split crypt_checkpass off into a new file

Author: tedu

lib/libc/crypt/Makefile.inc

@@ -1,15 +1,15 @@
-#$OpenBSD: Makefile.inc,v 1.23 2014/11/18 22:17:50 jmc Exp $
+#$OpenBSD: Makefile.inc,v 1.24 2014/11/20 19:18:25 tedu Exp $
 
 .PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/crypt ${LIBCSRCDIR}/crypt
 
 SRCS+=	crypt.c crypt2.c cryptutil.c arc4random.c arc4random_uniform.c \
 blowfish.c bcrypt.c
 
-MAN+=	crypt.3 blowfish.3 arc4random.3
-MLINKS+=crypt.3 setkey.3 crypt.3 crypt_checkpass.3
-MLINKS+=crypt.3 crypt_newhash.3 crypt.3 encrypt.3
+MAN+=	crypt.3 crypt_checkpass.3 blowfish.3 arc4random.3
+MLINKS+=crypt.3 setkey.3 crypt.3 encrypt.3
 MLINKS+=crypt.3 des_setkey.3 crypt.3 des_cipher.3
 MLINKS+=crypt.3 bcrypt_gensalt.3 crypt.3 bcrypt.3
+MLINKS+=crypt_checkpass.3 crypt_newhash.3
 MLINKS+=blowfish.3 blf_key.3 blowfish.3 blf_enc.3
 MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3
 MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3

lib/libc/crypt/crypt.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: crypt.3,v 1.40 2014/11/18 22:17:50 jmc Exp $
+.\" $OpenBSD: crypt.3,v 1.41 2014/11/20 19:18:25 tedu Exp $
 .\"
 .\" FreeSec: libcrypt
 .\"
@@ -31,13 +31,11 @@
 .\"
 .\" Manual page, using -mandoc macros
 .\"
-.Dd $Mdocdate: November 18 2014 $
+.Dd $Mdocdate: November 20 2014 $
 .Dt CRYPT 3
 .Os
 .Sh NAME
 .Nm crypt ,
-.Nm crypt_checkpass ,
-.Nm crypt_newhash ,
 .Nm setkey ,
 .Nm encrypt ,
 .Nm des_setkey ,
@@ -54,10 +52,6 @@
 .Ft char *
 .Fn crypt "const char *key" "const char *setting"
 .Ft int
-.Fn crypt_checkpass "const char *password" "const char *hash"
-.Ft int
-.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
-.Ft int
 .Fn encrypt "char *block" "int flag"
 .Ft int
 .Fn des_setkey "const char *key"
@@ -69,6 +63,11 @@
 .Ft char *
 .Fn bcrypt "const char *key" "const char *salt"
 .Sh DESCRIPTION
+These functions are deprecated in favor of
+.Xr crypt_checkpass 3
+and
+.Xr crypt_newhash 3 .
+.Pp
 The
 .Fn crypt
 function performs password hashing based on the
@@ -94,30 +93,6 @@ and a number then a different algorithm is used depending on the number.
 At the moment
 .Ql $2
 chooses Blowfish hashing; see below for more information.
-.Pp
-The
-.Fn crypt_checkpass
-function is provided to simplify checking a user's password.
-If both the hash and the password are the empty string, authentication
-is a success.
-Otherwise, the password is hashed and compared to the provided hash.
-If the hash is NULL, authentication will always fail, but a default
-amount of work is performed to simulate the hashing operation.
-A successful match will return 0.
-A failure will return \-1 and set errno.
-.Pp
-The
-.Fn crypt_newhash
-function is provided to simplify the creation of new password hashes.
-The provided
-.Fa password
-is randomly salted and hashed and stored in
-.Fa hash .
-The login class argument
-.Fa lc
-is used to identify the preferred hashing algorithm and parameters.
-Refer to
-.Xr login.conf 5 .
 .Ss Extended crypt
 The
 .Ar key
@@ -298,6 +273,7 @@ return 0 on success and 1 on failure.
 .Xr login 1 ,
 .Xr passwd 1 ,
 .Xr blowfish 3 ,
+.Xr crypt_checkpass 3 ,
 .Xr getpass 3 ,
 .Xr md5 3 ,
 .Xr passwd 5

lib/libc/crypt/crypt_checkpass.3

@@ -0,0 +1,61 @@
+.\" $OpenBSD: crypt_checkpass.3,v 1.1 2014/11/20 19:18:25 tedu Exp $
+.\"
+.\" Copyright (c) Ted Unangst <tedu@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: November 20 2014 $
+.Dt CRYPT_CHECKPASS 3
+.Os
+.Sh NAME
+.Nm crypt_checkpass ,
+.Nm crypt_newhash
+.Nd password hashing
+.Sh SYNOPSIS
+.In unistd.h
+.Ft int
+.Fn crypt_checkpass "const char *password" "const char *hash"
+.In login_cap.h
+.Ft int
+.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
+.Sh DESCRIPTION
+The
+.Fn crypt_checkpass
+function is provided to simplify checking a user's password.
+If both the hash and the password are the empty string, authentication
+is a success.
+Otherwise, the password is hashed and compared to the provided hash.
+If the hash is NULL, authentication will always fail, but a default
+amount of work is performed to simulate the hashing operation.
+A successful match will return 0.
+A failure will return \-1 and set errno.
+.Pp
+The
+.Fn crypt_newhash
+function is provided to simplify the creation of new password hashes.
+The provided
+.Fa password
+is randomly salted and hashed and stored in
+.Fa hash .
+The login class argument
+.Fa lc
+is used to identify the preferred hashing algorithm and parameters.
+Refer to
+.Xr login.conf 5 .
+.Sh RETURN VALUES
+These functions
+return 0 on success and -1 on failure.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr login.conf 5 ,
+.Xr passwd 5