ceb09b
# ./pullrev.sh 1861793 1862611 1862612
ceb09b
http://svn.apache.org/viewvc?view=revision&revision=1861793
ceb09b
http://svn.apache.org/viewvc?view=revision&revision=1862611
ceb09b
http://svn.apache.org/viewvc?view=revision&revision=1862612
ceb09b
http://svn.apache.org/viewvc?view=revision&revision=1862724
ceb09b
ceb09b
--- httpd-2.4.6/configure.in.r1861793+
ceb09b
+++ httpd-2.4.6/configure.in
ceb09b
@@ -464,6 +464,28 @@
ceb09b
 AC_SEARCH_LIBS(crypt, crypt)
ceb09b
 CRYPT_LIBS="$LIBS"
ceb09b
 APACHE_SUBST(CRYPT_LIBS)
ceb09b
+
ceb09b
+if test "$ac_cv_search_crypt" != "no"; then
ceb09b
+   # Test crypt() with the SHA-512 test vector from https://akkadia.org/drepper/SHA-crypt.txt
ceb09b
+   AC_CACHE_CHECK([whether crypt() supports SHA-2], [ap_cv_crypt_sha2], [
ceb09b
+    AC_RUN_IFELSE([AC_LANG_PROGRAM([[
ceb09b
+#include <crypt.h>
ceb09b
+#include <stdlib.h>
ceb09b
+#include <string.h>
ceb09b
+
ceb09b
+#define PASSWD_0 "Hello world!"
ceb09b
+#define SALT_0 "\$6\$saltstring"
ceb09b
+#define EXPECT_0 "\$6\$saltstring\$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJu" \
ceb09b
+               "esI68u4OTLiBFdcbYEdFCoEOfaS35inz1"
ceb09b
+]], [char *result = crypt(PASSWD_0, SALT_0);
ceb09b
+     if (!result) return 1;
ceb09b
+     if (strcmp(result, EXPECT_0)) return 2;
ceb09b
+])], [ap_cv_crypt_sha2=yes], [ap_cv_crypt_sha2=no])])
ceb09b
+   if test "$ap_cv_crypt_sha2" = yes; then
ceb09b
+     AC_DEFINE([HAVE_CRYPT_SHA2], 1, [Define if crypt() supports SHA-2 hashes])
ceb09b
+   fi
ceb09b
+fi
ceb09b
+
ceb09b
 LIBS="$saved_LIBS"
ceb09b
 
ceb09b
 dnl See Comment #Spoon
ceb09b
--- httpd-2.4.6/docs/man/htpasswd.1.r1861793+
ceb09b
+++ httpd-2.4.6/docs/man/htpasswd.1
ceb09b
@@ -27,16 +27,16 @@
ceb09b
 .SH "SYNOPSIS"
ceb09b
  
ceb09b
 .PP
ceb09b
-\fBhtpasswd\fR [ -\fBc\fR ] [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR
ceb09b
+\fBhtpasswd\fR [ -\fBc\fR ] [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBr\fR \fIrounds\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR
ceb09b
  
ceb09b
 .PP
ceb09b
-\fBhtpasswd\fR -\fBb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR \fIpassword\fR
ceb09b
+\fBhtpasswd\fR -\fBb\fR [ -\fBc\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBr\fR \fIrounds\fR ] [ -\fBC\fR \fIcost\fR ] [ -\fBD\fR ] [ -\fBv\fR ] \fIpasswdfile\fR \fIusername\fR \fIpassword\fR
ceb09b
  
ceb09b
 .PP
ceb09b
-\fBhtpasswd\fR -\fBn\fR [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR
ceb09b
+\fBhtpasswd\fR -\fBn\fR [ -\fBi\fR ] [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBr\fR \fIrounds\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR
ceb09b
  
ceb09b
 .PP
ceb09b
-\fBhtpasswd\fR -\fBnb\fR [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR \fIpassword\fR
ceb09b
+\fBhtpasswd\fR -\fBnb\fR [ -\fBm\fR | -\fBB\fR | -\fBd\fR | -\fBs\fR | -\fBp\fR ] [ -\fBr\fR \fIrounds\fR ] [ -\fBC\fR \fIcost\fR ] \fIusername\fR \fIpassword\fR
ceb09b
  
ceb09b
 
ceb09b
 .SH "SUMMARY"
ceb09b
@@ -48,7 +48,7 @@
ceb09b
 Resources available from the Apache HTTP server can be restricted to just the users listed in the files created by htpasswd\&. This program can only manage usernames and passwords stored in a flat-file\&. It can encrypt and display password information for use in other types of data stores, though\&. To use a DBM database see dbmmanage or htdbm\&.
ceb09b
  
