From 413a83c1ec59814cdeca07cacb6738dca1d159e2 Mon Sep 17 00:00:00 2001 From: Enno Rehling Date: Tue, 27 Nov 2018 20:16:27 +0100 Subject: [PATCH] simpler hack, um den brypt workfactor einzustellen (oder passwort-checks abzuschalten), weil man manchmal halt keine Zeit hat. --- src/main.c | 5 +++++ src/util/password.c | 11 +++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/main.c b/src/main.c index d51f55471..0dec070ce 100644 --- a/src/main.c +++ b/src/main.c @@ -28,6 +28,7 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. #include #include #include +#include #include "eressea.h" #ifdef USE_CURSES @@ -231,6 +232,10 @@ static int parse_args(int argc, char **argv) i = get_arg(argc, argv, 2, i, &arg, 0); turn = atoi(arg); break; + case 'w': + i = get_arg(argc, argv, 2, i, &arg, 0); + bcrypt_workfactor = arg ? atoi(arg) : 0xff; + break; case 'q': verbosity = 0; break; diff --git a/src/util/password.c b/src/util/password.c index 61ae8f2a0..aab16acee 100644 --- a/src/util/password.c +++ b/src/util/password.c @@ -17,7 +17,7 @@ bool password_is_implemented(cryptalgo_t algo) { } const char * password_hash(const char * passwd, cryptalgo_t algo) { - if (algo == PASSWORD_BCRYPT) { + if (algo == PASSWORD_BCRYPT && bcrypt_workfactor != 0) { char salt[BCRYPT_HASHSIZE]; static char hash[BCRYPT_HASHSIZE]; int ret; @@ -32,9 +32,12 @@ const char * password_hash(const char * passwd, cryptalgo_t algo) { int password_verify(const char * pwhash, const char * passwd) { if (pwhash[0] == '$') { if (pwhash[1] == '2') { - int ret = bcrypt_checkpw(passwd, pwhash); - assert(ret != -1); - return (ret == 0) ? VERIFY_OK : VERIFY_FAIL; + if (bcrypt_workfactor > 0) { + int ret = bcrypt_checkpw(passwd, pwhash); + assert(ret != -1); + return (ret == 0) ? VERIFY_OK : VERIFY_FAIL; + } + return VERIFY_OK; } } return (strcmp(passwd, pwhash) == 0) ? VERIFY_OK : VERIFY_FAIL;