X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=apps%2Fpasswd.c;h=9ca25dd1da811fe44934e5e7cce3d4208973cadf;hb=bea29921a8df8077d222e4ca73d78a38af7e5b81;hp=750a3cb39d5b7d62952d4b6be30c25215c467b10;hpb=323f289c480b0a8eb15ed3be2befbcc0f86e8904;p=openssl.git

diff --git a/apps/passwd.c b/apps/passwd.c
index 750a3cb39d..9ca25dd1da 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -15,12 +15,11 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
-
 #ifndef OPENSSL_NO_DES
 # include <openssl/des.h>
 #endif
 #ifndef NO_MD5CRYPT_1
-# include <openssl/evp.h>
+# include <openssl/md5.h>
 #endif
 
 
@@ -79,6 +78,9 @@ int MAIN(int argc, char **argv)
 	if (bio_err == NULL)
 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+	if (!load_config(bio_err, NULL))
+		goto err;
 	out = BIO_new(BIO_s_file());
 	if (out == NULL)
 		goto err;
@@ -289,7 +291,8 @@ err:
 		BIO_free(in);
 	if (out)
 		BIO_free_all(out);
-	EXIT(ret);
+	apps_shutdown();
+	OPENSSL_EXIT(ret);
 	}
 
 
@@ -309,8 +312,9 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	static char out_buf[6 + 9 + 24 + 2]; /* "$apr1$..salt..$.......md5hash..........\0" */
 	unsigned char buf[MD5_DIGEST_LENGTH];
 	char *salt_out;
-	int n, i;
-	EVP_MD_CTX md;
+	int n;
+	unsigned int i;
+	EVP_MD_CTX md,md2;
 	size_t passwd_len, salt_len;
 
 	passwd_len = strlen(passwd);
@@ -325,22 +329,21 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 	salt_len = strlen(salt_out);
 	assert(salt_len <= 8);
 	
-	EVP_DigestInit(&md,EVP_md5());
+	EVP_MD_CTX_init(&md);
+	EVP_DigestInit_ex(&md,EVP_md5(), NULL);
 	EVP_DigestUpdate(&md, passwd, passwd_len);
 	EVP_DigestUpdate(&md, "$", 1);
 	EVP_DigestUpdate(&md, magic, strlen(magic));
 	EVP_DigestUpdate(&md, "$", 1);
 	EVP_DigestUpdate(&md, salt_out, salt_len);
 	
-	 {
-		EVP_MD_CTX md2;
+	EVP_MD_CTX_init(&md2);
+	EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
+	EVP_DigestUpdate(&md2, passwd, passwd_len);
+	EVP_DigestUpdate(&md2, salt_out, salt_len);
+	EVP_DigestUpdate(&md2, passwd, passwd_len);
+	EVP_DigestFinal_ex(&md2, buf, NULL);
 
-		EVP_DigestInit(&md2,EVP_md5());
-		EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, salt_out, salt_len);
-		EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestFinal(&md2, buf, NULL);
-	 }
 	for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
 		EVP_DigestUpdate(&md, buf, sizeof buf);
 	EVP_DigestUpdate(&md, buf, i);
@@ -351,23 +354,22 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 		EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
 		n >>= 1;
 		}
-	EVP_DigestFinal(&md, buf, NULL);
+	EVP_DigestFinal_ex(&md, buf, NULL);
 
 	for (i = 0; i < 1000; i++)
 		{
-		EVP_MD_CTX md2;
-
-		EVP_DigestInit(&md2,EVP_md5());
-		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned char *) passwd : buf,
+		EVP_DigestInit_ex(&md2,EVP_md5(), NULL);
+		EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *) passwd : buf,
 		                       (i & 1) ? passwd_len : sizeof buf);
 		if (i % 3)
 			EVP_DigestUpdate(&md2, salt_out, salt_len);
 		if (i % 7)
 			EVP_DigestUpdate(&md2, passwd, passwd_len);
-		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned char *) passwd,
+		EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *) passwd,
 		                       (i & 1) ? sizeof buf : passwd_len);
-		EVP_DigestFinal(&md2, buf, NULL);
+		EVP_DigestFinal_ex(&md2, buf, NULL);
 		}
+	EVP_MD_CTX_cleanup(&md2);
 	
 	 {
 		/* transform buf into output string */
@@ -405,6 +407,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
 		*output = 0;
 		assert(strlen(out_buf) < sizeof(out_buf));
 	 }
+	EVP_MD_CTX_cleanup(&md);
 
 	return out_buf;
 	}
@@ -471,7 +474,8 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 	if ((strlen(passwd) > pw_maxlen))
 		{
 		if (!quiet)
-			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", pw_maxlen);
+			/* XXX: really we should know how to print a size_t, not cast it */
+			BIO_printf(bio_err, "Warning: truncating password to %u characters\n", (unsigned)pw_maxlen);
 		passwd[pw_maxlen] = 0;
 		}
 	assert(strlen(passwd) <= pw_maxlen);
@@ -479,7 +483,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
 	/* now compute password hash */
 #ifndef OPENSSL_NO_DES
 	if (usecrypt)
-		hash = des_crypt(passwd, *salt_p);
+		hash = DES_crypt(passwd, *salt_p);
 #endif
 #ifndef NO_MD5CRYPT_1
 	if (use1 || useapr1)
@@ -503,6 +507,6 @@ err:
 int MAIN(int argc, char **argv)
 	{
 	fputs("Program not available.\n", stderr)
-	EXIT(1);
+	OPENSSL_EXIT(1);
 	}
 #endif