Initial QSfera import
This commit is contained in:
+24
@@ -0,0 +1,24 @@
|
||||
# Compiled Object files, Static and Dynamic libs (Shared Objects)
|
||||
*.o
|
||||
*.a
|
||||
*.so
|
||||
|
||||
# Folders
|
||||
_obj
|
||||
_test
|
||||
|
||||
# Architecture specific extensions/prefixes
|
||||
*.[568vq]
|
||||
[568vq].out
|
||||
|
||||
*.cgo1.go
|
||||
*.cgo2.c
|
||||
_cgo_defun.c
|
||||
_cgo_gotypes.go
|
||||
_cgo_export.*
|
||||
|
||||
_testmain.go
|
||||
|
||||
*.exe
|
||||
*.test
|
||||
*.prof
|
||||
+5
@@ -0,0 +1,5 @@
|
||||
sudo: false
|
||||
language: go
|
||||
|
||||
go:
|
||||
- 1.4
|
||||
+22
@@ -0,0 +1,22 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2015 Akshay Moghe
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
||||
+108
@@ -0,0 +1,108 @@
|
||||
go-crypt (`crypt`)
|
||||
==================
|
||||
|
||||
[](https://travis-ci.org/amoghe/go-crypt)
|
||||
|
||||
Package `crypt` provides go language wrappers around crypt(3). For further information on crypt see the
|
||||
[man page](http://man7.org/linux/man-pages/man3/crypt.3.html)
|
||||
|
||||
If you have questions about how to use crypt (the C function), it is likely this is not the package you
|
||||
are looking for.
|
||||
|
||||
**NOTE** Depending on the platform, this package provides a `Crypt` function that is backed by different
|
||||
flavors of the libc crypt. This is done by detecting the GOOS and trying to build using `crypt_r` (the GNU
|
||||
extension) when on linux, and wrapping around plain 'ol `crypt` (guarded by a global lock) otherwise.
|
||||
|
||||
Example
|
||||
-------
|
||||
```go
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/amoghe/go-crypt"
|
||||
)
|
||||
|
||||
func main() {
|
||||
md5, err := crypt.Crypt("password", "in")
|
||||
if err != nil {
|
||||
fmt.Errorf("error:", err)
|
||||
return
|
||||
}
|
||||
|
||||
sha512, err := crypt.Crypt("password", "$6$SomeSaltSomePepper$")
|
||||
if err != nil {
|
||||
fmt.Errorf("error:", err)
|
||||
return
|
||||
}
|
||||
|
||||
fmt.Println("MD5:", md5)
|
||||
fmt.Println("SHA512:", sha512)
|
||||
}
|
||||
```
|
||||
|
||||
A Note On "Salt"
|
||||
----------------
|
||||
|
||||
You can find out more about salt [here](https://en.wikipedia.org/wiki/Salt_(cryptography))
|
||||
|
||||
The hash algorithm can be selected via the salt string. Here is how to do it (relevant
|
||||
section from the man page):
|
||||
|
||||
```
|
||||
If salt is a character string starting with the characters
|
||||
"$id$" followed by a string terminated by "$":
|
||||
|
||||
$id$salt$encrypted
|
||||
|
||||
then instead of using the DES machine, id identifies the
|
||||
encryption method used and this then determines how the rest
|
||||
of the password string is interpreted. The following values
|
||||
of id are supported:
|
||||
|
||||
ID | Method
|
||||
─────────────────────────────────────────────────────────
|
||||
1 | MD5
|
||||
2a | Blowfish (not in mainline glibc; added in some
|
||||
| Linux distributions)
|
||||
5 | SHA-256 (since glibc 2.7)
|
||||
6 | SHA-512 (since glibc 2.7)
|
||||
|
||||
So $5$salt$encrypted is an SHA-256 encoded password and
|
||||
$6$salt$encrypted is an SHA-512 encoded one.
