138 lines
4.5 KiB
Diff
138 lines
4.5 KiB
Diff
|
From 3a30343a3958caafad6b27e1900c0e7b6b9ab26b Mon Sep 17 00:00:00 2001
|
|||
|
|
From: liuxinhao <liuxinhao@kylinsec.com.cn>
|
|||
|
|
Date: Mon, 8 Jan 2024 15:04:41 +0800
|
|||
|
|
Subject: [PATCH 08/17] refactor(account): Remove useless password encryption
|
|||
|
|
interfaces and remove the dependency of libcrypt
|
|||
|
|
MIME-Version: 1.0
|
|||
|
|
Content-Type: text/plain; charset=UTF-8
|
|||
|
|
Content-Transfer-Encoding: 8bit
|
|||
|
|
|
|||
|
|
- 删除目前无用的密码加密接口,去除libcrypt的依赖
|
|||
|
|
---
|
|||
|
|
plugins/account/CMakeLists.txt | 7 +--
|
|||
|
|
plugins/account/utils/passwd-helper.cpp | 57 -------------------------
|
|||
|
|
plugins/account/utils/passwd-helper.h | 1 -
|
|||
|
|
3 files changed, 2 insertions(+), 63 deletions(-)
|
|||
|
|
|
|||
|
|
diff --git a/plugins/account/CMakeLists.txt b/plugins/account/CMakeLists.txt
|
|||
|
|
index 586c6c8..e96fa92 100644
|
|||
|
|
--- a/plugins/account/CMakeLists.txt
|
|||
|
|
+++ b/plugins/account/CMakeLists.txt
|
|||
|
|
@@ -6,7 +6,6 @@ endif ()
|
|||
|
|
|
|||
|
|
pkg_search_module(CRYPTOPP REQUIRED cryptopp)
|
|||
|
|
pkg_search_module(PAM REQUIRED pam)
|
|||
|
|
-pkg_search_module(LIBCRYPT REQUIRED libcrypt)
|
|||
|
|
|
|||
|
|
file(GLOB_RECURSE ACCOUNT_SRC
|
|||
|
|
${CMAKE_CURRENT_SOURCE_DIR}/*.cpp
|
|||
|
|
@@ -29,8 +28,7 @@ target_include_directories(${TARGET_NAME} PRIVATE
|
|||
|
|
${KIRAN_CC_DAEMON_INCLUDE_DIRS}
|
|||
|
|
${KLOG_INCLUDE_DIRS}
|
|||
|
|
${KIRAN_STYLE_INCLUDE_DIRS}
|
|||
|
|
- ${CRYPTOPP_INCLUDE_DIRS}
|
|||
|
|
- ${LIBCRYPT_INCLUDE_DIRS})
|
|||
|
|
+ ${CRYPTOPP_INCLUDE_DIRS})
|
|||
|
|
|
|||
|
|
target_link_libraries(${TARGET_NAME}
|
|||
|
|
common-widgets
|
|||
|
|
@@ -43,7 +41,6 @@ target_link_libraries(${TARGET_NAME}
|
|||
|
|
${KIRAN_CC_DAEMON_LIBRARIES}
|
|||
|
|
${KLOG_LIBRARIES}
|
|||
|
|
${KIRAN_STYLE_LIBRARIES}
|
|||
|
|
- ${CRYPTOPP_LIBRARIES}
|
|||
|
|
- ${LIBCRYPT_LIBRARIES})
|
|||
|
|
+ ${CRYPTOPP_LIBRARIES})
|
|||
|
|
|
|||
|
|
install(TARGETS ${TARGET_NAME} DESTINATION ${PLUGIN_LIBS_DIR}/)
|
|||
|
|
diff --git a/plugins/account/utils/passwd-helper.cpp b/plugins/account/utils/passwd-helper.cpp
|
|||
|
|
index f6b76f2..a5641c7 100644
|
|||
|
|
--- a/plugins/account/utils/passwd-helper.cpp
|
|||
|
|
+++ b/plugins/account/utils/passwd-helper.cpp
|
|||
|
|
@@ -14,7 +14,6 @@
|
|||
|
|
|
|||
|
|
#include "passwd-helper.h"
|
|||
|
|
|
|||
|
|
-#include <crypt.h>
|
|||
|
|
#include <cryptopp/base64.h>
|
|||
|
|
#include <cryptopp/cryptlib.h>
|
|||
|
|
#include <cryptopp/hex.h>
|
|||
|
|
@@ -33,62 +32,6 @@
|
|||
|
|
|
|||
|
|
using namespace CryptoPP;
|
|||
|
|
|
|||
|
|
-bool PasswdHelper::encryptPassword(const QString &pwd, QString &encrypted)
