_broken.o: md5.c
474	+ $(CC) $(CFLAGS) -D'MD5Name(x)=Broken##x' -c $< -o $@
475	+
476	+md5_crypt_broken.o: md5_crypt.c
477	+ $(CC) $(CFLAGS) -D'MD5Name(x)=Broken##x' -c $< -o $@
478
479	cleanobjs:
480	rm -f .o .bak
481	--- sysvinit-2.77/src/sulogin.c.be Fri Aug 20 12:05:26 1999
482	+++ sysvinit-2.77/src/sulogin.c Fri Aug 20 14:20:09 1999
483	@@ -29,6 +29,7 @@
484	#if defined(__GLIBC__)
485	# include <crypt.h>
486	#endif
487	+#include "md5.h"
488
489	#define CHECK_DES 1
490	#define CHECK_MD5 1
491	@@ -392,7 +393,12 @@ int main(int argc, char **argv)
492	while(1) {
493	if ((p = getpasswd()) == NULL) break;
494	if (pwd->pw_passwd[0] == 0 \|\|
495	- strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd) == 0)
496	+ strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd) == 0
497	+#ifdef CHECK_MD5
498	+ \|\| (strncmp(pwd->pw_passwd, "$1$", 3) == 0 &&
499	+ strcmp(Brokencrypt_md5(p, pwd->pw_passwd), pwd->pw_passwd) == 0)
500	+#endif
501	+ )
502	sushell(pwd);
503	printf("Login incorrect.\n");
504	}