int crypt_checkpass(const char *pass, const char *goodhash) { char dummy[_PASSWORD_LEN]; if (goodhash == NULL) { /* fake it */ goto fake; } /* empty password */ if (strlen(goodhash) == 0 && strlen(pass) == 0) return 0; if (goodhash[0] == '$' && goodhash[1] == '2') { if (bcrypt_checkpass(pass, goodhash)) goto fail; return 0; } /* unsupported. fake it. */ fake: bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); fail: errno = EACCES; return -1; }
int crypt_checkpass(const char *pass, const char *goodhash) { char dummy[_PASSWORD_LEN]; char *res; if (goodhash == NULL) { /* fake it */ bcrypt_newhash(pass, 8, dummy, sizeof(dummy)); goto fail; } /* empty password */ if (strlen(goodhash) == 0 && strlen(pass) == 0) return 0; if (goodhash[0] == '$' && goodhash[1] == '2') { return bcrypt_checkpass(pass, goodhash); } /* have to do it the hard way */ res = crypt(pass, goodhash); if (strlen(res) != strlen(goodhash) || timingsafe_bcmp(res, goodhash, strlen(goodhash)) != 0) { goto fail; } return 0; fail: errno = EACCES; return -1; }