ceb09b
 .PP
ceb09b
-htpasswd encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's crypt() routine\&. Files managed by htpasswd may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-encrypted passwords while others in the same file may have passwords encrypted with crypt()\&.
ceb09b
++\fBhtpasswd\fR encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA-1, or the system's \fBcrypt()\fR routine\&. SHA-2-based hashes (SHA-256 and SHA-512) are supported for \fBcrypt()\fR\&. Files managed by \fBhtpasswd\fR may contain a mixture of different encoding types of passwords; some user records may have bcrypt or MD5-encrypted passwords while others in the same file may have passwords encrypted with \fBcrypt()\fR\&.
ceb09b
  
ceb09b
 .PP
ceb09b
 This manual page only lists the command line arguments\&. For details of the directives necessary to configure user authentication in httpd see the Apache manual, which is part of the Apache distribution or can be found at http://httpd\&.apache\&.org/\&.
ceb09b
@@ -73,17 +73,26 @@
ceb09b
 -m
ceb09b
 Use MD5 encryption for passwords\&. This is the default (since version 2\&.2\&.18)\&.  
ceb09b
 .TP
ceb09b
+-2
ceb09b
+Use SHA-256 \fBcrypt()\fR based hashes for passwords\&. This is supported on most Unix platforms\&.  
ceb09b
+.TP
ceb09b
+-5
ceb09b
+Use SHA-512 \fBcrypt()\fR based hashes for passwords\&. This is supported on most Unix platforms\&.  
ceb09b
+.TP
ceb09b
 -B
ceb09b
 Use bcrypt encryption for passwords\&. This is currently considered to be very secure\&.  
ceb09b
 .TP
ceb09b
 -C
ceb09b
 This flag is only allowed in combination with -B (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&.  
ceb09b
 .TP
ceb09b
+-r
ceb09b
+This flag is only allowed in combination with \fB-2\fR or \fB-5\fR\&. It sets the number of hash rounds used for the SHA-2 algorithms (higher is more secure but slower; the default is 5,000)\&.  
ceb09b
+.TP
ceb09b
 -d
ceb09b
 Use crypt() encryption for passwords\&. This is not supported by the httpd server on Windows and Netware\&. This algorithm limits the password length to 8 characters\&. This algorithm is \fBinsecure\fR by today's standards\&. It used to be the default algorithm until version 2\&.2\&.17\&.  
ceb09b
 .TP
ceb09b
 -s
ceb09b
-Use SHA encryption for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&.  
ceb09b
+Use SHA-1 encryption for passwords\&. Facilitates migration from/to Netscape servers using the LDAP Directory Interchange Format (ldif)\&. This algorithm is \fBinsecure\fR by today's standards\&.  
ceb09b
 .TP
ceb09b
 -p
ceb09b
 Use plaintext passwords\&. Though htpasswd will support creation on all platforms, the httpd daemon will only accept plain text passwords on Windows and Netware\&.  
ceb09b
@@ -152,11 +161,14 @@
ceb09b
 When using the crypt() algorithm, note that only the first 8 characters of the password are used to form the password\&. If the supplied password is longer, the extra characters will be silently discarded\&.
ceb09b
  
ceb09b
 .PP
ceb09b
-The SHA encryption format does not use salting: for a given password, there is only one encrypted representation\&. The crypt() and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&.
ceb09b
+The SHA-1 encryption format does not use salting: for a given password, there is only one encrypted representation\&. The crypt() and MD5 formats permute the representation by prepending a random salt string, to make dictionary attacks against the passwords more difficult\&.
ceb09b
  
ceb09b
 .PP
ceb09b
-The SHA and crypt() formats are insecure by today's standards\&.
ceb09b
- 
ceb09b
+The SHA-1 and crypt() formats are insecure by today's standards\&.
ceb09b
+
ceb09b
+.PP
ceb09b
+The SHA-2-based \fBcrypt()\fR formats (SHA-256 and SHA-512) are supported on most modern Unix systems, and follow the specification at https://www\&.akkadia\&.org/drepper/SHA-crypt\&.txt\&
ceb09b
+
ceb09b
 .SH "RESTRICTIONS"
ceb09b
  
