Upgrading from older crypt() to v2019 crypt()

staun · April 17, 2020, 5:40am

Hey,

Just wanted to share that when upgrading from older FluffOS drivers you’ll be running old crypt() algorithms, so the upgrade will bring you into SHA512 country which will throw an error unless you handle it. Here’s a quick suggestion for doing that:

nomask int matches_password(string str)
{
   if (password[0..2] == "$6$") 
      return crypt(str, password) == password;
   else
   {
     if (oldcrypt(str, password) == password || crypt(str, password) == password)
      {
         write("(Upgrading your password hash to SHA512)\n");
         password = crypt(str);
         return 1;
      }
   }
   return 0;
}

nm0i · June 27, 2020, 4:01am

I hope this remains crypt(3) passthrough. We are using crypt() as cheap hash function not just for passwords, sha512 is rather expensive to be called for every hashing need.

staun · July 1, 2020, 8:57am

@nm0i Wouldn’t it be possible for you to just use the old_crypt() function? Or alternatively simul_efun the crypt() function and divert to efun::old_crypt() and efun::crypt() as appropriate?

nm0i · July 25, 2020, 10:51am

Yes, compability hacks are of course possible for now.

I understand desire to break compatibility and force old muds to upgrade their passwords shemas, but it is not the only thing crypt() passthrough can used for.

thefallentree · July 27, 2020, 3:51pm

crypt() is specifically for verifying password, if you need an specific hash algo you should be using EFUNS in crypto package