Default libcrypt to whether or not we find it

Also deliberately don't provide the function at all if we aren't
compiled with libcrypt so that we can't link if we try to call it when
not available.
This commit is contained in:
Jason Rhinelander 2023-10-25 17:14:54 -03:00
parent d2667cfb89
commit 16506b6d8b
No known key found for this signature in database
GPG Key ID: C4992CE7A88D4262
3 changed files with 8 additions and 5 deletions

View File

@ -139,7 +139,10 @@ endif()
set(default_libcrypt OFF) set(default_libcrypt OFF)
if(LINUX AND NOT STATIC_LINK) if(LINUX AND NOT STATIC_LINK)
pkg_check_modules(LIBCRYPT libcrypt IMPORTED_TARGET)
if(LIBCRYPTO_FOUND)
set(default_libcrypt ON) set(default_libcrypt ON)
endif()
endif() endif()
if(MACOS) if(MACOS)
set(default_libcrypt ON) set(default_libcrypt ON)

View File

@ -499,13 +499,11 @@ namespace llarp
crypto_kem_keypair(d + PQ_SECRETKEYSIZE, d); crypto_kem_keypair(d + PQ_SECRETKEYSIZE, d);
} }
#ifdef HAVE_CRYPT
bool bool
crypto::check_passwd_hash(std::string pwhash, std::string challenge) crypto::check_passwd_hash(std::string pwhash, std::string challenge)
{ {
(void)pwhash;
(void)challenge;
bool ret = false; bool ret = false;
#ifdef HAVE_CRYPT
auto pos = pwhash.find_last_of('$'); auto pos = pwhash.find_last_of('$');
auto settings = pwhash.substr(0, pos); auto settings = pwhash.substr(0, pos);
crypt_data data{}; crypt_data data{};
@ -514,9 +512,9 @@ namespace llarp
ret = ptr == pwhash; ret = ptr == pwhash;
} }
sodium_memzero(&data, sizeof(data)); sodium_memzero(&data, sizeof(data));
#endif
return ret; return ret;
} }
#endif
const byte_t* const byte_t*
seckey_topublic(const SecretKey& sec) seckey_topublic(const SecretKey& sec)

View File

@ -125,7 +125,9 @@ namespace llarp::service
case AuthFileType::eAuthFilePlain: case AuthFileType::eAuthFilePlain:
return hash == challenge; return hash == challenge;
case AuthFileType::eAuthFileHashes: case AuthFileType::eAuthFileHashes:
#ifdef HAVE_CRYPT
return crypto::check_passwd_hash(std::move(hash), std::move(challenge)); return crypto::check_passwd_hash(std::move(hash), std::move(challenge));
#endif
default: default:
return false; return false;
} }