int
crypt_checkpass(const char *pass, const char *goodhash)
{
char dummy[_PASSWORD_LEN];
if (goodhash == NULL) {
/* fake it */
goto fake;
}
/* empty password */
if (strlen(goodhash) == 0 && strlen(pass) == 0)
return 0;
if (goodhash[0] == '$' && goodhash[1] == '2') {
if (bcrypt_checkpass(pass, goodhash))
goto fail;
return 0;
}
/* unsupported. fake it. */
fake:
bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
fail:
errno = EACCES;
return -1;
}
int
crypt_checkpass(const char *pass, const char *goodhash)
{
char dummy[_PASSWORD_LEN];
char *res;
if (goodhash == NULL) {
/* fake it */
bcrypt_newhash(pass, 8, dummy, sizeof(dummy));
goto fail;
}
/* empty password */
if (strlen(goodhash) == 0 && strlen(pass) == 0)
return 0;
if (goodhash[0] == '$' && goodhash[1] == '2') {
return bcrypt_checkpass(pass, goodhash);
}
/* have to do it the hard way */
res = crypt(pass, goodhash);
if (strlen(res) != strlen(goodhash) ||
timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) {
goto fail;
}
return 0;
fail:
errno = EACCES;
return -1;
}