ceb09b
 .PP
ceb09b
--- httpd-2.4.6/support/htpasswd.c.r1861793+
ceb09b
+++ httpd-2.4.6/support/htpasswd.c
ceb09b
@@ -93,28 +93,32 @@
ceb09b
 static void usage(void)
ceb09b
 {
ceb09b
     apr_file_printf(errfile, "Usage:" NL
ceb09b
-        "\thtpasswd [-cimBdpsDv] [-C cost] passwordfile username" NL
ceb09b
-        "\thtpasswd -b[cmBdpsDv] [-C cost] passwordfile username password" NL
ceb09b
+        "\thtpasswd [-cimB25dpsDv] [-C cost] [-r rounds] passwordfile username" NL
ceb09b
+        "\thtpasswd -b[cmB25dpsDv] [-C cost] [-r rounds] passwordfile username password" NL
ceb09b
         NL
ceb09b
-        "\thtpasswd -n[imBdps] [-C cost] username" NL
ceb09b
-        "\thtpasswd -nb[mBdps] [-C cost] username password" NL
ceb09b
+        "\thtpasswd -n[imB25dps] [-C cost] [-r rounds] username" NL
ceb09b
+        "\thtpasswd -nb[mB25dps] [-C cost] [-r rounds] username password" NL
ceb09b
         " -c  Create a new file." NL
ceb09b
         " -n  Don't update file; display results on stdout." NL
ceb09b
         " -b  Use the password from the command line rather than prompting "
ceb09b
             "for it." NL
ceb09b
         " -i  Read password from stdin without verification (for script usage)." NL
ceb09b
         " -m  Force MD5 encryption of the password (default)." NL
ceb09b
-        " -B  Force bcrypt encryption of the password (very secure)." NL
ceb09b
+        " -2  Force SHA-256 crypt() hash of the password (secure)." NL
ceb09b
+        " -5  Force SHA-512 crypt() hash of the password (secure)." NL
ceb09b
+        " -B  Force bcrypt aencryption of the password (very secure)." NL
ceb09b
         " -C  Set the computing time used for the bcrypt algorithm" NL
ceb09b
         "     (higher is more secure but slower, default: %d, valid: 4 to 31)." NL
ceb09b
+        " -r  Set the number of rounds used for the SHA-256, SHA-512 algorithms" NL
ceb09b
+        "     (higher is more secure but slower, default: 5000)." NL
ceb09b
         " -d  Force CRYPT encryption of the password (8 chars max, insecure)." NL
ceb09b
-        " -s  Force SHA encryption of the password (insecure)." NL
ceb09b
+        " -s  Force SHA-1 encryption of the password (insecure)." NL
ceb09b
         " -p  Do not encrypt the password (plaintext, insecure)." NL
ceb09b
         " -D  Delete the specified user." NL
ceb09b
         " -v  Verify password for the specified user." NL
ceb09b
         "On other systems than Windows and NetWare the '-p' flag will "
ceb09b
             "probably not work." NL
ceb09b
-        "The SHA algorithm does not use a salt and is less secure than the "
ceb09b
+        "The SHA-1 algorithm does not use a salt and is less secure than the "
ceb09b
             "MD5 algorithm." NL,
ceb09b
         BCRYPT_DEFAULT_COST
ceb09b
     );
ceb09b
@@ -173,7 +177,7 @@
ceb09b
     if (rv != APR_SUCCESS)
ceb09b
         exit(ERR_SYNTAX);
ceb09b
 
ceb09b
-    while ((rv = apr_getopt(state, "cnmspdBbDiC:v", &opt, &opt_arg)) == APR_SUCCESS) {
ceb09b
+    while ((rv = apr_getopt(state, "cnmspdBbDi25C:r:v", &opt, &opt_arg)) == APR_SUCCESS) {
ceb09b
         switch (opt) {
ceb09b
         case 'c':
ceb09b
             *mask |= APHTP_NEWFILE;
ceb09b
--- httpd-2.4.6/support/passwd_common.c.r1861793+
ceb09b
+++ httpd-2.4.6/support/passwd_common.c
ceb09b
@@ -185,10 +185,15 @@
ceb09b
 #if CRYPT_ALGO_SUPPORTED
ceb09b
     char *cbuf;
ceb09b
 #endif
ceb09b
+#ifdef HAVE_CRYPT_SHA2
ceb09b
+    const char *setting;
ceb09b
+    char method;
ceb09b
+#endif
ceb09b
 
ceb09b
-    if (ctx->cost != 0 && ctx->alg != ALG_BCRYPT) {
ceb09b
+    if (ctx->cost != 0 && ctx->alg != ALG_BCRYPT
ceb09b
+        && ctx->alg != ALG_CRYPT_SHA256 && ctx->alg != ALG_CRYPT_SHA512 ) {
ceb09b
         apr_file_printf(errfile,
ceb09b
-                        "Warning: Ignoring -C argument for this algorithm." NL);
ceb09b
+                        "Warning: Ignoring -C/-r argument for this algorithm." NL);
ceb09b
     }
ceb09b
 
ceb09b
     if (ctx->passwd == NULL) {
ceb09b
@@ -246,6 +251,34 @@
ceb09b
         break;
ceb09b
 #endif /* CRYPT_ALGO_SUPPORTED */
ceb09b
 
