Skip to content
Browse files

Fix error handling

The behaviour on error of crypt(3) is tricky. The only real error it can
return is {error,enosys} on platforms not supporting it (the old
implementation would have returned {error, {crypt, "enosys"}}).

Change the behaviour of the module to test for NULL before loading. If
there is any error, there is no point loading the library.

In the event of an error, the crypt implementation may choose to return
NULL (crypt/2 will throw a bad arg exception) or return a fixed string
(the caller will need to check for this case if it is a concern).
  • Loading branch information...
1 parent e167e73 commit 21a74d6715f625151011a4810012abddce26f37a @msantos committed Mar 14, 2012
Showing with 63 additions and 31 deletions.
  1. +54 −12
  2. +9 −19 c_src/crypt.c
@@ -1,21 +1,68 @@
+Wrapper around the system crypt(3) library for Erlang.
- Erlang R13B03 (erts-5.7.4) [source] [rq:1] [async-threads:0] [hipe] [kernel-poll:false]
+Which algorithms are supported by crypt are dependent on the system
+crypt(3) library. For example, Mac OS X only supports DES (booooooo!!!!).
+ crypt(Password, Salt) -> Crypted
+ Types Password = string()
+ Salt = string()
+ Crypted = string()
- Eshell V5.7.4 (abort with ^G)
+ Calls the system crypt(3) function with the provided arguments.
+ If crypt(3) is not supported by the OS, the crypt module will
+ fail to load.
+ Depending on your system crypt(3) library, errors may or may not
+ be returned. Some implementations return NULL. If this occurs,
+ crypt/2 will throw a bad arg exception. Other implementations
+ may choose to return a fixed string (if this is a concern,
+ the caller will need to test for this condition).
+ The NetBSD man page for crypt(3) summarizes the situation as:
+ The behavior of crypt() on errors isn't well standardized.
+ Some implementations simply can't fail (unless the process
+ dies, in which case they obviously can't return), others
+ return NULL or a fixed string. Most implementations
+ don't set errno, but some do. Version 2 of the Single
+ UNIX Specification (``SUSv2'') specifies only returning
+ NULL and setting errno as a valid behavior, and defines
+ only one possible error (ENOSYS, ``The functionality is
+ not supported on this implementation.'') Unfortunately,
+ most existing applications aren't prepared to handle NULL
+ returns from crypt(). The description below corresponds
+ to this implementation of crypt() only. The behavior may
+ change to match standards, other implementations or existing
+ applications.
+ crypt() may only fail (and return) when passed an invalid
+ or unsupported setting, in which case it returns a pointer
+ to a magic string that is shorter than 13 characters and is
+ guaranteed to differ from setting. This behavior is safe
+ for older applications which assume that crypt() can't fail,
+ when both setting new passwords and authenticating against
+ existing password hashes.
1> crypt:crypt("test","aa").
2> crypt:crypt("test","$1$aaaaaaaa").
3> crypt:crypt("test","$6$aaaaaaaa").
- 4>
-Which algorithms are supported by crypt are dependent on the system
-crypt(3) library. For example, Mac OS X only supports DES (booooooo!!!!).
+## TODO
1. What is the maximum password and salt length?
@@ -24,8 +71,3 @@ TODO
sysconf(\_SC\_PASS\_MAX) seems to return the limit on Solaris, but isn't
available on Ubuntu.
-2. Provide an erlang version of the crypt() interface.
-3. For systems that don't support MD5, maybe use openssl (see in openssl
- dist: apps/passwd.c).
28 c_src/crypt.c
@@ -30,18 +30,23 @@
#include "erl_nif.h"
+#include "erl_driver.h"
#include "crypt.h"
-static ERL_NIF_TERM error_message(ErlNifEnv *env, char *atom, char *err, char *msg);
+ static int
+load(ErlNifEnv* env, void** priv_data, ERL_NIF_TERM load_info)
+ return crypt("Test crypt() support", "xx") == NULL;
nif_crypt(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[])
char key[MAXBUFLEN];
char salt[MAXBUFLEN];
char *result = NULL;
- int rerrno = 0;
(void)memset(&key, '\0', sizeof(key));
(void)memset(&salt, '\0', sizeof(salt));
@@ -52,34 +57,19 @@ nif_crypt(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[])
if (enif_get_string(env, argv[SALT], salt, sizeof(salt), ERL_NIF_LATIN1) < 1)
return enif_make_badarg(env);
- errno = 0;
result = crypt(key, salt);
- rerrno = errno;
(void)memset(&key, '\0', sizeof(key));
if (result == NULL)
- return error_message(env, "error", "crypt", strerror(rerrno));
+ return enif_make_badarg(env);
return enif_make_string(env, result, ERL_NIF_LATIN1);
- static ERL_NIF_TERM
-error_message(ErlNifEnv *env, char *atom, char *err, char *msg)
- return enif_make_tuple(env, 2,
- enif_make_atom(env, atom),
- enif_make_tuple(env, 2,
- enif_make_atom(env, err),
- enif_make_string(env, msg, ERL_NIF_LATIN1)));
static ErlNifFunc nif_funcs[] = {
{"crypt", 2, nif_crypt}
-ERL_NIF_INIT(crypt, nif_funcs, NULL, NULL, NULL, NULL)
+ERL_NIF_INIT(crypt, nif_funcs, load, NULL, NULL, NULL)

0 comments on commit 21a74d6

Please sign in to comment.
Something went wrong with that request. Please try again.