1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
--- src/users.c.orig 2024-08-15 14:34:02 UTC
+++ src/users.c
@@ -211,6 +211,24 @@ struct mt_credentials *find_user(char *username) {
return NULL;
}
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+/*
+ * Filter out colons from the decoded string.
+ * By default, the OPENSSL_buf2hexstr function in OpenSSL 1.1
+ * uses colons as a byte separator, and this cannot be overridden.
+ */
+static void remove_colons(char *s) {
+ const char *p = s;
+ char *q = s;
+ while (*p != '\0') {
+ *q = *p++;
+ q += (*q != ':');
+ }
+
+ *q = '\0';
+}
+#endif
+
int add_user(const char *username, const char *password) {
FILE *rfile;
FILE *wfile;
@@ -289,12 +307,27 @@ int add_user(const char *username, const char *passwor
continue;
}
fprintf(wfile, "%s:", username);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ char *output;
+ output = OPENSSL_buf2hexstr(newhash, MT_CRED_HASHLEN);
+ remove_colons(output);
+#else
char output[MT_CRED_HASHLEN * 2 + 1];
OPENSSL_buf2hexstr_ex(output, sizeof(output), NULL, newhash, MT_CRED_HASHLEN, '\0');
+#endif
fputs(output, wfile);
fputs(":", wfile);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ OPENSSL_free(output);
+ output = OPENSSL_buf2hexstr(newsalt, MT_CRED_SALTLEN);
+ remove_colons(output);
+#else
OPENSSL_buf2hexstr_ex(output, sizeof(output), NULL, newsalt, MT_CRED_SALTLEN, '\0');
+#endif
fputs(output, wfile);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ OPENSSL_free(output);
+#endif
fputs("\n", wfile);
found = 1;
} else {
@@ -306,12 +339,27 @@ int add_user(const char *username, const char *passwor
if (!found && password != NULL) {
// Write username, salt, and hashed password to the file
fprintf(wfile, "%s:", username);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ char *output;
+ output = OPENSSL_buf2hexstr(newhash, MT_CRED_HASHLEN);
+ remove_colons(output);
+#else
char output[MT_CRED_HASHLEN * 2 + 1];
OPENSSL_buf2hexstr_ex(output, sizeof(output), NULL, newhash, MT_CRED_HASHLEN, '\0');
+#endif
fputs(output, wfile);
fputs(":", wfile);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ OPENSSL_free(output);
+ output = OPENSSL_buf2hexstr(newsalt, MT_CRED_SALTLEN);
+ remove_colons(output);
+#else
OPENSSL_buf2hexstr_ex(output, sizeof(output), NULL, newsalt, MT_CRED_SALTLEN, '\0');
+#endif
fputs(output, wfile);
+#if OPENSSL_VERSION_NUMBER < 0x030000000 // less than 3.0.0
+ OPENSSL_free(output);
+#endif
fputs("\n", wfile);
}
@@ -327,4 +375,4 @@ int add_user(const char *username, const char *passwor
}
return found ? 2 : 1;
-}
\ No newline at end of file
+}
|
