--- hashalot-0.3.orig/hashalot.1
+++ hashalot-0.3/hashalot.1
@@ -2,15 +2,19 @@
.SH NAME
hashalot \- read a passphrase and print a hash
.SH SYNOPSIS
-.B hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] HASHTYPE
+.B hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ] [ HASHTYPE ]
.br
-.B HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ]
+.B HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ]
.SH DESCRIPTION
.PP
\fIhashalot\fP is a small tool that reads a passphrase from standard
input, hashes it using the given hash type, and prints the result to
standard output.
.PP
+\fBWarning\fP: If you do not use the \fB\-x\fP option, the hash is
+printed in binary. This may wedge your terminal settings, or even force
+you to log out.
+.PP
Supported values for \fIHASHTYPE\fP:
.br
.RS 8
@@ -36,6 +40,12 @@
default is as appropriate for the specified hash algorithm: 20 bytes for
RIPEMD160, 32 bytes for SHA256, etc. The default for the "rmd160compat"
hash is 16 bytes, for compatibility with the old kerneli.org utilities.
+.PP
+The
+.B \-q
+option causes
+.B hashalot
+to be more quiet and not print some warnings which may be superfluous.
.SH AUTHOR
Ben Slusky <sluskyb@paranoiacs.org>
.PP
--- hashalot-0.3.orig/hashalot.c
+++ hashalot-0.3/hashalot.c
@@ -28,25 +28,28 @@
#include "rmd160.h"
#include "sha512.h"
-#define PASSWDBUFFLEN 130
-
typedef int (*phash_func_t)(char dest[], size_t dest_len, const char src[], size_t src_len);
+static void *
+xmalloc (size_t size);
+
static int
phash_rmd160(char dest[], size_t dest_len, const char src[], size_t src_len)
{
- char tmp[PASSWDBUFFLEN] = { 'A', 0, };
char key[RMD160_HASH_SIZE * 2] = { 0, };
+ char *tmp = xmalloc(src_len + 2);
+ tmp[0] = 'A';
+ tmp[1] = '\0';
- strncpy(tmp + 1, src, PASSWDBUFFLEN - 1);
- tmp[PASSWDBUFFLEN - 1] = '\0';
+ strncpy(tmp + 1, src, src_len);
+ tmp[src_len + 1] = '\0';
rmd160_hash_buffer(key, src, src_len);
- rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1 /* dangerous! */);
+ rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1);
memcpy(dest, key, dest_len);
- memset (tmp, 0, PASSWDBUFFLEN); /* paranoia */
+ memset (tmp, 0, src_len + 2); /* paranoia */
memset (key, 0, RMD160_HASH_SIZE * 2); /* paranoia */
return dest_len;
@@ -182,7 +185,7 @@
/* function to append a "salt" to the passphrase, to better resist
* dictionary attacks */
static char *
-salt_passphrase(char *pass, char *salt) {
+salt_passphrase(char *pass, const char *salt) {
char *buf = xmalloc(strlen(pass) + strlen(salt) + 1);
sprintf(buf, "%s%s", pass, salt);
@@ -213,8 +216,9 @@
size_t hashlen = 0;
phash_func_t func;
int hex_output = 0, c;
+ int quiet = 0;
- while ((c = getopt(argc, argv, "n:s:x")) != -1) {
+ while ((c = getopt(argc, argv, "n:s:qx")) != -1) {
switch (c) {
case 'n':
hashlen = strtoul(optarg, &p, 0);
@@ -229,6 +233,9 @@
case 's':
salt = optarg;
break;
+ case 'q':
+ quiet++;
+ break;
case 'x':
hex_output++;
break;
@@ -257,7 +264,7 @@
passhash = xmalloc(2*hashlen + 2);
/* try to lock memory so it doesn't get swapped out for sure */
- if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1) {
+ if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1 && !quiet) {
perror("mlockall");
fputs("Warning: couldn't lock memory, are you root?\n", stderr);
}
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)