X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fpasswd.c;h=7ae9e8888012f8a92b9b2e976dfb737530c6c382;hp=898831337563488b4e40d2f1f0e867f9ba2a7437;hb=4de9913b8c2a11f17258a2ad5e357046fd221360;hpb=bdd58d98467e9f0f6635c1628e1eae304383afb1

diff --git a/apps/passwd.c b/apps/passwd.c
index 8988313375..7ae9e88880 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -201,17 +201,20 @@ int passwd_main(int argc, char **argv)
         goto opthelp;
 # endif
 
-    if (!app_load_modules(NULL))
-        goto end;
-
-    if (infile && in_stdin) {
+    if (infile != NULL && in_stdin) {
         BIO_printf(bio_err, "%s: Can't combine -in and -stdin\n", prog);
         goto end;
     }
 
-    in = bio_open_default(infile, 'r', FORMAT_TEXT);
-    if (in == NULL)
-        goto end;
+    if (infile != NULL || in_stdin) {
+        /*
+         * If in_stdin is true, we know that infile is NULL, and that
+         * bio_open_default() will give us back an alias for stdin.
+         */
+        in = bio_open_default(infile, 'r', FORMAT_TEXT);
+        if (in == NULL)
+            goto end;
+    }
 
     if (usecrypt)
         pw_maxlen = 8;
@@ -310,60 +313,65 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
     char *salt_out;
     int n;
     unsigned int i;
-    EVP_MD_CTX md, md2;
+    EVP_MD_CTX *md, *md2;
     size_t passwd_len, salt_len;
 
     passwd_len = strlen(passwd);
     out_buf[0] = '$';
     out_buf[1] = 0;
     assert(strlen(magic) <= 4); /* "1" or "apr1" */
-    strncat(out_buf, magic, 4);
-    strncat(out_buf, "$", 1);
-    strncat(out_buf, salt, 8);
+    OPENSSL_strlcat(out_buf, magic, sizeof out_buf);
+    OPENSSL_strlcat(out_buf, "$", sizeof out_buf);
+    OPENSSL_strlcat(out_buf, salt, sizeof out_buf);
     assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
     salt_out = out_buf + 2 + strlen(magic);
     salt_len = strlen(salt_out);
     assert(salt_len <= 8);
 
-    EVP_MD_CTX_init(&md);
-    EVP_DigestInit_ex(&md, EVP_md5(), NULL);
-    EVP_DigestUpdate(&md, passwd, passwd_len);
-    EVP_DigestUpdate(&md, "$", 1);
-    EVP_DigestUpdate(&md, magic, strlen(magic));
-    EVP_DigestUpdate(&md, "$", 1);
-    EVP_DigestUpdate(&md, salt_out, salt_len);
-
-    EVP_MD_CTX_init(&md2);
-    EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
-    EVP_DigestUpdate(&md2, passwd, passwd_len);
-    EVP_DigestUpdate(&md2, salt_out, salt_len);
-    EVP_DigestUpdate(&md2, passwd, passwd_len);
-    EVP_DigestFinal_ex(&md2, buf, NULL);
+    md = EVP_MD_CTX_new();
+    if (md == NULL)
+        return NULL;
+    EVP_DigestInit_ex(md, EVP_md5(), NULL);
+    EVP_DigestUpdate(md, passwd, passwd_len);
+    EVP_DigestUpdate(md, "$", 1);
+    EVP_DigestUpdate(md, magic, strlen(magic));
+    EVP_DigestUpdate(md, "$", 1);
+    EVP_DigestUpdate(md, salt_out, salt_len);
+
+    md2 = EVP_MD_CTX_new();
+    if (md2 == NULL)
+        return NULL;
+    EVP_DigestInit_ex(md2, EVP_md5(), NULL);
+    EVP_DigestUpdate(md2, passwd, passwd_len);
+    EVP_DigestUpdate(md2, salt_out, salt_len);
+    EVP_DigestUpdate(md2, passwd, passwd_len);
+    EVP_DigestFinal_ex(md2, buf, NULL);
 
     for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
-        EVP_DigestUpdate(&md, buf, sizeof buf);
-    EVP_DigestUpdate(&md, buf, i);
+        EVP_DigestUpdate(md, buf, sizeof buf);
+    EVP_DigestUpdate(md, buf, i);
 
     n = passwd_len;
     while (n) {
-        EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
+        EVP_DigestUpdate(md, (n & 1) ? "\0" : passwd, 1);
         n >>= 1;
     }
-    EVP_DigestFinal_ex(&md, buf, NULL);
+    EVP_DigestFinal_ex(md, buf, NULL);
 
     for (i = 0; i < 1000; i++) {
-        EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
-        EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
+        EVP_DigestInit_ex(md2, EVP_md5(), NULL);
+        EVP_DigestUpdate(md2, (i & 1) ? (unsigned const char *)passwd : buf,
                          (i & 1) ? passwd_len : sizeof buf);
         if (i % 3)
-            EVP_DigestUpdate(&md2, salt_out, salt_len);
+            EVP_DigestUpdate(md2, salt_out, salt_len);
         if (i % 7)
-            EVP_DigestUpdate(&md2, passwd, passwd_len);
-        EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
+            EVP_DigestUpdate(md2, passwd, passwd_len);
+        EVP_DigestUpdate(md2, (i & 1) ? buf : (unsigned const char *)passwd,
                          (i & 1) ? sizeof buf : passwd_len);
-        EVP_DigestFinal_ex(&md2, buf, NULL);
+        EVP_DigestFinal_ex(md2, buf, NULL);
     }
-    EVP_MD_CTX_cleanup(&md2);
+    EVP_MD_CTX_free(md2);
+    EVP_MD_CTX_free(md);
 
     {
         /* transform buf into output string */
@@ -402,7 +410,6 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
         *output = 0;
         assert(strlen(out_buf) < sizeof(out_buf));
     }
-    EVP_MD_CTX_cleanup(&md);
 
     return out_buf;
 }