|
||||
|
||||
"salt" stands for the up to 16 characters following "$id$" in
|
||||
the salt. The encrypted part of the password string is the
|
||||
actual computed password. The size of this string is fixed:
|
||||
|
||||
MD5 | 22 characters
|
||||
SHA-256 | 43 characters
|
||||
SHA-512 | 86 characters
|
||||
```
|
||||
|
||||
Platforms
|
||||
---------
|
||||
|
||||
This package has been tested on the following platforms:
|
||||
- ubuntu 14.04.2 (libc 2.19)
|
||||
- ubuntu 12.04.5 (libc 2.15)
|
||||
- centos (libc 2.17)
|
||||
- fedora 22 (libc 2.21)
|
||||
|
||||
All the platforms tested on have GNU libc (with extensions) so that the GOOS=linux always
|
||||
compiles the reentrant versions of the crypt function (`crypt_r`), and exposes it to go land.
|
||||
|
||||
Other platforms (freebsd, netbsd) should also work (in theory) since their libc expose at least
|
||||
a posix compliant crypt function. On these platforms the fallback should compile and expose the
|
||||
'plain' (non reentrant, thus globally locked) crypt function.
|
||||
|
||||
Unfortunately, I do not have access to machines that run anything other than Linux, hence the other
|
||||
platforms have not been tested, however I believe they should work just fine. If you can verify this
|
||||
(or provide a patch that fixes this), I would be grateful.
|
||||
|
||||
TODO
|
||||
----
|
||||
* Find someone with access to *BSD system(s)
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
Released under the [MIT License](LICENSE)
|
||||
+59
@@ -0,0 +1,59 @@
|
||||
// +build freebsd netbsd
|
||||
|
||||
// Package crypt provides wrappers around functions available in crypt.h
|
||||
//
|
||||
// It wraps around the GNU specific extension (crypt) when the reentrant version
|
||||
// (crypt_r) is unavailable. The non-reentrant version is guarded by a global lock
|
||||
// so as to be safely callable from concurrent goroutines.
|
||||
package crypt
|
||||
|
||||
import (
|
||||
"sync"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
/*
|
||||
#cgo LDFLAGS: -lcrypt
|
||||
#define _GNU_SOURCE
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
*/
|
||||
import "C"
|
||||
|
||||
var (
|
||||
mu sync.Mutex
|
||||
)
|
||||
|
||||
// Crypt provides a wrapper around the glibc crypt() function.
|
||||
// For the meaning of the arguments, refer to the README.
|
||||
func Crypt(pass, salt string) (string, error) {
|
||||
c_pass := C.CString(pass)
|
||||
defer C.free(unsafe.Pointer(c_pass))
|
||||
|
||||
c_salt := C.CString(salt)
|
||||
defer C.free(unsafe.Pointer(c_salt))
|
||||
|
||||
mu.Lock()
|
||||
c_enc, err := C.crypt(c_pass, c_salt)
|
||||
mu.Unlock()
|
||||
|
||||
if c_enc == nil {
|
||||
return "", err
|
||||
}
|
||||
defer C.free(unsafe.Pointer(c_enc))
|
||||
|
||||
// From the crypt(3) man-page. Upon error, crypt_r writes an invalid
|
||||
// hashed passphrase to the output field of their data argument, and
|
||||
// crypt writes an invalid hash to its static storage area. This
|
||||
// string will be shorter than 13 characters, will begin with a ‘*’,
|
||||
// and will not compare equal to setting.
|
||||
hash := C.GoString(c_enc)
|
||||
if len(hash) > 0 && hash[0] == '*' {
|
||||
return "", err
|
||||
}
|
||||
|
||||
// Return nil error if the string is non-nil.
|
||||
// As per the errno.h manpage, functions are allowed to set errno
|
||||
// on success. Caller should ignore errno on success.
|
||||
return C.GoString(c_enc), err
|
||||
}
|
||||
+78
@@ -0,0 +1,78 @@
|
||||
// +build linux
|
||||
|
||||
// Package crypt provides wrappers around functions available in crypt.h
|
||||
//
|
||||
// It wraps around the GNU specific extension (crypt_r) when it is available
|
||||
// (i.e. where GOOS=linux). This makes the go function reentrant (and thus
|
||||
// callable from concurrent goroutines).