ceb09b
+#ifdef HAVE_CRYPT_SHA2
ceb09b
+    case ALG_CRYPT_SHA256:
ceb09b
+    case ALG_CRYPT_SHA512:
ceb09b
+        ret = generate_salt(salt, 16, &ctx->errstr, ctx->pool);
ceb09b
+        if (ret != 0)
ceb09b
+            break;
ceb09b
+
ceb09b
+        method = ctx->alg == ALG_CRYPT_SHA256 ? '5': '6';
ceb09b
+
ceb09b
+        if (ctx->cost) 
ceb09b
+            setting = apr_psprintf(ctx->pool, "$%c$rounds=%d$%s",
ceb09b
+                                   method, ctx->cost, salt);
ceb09b
+        else
ceb09b
+            setting = apr_psprintf(ctx->pool, "$%c$%s",
ceb09b
+                                   method, salt);
ceb09b
+
ceb09b
+        cbuf = crypt(pw, setting);
ceb09b
+        if (cbuf == NULL) {
ceb09b
+            rv = APR_FROM_OS_ERROR(errno);
ceb09b
+            ctx->errstr = apr_psprintf(ctx->pool, "crypt() failed: %pm", &rv;;
ceb09b
+            ret = ERR_PWMISMATCH;
ceb09b
+            break;
ceb09b
+        }
ceb09b
+
ceb09b
+        apr_cpystrn(ctx->out, cbuf, ctx->out_len - 1);
ceb09b
+        break;
ceb09b
+#endif /* HAVE_CRYPT_SHA2 */
ceb09b
+
ceb09b
 #if BCRYPT_ALGO_SUPPORTED
ceb09b
     case ALG_BCRYPT:
ceb09b
         rv = apr_generate_random_bytes((unsigned char*)salt, 16);
ceb09b
@@ -294,6 +327,19 @@
ceb09b
     case 's':
ceb09b
         ctx->alg = ALG_APSHA;
ceb09b
         break;
ceb09b
+#ifdef HAVE_CRYPT_SHA2
ceb09b
+    case '2':
ceb09b
+        ctx->alg = ALG_CRYPT_SHA256;
ceb09b
+        break;
ceb09b
+    case '5':
ceb09b
+        ctx->alg = ALG_CRYPT_SHA512;
ceb09b
+        break;
ceb09b
+#else
ceb09b
+    case '2':
ceb09b
+    case '5':
ceb09b
+        ctx->errstr = "SHA-2 crypt() algorithms are not supported on this platform.";
ceb09b
+        return ERR_ALG_NOT_SUPP;
ceb09b
+#endif
ceb09b
     case 'p':
ceb09b
         ctx->alg = ALG_PLAIN;
ceb09b
 #if !PLAIN_ALGO_SUPPORTED
ceb09b
@@ -324,11 +370,12 @@
ceb09b
         return ERR_ALG_NOT_SUPP;
ceb09b
 #endif
ceb09b
         break;
ceb09b
-    case 'C': {
ceb09b
+    case 'C':
ceb09b
+    case 'r': {
ceb09b
             char *endptr;
ceb09b
             long num = strtol(opt_arg, &endptr, 10);
ceb09b
             if (*endptr != '\0' || num <= 0) {
ceb09b
-                ctx->errstr = "argument to -C must be a positive integer";
ceb09b
+                ctx->errstr = "argument to -C/-r must be a positive integer";
ceb09b
                 return ERR_SYNTAX;
ceb09b
             }
ceb09b
             ctx->cost = num;
ceb09b
--- httpd-2.4.6/support/passwd_common.h.r1861793+
ceb09b
+++ httpd-2.4.6/support/passwd_common.h
ceb09b
@@ -28,6 +28,8 @@
ceb09b
 #include "apu_version.h"
ceb09b
 #endif
ceb09b
 
ceb09b
+#include "ap_config_auto.h"
ceb09b
+
ceb09b
 #define MAX_STRING_LEN 256
ceb09b
 
ceb09b
 #define ALG_PLAIN 0
ceb09b
@@ -35,6 +37,8 @@
ceb09b
 #define ALG_APMD5 2
ceb09b
 #define ALG_APSHA 3
ceb09b
 #define ALG_BCRYPT 4
ceb09b
+#define ALG_CRYPT_SHA256 5
ceb09b
+#define ALG_CRYPT_SHA512 6
ceb09b
 
ceb09b
 #define BCRYPT_DEFAULT_COST 5
ceb09b
 
ceb09b
@@ -79,7 +83,7 @@
ceb09b
     apr_size_t      out_len;
ceb09b
     char            *passwd;
ceb09b
     int             alg;
ceb09b
-    int             cost;
ceb09b
+    int             cost; /* cost for bcrypt, rounds for SHA-2 */
ceb09b
     enum {
ceb09b
         PW_PROMPT = 0,
ceb09b
         PW_ARG,