summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
Diffstat (limited to 'src/util')
-rw-r--r--src/util/crypto/libcrypto/crypto_sha512crypt.c (renamed from src/util/crypto_sha512crypt.c)1
-rw-r--r--src/util/crypto/nss/nss_sha512crypt.c (renamed from src/util/nss_sha512crypt.c)49
-rw-r--r--src/util/crypto/nss/nss_util.c74
-rw-r--r--src/util/crypto/nss/nss_util.h27
-rw-r--r--src/util/crypto/sss_crypto.h (renamed from src/util/sha512crypt.h)0
5 files changed, 109 insertions, 42 deletions
diff --git a/src/util/crypto_sha512crypt.c b/src/util/crypto/libcrypto/crypto_sha512crypt.c
index 9cd03a1e..29900cc9 100644
--- a/src/util/crypto_sha512crypt.c
+++ b/src/util/crypto/libcrypto/crypto_sha512crypt.c
@@ -379,4 +379,3 @@ int s3crypt_gen_salt(TALLOC_CTX *memctx, char **_salt)
return EOK;
}
-
diff --git a/src/util/nss_sha512crypt.c b/src/util/crypto/nss/nss_sha512crypt.c
index 8ba16d4a..514e4d9a 100644
--- a/src/util/nss_sha512crypt.c
+++ b/src/util/crypto/nss/nss_sha512crypt.c
@@ -21,41 +21,13 @@
#include <sys/types.h>
#include "util/util.h"
+#include "util/crypto/nss/nss_util.h"
#include <prinit.h>
#include <nss.h>
#include <sechash.h>
#include <pk11func.h>
-static int nspr_nss_init_done = 0;
-
-static int nspr_nss_init(void)
-{
- int ret;
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
- ret = NSS_NoDB_Init(NULL);
- if (ret != SECSuccess) {
- return ret;
- }
- nspr_nss_init_done = 1;
- return 0;
-}
-
-/* added for completness, so far not used */
-#if 0
-static int nspr_nss_cleanup(void)
-{
- int ret;
- ret = NSS_Shutdown();
- if (ret != SECSuccess) {
- return ret;
- }
- PR_Cleanup();
- nspr_nss_init_done = 0;
- return 0;
-}
-#endif
-
/* Define our magic string to mark salt for SHA512 "encryption" replacement. */
const char sha512_salt_prefix[] = "$6$";
#define SALT_PREF_SIZE (sizeof(sha512_salt_prefix) - 1)
@@ -153,12 +125,10 @@ static int sha512_crypt_r(const char *key,
salt = copied_salt = memcpy(tmp + ALIGN64 - PTR_2_INT(tmp) % ALIGN64, salt, salt_len);
}
- if (!nspr_nss_init_done) {
- ret = nspr_nss_init();
- if (ret != SECSuccess) {
- ret = EIO;
- goto done;
- }
+ ret = nspr_nss_init();
+ if (ret != EOK) {
+ ret = EIO;
+ goto done;
}
ctx = HASH_Create(HASH_AlgSHA512);
@@ -387,11 +357,9 @@ int s3crypt_gen_salt(TALLOC_CTX *memctx, char **_salt)
size_t slen;
int ret;
- if (!nspr_nss_init_done) {
- ret = nspr_nss_init();
- if (ret != SECSuccess) {
- return EIO;
- }
+ ret = nspr_nss_init();
+ if (ret != EOK) {
+ return EIO;
}
salt = talloc_size(memctx, SALT_LEN_MAX + 1);
@@ -416,4 +384,3 @@ int s3crypt_gen_salt(TALLOC_CTX *memctx, char **_salt)
return EOK;
}
-
diff --git a/src/util/crypto/nss/nss_util.c b/src/util/crypto/nss/nss_util.c
new file mode 100644
index 00000000..59390eb9
--- /dev/null
+++ b/src/util/crypto/nss/nss_util.c
@@ -0,0 +1,74 @@
+/*
+ SSSD
+
+ NSS crypto wrappers
+
+ Authors:
+ Sumit Bose <sbose@redhat.com>
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) Red Hat, Inc 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "config.h"
+
+#include <prinit.h>
+#include <prerror.h>
+#include <nss.h>
+#include <pk11func.h>
+
+#include "util/util.h"
+
+static int nspr_nss_init_done = 0;
+
+int nspr_nss_init(void)
+{
+ SECStatus sret;
+
+ /* nothing to do */
+ if (nspr_nss_init_done == 1) return SECSuccess;
+
+ PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
+
+ sret = NSS_NoDB_Init(NULL);
+ if (sret != SECSuccess) {
+ DEBUG(1, ("Error initializing connection to NSS [%d]\n",
+ PR_GetError()));
+ return EIO;
+ }
+
+ nspr_nss_init_done = 1;
+ return EOK;
+}
+
+int nspr_nss_cleanup(void)
+{
+ SECStatus sret;
+
+ /* nothing to do */
+ if (nspr_nss_init_done == 0) return SECSuccess;
+
+ sret = NSS_Shutdown();
+ if (sret != SECSuccess) {
+ DEBUG(1, ("Error shutting down connection to NSS [%d]\n",
+ PR_GetError()));
+ return EIO;
+ }
+
+ PR_Cleanup();
+ nspr_nss_init_done = 0;
+ return EOK;
+}
diff --git a/src/util/crypto/nss/nss_util.h b/src/util/crypto/nss/nss_util.h
new file mode 100644
index 00000000..7387b9a7
--- /dev/null
+++ b/src/util/crypto/nss/nss_util.h
@@ -0,0 +1,27 @@
+/*
+ SSSD
+
+ NSS crypto wrappers
+
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) Red Hat, Inc 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+int nspr_nss_init(void);
+int nspr_nss_cleanup(void);
diff --git a/src/util/sha512crypt.h b/src/util/crypto/sss_crypto.h
index 5512c5d9..5512c5d9 100644
--- a/src/util/sha512crypt.h
+++ b/src/util/crypto/sss_crypto.h