|
||||
package crypt
|
||||
|
||||
import (
|
||||
"syscall"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
/*
|
||||
#cgo LDFLAGS: -lcrypt
|
||||
|
||||
#define _GNU_SOURCE
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <crypt.h>
|
||||
|
||||
char *gnu_ext_crypt(char *pass, char *salt) {
|
||||
char *enc = NULL;
|
||||
char *ret = NULL;
|
||||
struct crypt_data data;
|
||||
data.initialized = 0;
|
||||
|
||||
enc = crypt_r(pass, salt, &data);
|
||||
if(enc == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = (char *)malloc(strlen(enc)+1); // for trailing null
|
||||
strncpy(ret, enc, strlen(enc));
|
||||
ret[strlen(enc)]= '\0'; // paranoid
|
||||
|
||||
return ret;
|
||||
}
|
||||
*/
|
||||
import "C"
|
||||
|
||||
// Crypt provides a wrapper around the glibc crypt_r() function.
|
||||
// For the meaning of the arguments, refer to the package README.
|
||||
func Crypt(pass, salt string) (string, error) {
|
||||
c_pass := C.CString(pass)
|
||||
defer C.free(unsafe.Pointer(c_pass))
|
||||
|
||||
c_salt := C.CString(salt)
|
||||
defer C.free(unsafe.Pointer(c_salt))
|
||||
|
||||
c_enc, err := C.gnu_ext_crypt(c_pass, c_salt)
|
||||
if c_enc == nil {
|
||||
return "", err
|
||||
}
|
||||
defer C.free(unsafe.Pointer(c_enc))
|
||||
|
||||
// From the crypt(3) man-page. Upon error, crypt_r writes an invalid
|
||||
// hashed passphrase to the output field of their data argument, and
|
||||
// crypt writes an invalid hash to its static storage area. This
|
||||
// string will be shorter than 13 characters, will begin with a ‘*’,
|
||||
// and will not compare equal to setting.
|
||||
hash := C.GoString(c_enc)
|
||||
if len(hash) > 0 && hash[0] == '*' {
|
||||
// Make sure we acutally return an error, musl e.g. does not
|
||||
// set errno in all cases here.
|
||||
if err == nil {
|
||||
err = syscall.EINVAL
|
||||
}
|
||||
return "", err
|
||||
}
|
||||
|
||||
// Return nil error if the string is non-nil.
|
||||
// As per the errno.h manpage, functions are allowed to set errno
|
||||
// on success. Caller should ignore errno on success.
|
||||
return hash, nil
|
||||
}
|
||||
+17
@@ -0,0 +1,17 @@
|
||||
// +build darwin windows
|
||||
|
||||
// Package crypt provides wrappers around functions available in crypt.h
|
||||
//
|
||||
// It wraps around the GNU specific extension (crypt) when the reentrant version
|
||||
// (crypt_r) is unavailable. The non-reentrant version is guarded by a global lock
|
||||
// so as to be safely callable from concurrent goroutines.
|
||||
package crypt
|
||||
|
||||
import (
|
||||
"errors"
|
||||
)
|
||||
|
||||
// Crypt does currently not provide an implementation for windows and darwin
|
||||
func Crypt(pass, salt string) (string, error) {
|
||||
return "", errors.New("unsupported platform")
|
||||
}
|
||||
+25
@@ -0,0 +1,25 @@
|
||||
// +build linux
|
||||
|
||||
package crypt
|
||||
|
||||
/*
|
||||
#include <features.h>
|
||||
#ifdef __GLIBC__
|
||||
#include <gnu/libc-version.h>
|
||||
unsigned int get_glibc_minor_version(void) {
|
||||
return __GLIBC_MINOR__;
|
||||
}
|
||||
#else
|
||||
unsigned int get_glibc_minor_version(void) {
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
*/
|
||||
import "C"
|
||||
|
||||
// This function is specific to the tests. It basically checks if
|
||||
// we're running with glibc and if the used glibc is new enough
|
||||
func checkGlibCVersion() bool {
|
||||
c_minor := C.get_glibc_minor_version()
|
||||
return c_minor >= 17
|
||||
}
|
||||
Reference in New Issue
Block a user