|
|||
|
|
-{
|
|||
|
|
- QByteArray byteArray = pwd.toLatin1();
|
|||
|
|
- QString saltChar = "ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvxyz./0123456789";
|
|||
|
|
-
|
|||
|
|
- QString rand16SaltChar;
|
|||
|
|
-
|
|||
|
|
- std::default_random_engine randomEngine;
|
|||
|
|
- std::uniform_int_distribution<int> uniformIntDistribution(0, saltChar.size() - 1);
|
|||
|
|
- for (int i = 0; i < 16; i++)
|
|||
|
|
- {
|
|||
|
|
- char ch = saltChar.at(uniformIntDistribution(randomEngine)).toLatin1();
|
|||
|
|
- rand16SaltChar.append(ch);
|
|||
|
|
- }
|
|||
|
|
-
|
|||
|
|
- QString salt = QString("$6$%1$").arg(rand16SaltChar);
|
|||
|
|
- QByteArray saltByteArray = salt.toLatin1();
|
|||
|
|
-
|
|||
|
|
- char *cryptedResult = nullptr;
|
|||
|
|
- QByteArray cryptedResultBuffer(100, 0);
|
|||
|
|
-
|
|||
|
|
- //NOTE:兼容低版本libcrypt(不带有crypt_rn接口的版本)
|
|||
|
|
-#if 0
|
|||
|
|
- forever
|
|||
|
|
- {
|
|||
|
|
- cryptedResult = crypt_rn(byteArray.data(),
|
|||
|
|
- saltByteArray.data(),
|
|||
|
|
- cryptedResultBuffer.data(),
|
|||
|
|
- cryptedResultBuffer.size());
|
|||
|
|
- if (cryptedResult == nullptr)
|
|||
|
|
- {
|
|||
|
|
- if (errno == ERANGE)
|
|||
|
|
- {
|
|||
|
|
- cryptedResultBuffer.resize(cryptedResultBuffer.size() * 2);
|
|||
|
|
- continue;
|
|||
|
|
- }
|
|||
|
|
- else
|
|||
|
|
- {
|
|||
|
|
- KLOG_WARNING() << "encrypt passwd failed," << strerror(errno);
|
|||
|
|
- }
|
|||
|
|
- }
|
|||
|
|
- break;
|
|||
|
|
- }
|
|||
|
|
-#else
|
|||
|
|
- crypt_data cryptData{};
|
|||
|
|
- cryptedResult = crypt_r(byteArray.data(),
|
|||
|
|
- saltByteArray.data(),
|
|||
|
|
- &cryptData);
|
|||
|
|
-#endif
|
|||
|
|
-
|
|||
|
|
- if (cryptedResult)
|
|||
|
|
- encrypted = cryptedResult;
|
|||
|
|
-
|
|||
|
|
- return cryptedResult != nullptr;
|
|||
|
|
-}
|
|||
|
|
-
|
|||
|
|
bool PasswdHelper::encryptPasswordByRsa(const QString &publicKey, const QString &pwd, QString &encrypted)
|
|||
|
|
{
|
|||
|
|
CryptoPP::RandomPool random_pool;
|
|||
|
|
diff --git a/plugins/account/utils/passwd-helper.h b/plugins/account/utils/passwd-helper.h
|
|||
|
|
index b09d246..fc98068 100644
|
|||
|
|
--- a/plugins/account/utils/passwd-helper.h
|
|||
|
|
+++ b/plugins/account/utils/passwd-helper.h
|
|||
|
|
@@ -18,7 +18,6 @@
|
|||
|
|
class QString;
|
|||
|
|
namespace PasswdHelper
|
|||
|
|
{
|
|||
|
|
-bool encryptPassword(const QString &pwd, QString &encrypted);
|
|||
|
|
bool encryptPasswordByRsa(const QString &publicKey, const QString &pwd, QString &encrypted);
|
|||
|
|
bool checkUserPassword(const QString &user, const QString &pwd);
|
|||
|
|
} // namespace PasswdHelper
|
|||
|
|
--
|
|||
|
|
2.33.0
|
|||
|
|
|