strict conversion

useradmin/md5-lib.pl

@@ -1,5 +1,9 @@
 # Functions for MD5 and SHA1 password encryption
 
+use strict;
+use warnings;
+our %config;
+
 # check_md5()
 # Returns a perl module name if the needed perl module(s) for MD5 encryption
 # are not installed, or undef if they are
@@ -23,9 +27,8 @@ return undef;
 # Returns a string encrypted in MD5 format
 sub encrypt_md5
 {
-local $passwd = $_[0];
-local $salt = $_[1];
-local $magic = '$1$';
+my ($passwd, $salt) = @_;
+my $magic = '$1$';
 if ($salt =~ /^\$1\$([^\$]+)/) {
 	# Extract actual salt from already encrypted password
 	$salt = $1;
@@ -42,7 +45,7 @@ if (&unix_crypt_supports_md5()) {
 	}
 
 # Add the password, magic and salt
-local $cls = "MD5";
+my $cls = "MD5";
 eval "use MD5";
 if ($@) {
 	$cls = "Digest::MD5";
@@ -51,26 +54,25 @@ if ($@) {
 		&error("Missing MD5 or Digest::MD5 perl modules");
 		}
 	}
-local $ctx = eval "new $cls";
+my $ctx = eval "new $cls";
 $ctx->add($passwd);
 $ctx->add($magic);
 $ctx->add($salt);
 
 # Add some more stuff from the hash of the password and salt
-local $ctx1 = eval "new $cls";
+my $ctx1 = eval "new $cls";
 $ctx1->add($passwd);
 $ctx1->add($salt);
 $ctx1->add($passwd);
-local $final = $ctx1->digest();
-for($pl=length($passwd); $pl>0; $pl-=16) {
+my $final = $ctx1->digest();
+for(my $pl=length($passwd); $pl>0; $pl-=16) {
 	$ctx->add($pl > 16 ? $final : substr($final, 0, $pl));
 	}
 
 # This piece of code seems rather pointless, but it's in the C code that
 # does MD5 in PAM so it has to go in!
-local $j = 0;
-local ($i, $l);
-for($i=length($passwd); $i; $i >>= 1) {
+my $j = 0;
+for(my $i=length($passwd); $i; $i >>= 1) {
 	if ($i & 1) {
 		$ctx->add("\0");
 		}
@@ -81,8 +83,8 @@ for($i=length($passwd); $i; $i >>= 1) {
 $final = $ctx->digest();
 
 # This loop exists only to waste time
-for($i=0; $i<1000; $i++) {
-	$ctx1 = eval "new $cls";
+for(my $i=0; $i<1000; $i++) {
+	my $ctx1 = eval "new $cls";
 	$ctx1->add($i & 1 ? $passwd : $final);
 	$ctx1->add($salt) if ($i % 3);
 	$ctx1->add($passwd) if ($i % 7);
@@ -91,9 +93,9 @@ for($i=0; $i<1000; $i++) {
 	}
 
 # Convert the 16-byte final string into a readable form
-local $rv = $magic.$salt.'$';
-local @final = map { ord($_) } split(//, $final);
-$l = ($final[ 0]<<16) + ($final[ 6]<<8) + $final[12];
+my $rv = $magic.$salt.'$';
+my @final = map { ord($_) } split(//, $final);
+my $l = ($final[ 0]<<16) + ($final[ 6]<<8) + $final[12];
 $rv .= &to64($l, 4);
 $l = ($final[ 1]<<16) + ($final[ 7]<<8) + $final[13];
 $rv .= &to64($l, 4);
@@ -118,11 +120,12 @@ my $newhash = eval { crypt('test', $hash) };
 return $newhash eq $hash;
 }
 
-@itoa64 = split(//, "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
+our @itoa64 = split(//, "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
+
 sub to64
 {
-local ($v, $n) = @_;
-local $r;
+my ($v, $n) = @_;
+my $r = "";
 while(--$n >= 0) {
         $r .= $itoa64[$v & 0x3f];
         $v >>= 6;
@@ -140,8 +143,8 @@ return $@ ? "Digest::SHA1" : undef;
 # Encrypts a password in SHA1 format
 sub encrypt_sha1
 {
-local $pass = $_[0];
-local $sh = eval "use Digest::SHA1 qw(sha1_base64);return sha1_base64(\$pass);";
+my ($pass) = @_;
+my $sh = eval "use Digest::SHA1 qw(sha1_base64);return sha1_base64(\$pass);";
 return "{SHA}$sh=";
 }
 
@@ -149,7 +152,7 @@ return "{SHA}$sh=";
 # Hashes a combined salt+password with SHA1, and returns it in hex. Used on OSX
 sub encrypt_sha1_hash
 {
-local ($pass, $salt) = @_;
+my ($pass, $salt) = @_;
 # XXX not done yet??
 }
 
@@ -165,8 +168,8 @@ return $@ ? "Crypt::Eksblowfish::Bcrypt" : undef;
 # Returns a string encrypted in blowfish format, suitable for /etc/shadow
 sub encrypt_blowfish
 {
-local ($passwd, $salt) = @_;
-local ($plain, $base64);
+my ($passwd, $salt) = @_;
+my ($plain, $base64) = ("", "");
 eval "use Crypt::Eksblowfish::Bcrypt";
 if ($salt !~ /^\$2a\$/) {
 	# Invalid salt for Blowfish
@@ -205,7 +208,7 @@ return &unix_crypt_supports_sha512() ? undef : 'Crypt::SHA';
 # Hashes a password, possibly with the give salt, with SHA512
 sub encrypt_sha512
 {
-local ($passwd, $salt) = @_;
+my ($passwd, $salt) = @_;
 $salt ||= '$6$'.substr(time(), -8).'$';
 return crypt($passwd, $salt);
 }
@@ -215,10 +218,10 @@ return crypt($passwd, $salt);
 # 0 otherwise. Tries all supported hashing schemes.
 sub validate_password
 {
-local ($passwd, $hash) = @_;
+my ($passwd, $hash) = @_;
 
 # Classic Unix crypt
-local $chash = eval {
+my $chash = eval {
 	local $main::error_must_die = 1;
 	&unix_crypt($passwd, $hash);
 	};
@@ -226,24 +229,24 @@ return 1 if ($chash eq $hash);
 
 # MD5
 if (!&check_md5()) {
-	local $mhash = &encrypt_md5($passwd, $hash);
+	my $mhash = &encrypt_md5($passwd, $hash);
 	return 1 if ($mhash eq $hash);
 	}
 
 # Blowfish
 if (!&check_blowfish()) {
-	local $mhash = &encrypt_blowfish($passwd, $hash);
+	my $mhash = &encrypt_blowfish($passwd, $hash);
 	return 1 if ($mhash eq $hash);
 	}
 
 # SHA1
 if (!&check_sha512()) {
-	local $shash = &encrypt_sha512($passwd, $hash);
+	my $shash = &encrypt_sha512($passwd, $hash);
 	return 1 if ($shash eq $hash);
 	}
 
 # Some other hashing, maybe supported by crypt
-local $ohash = eval { crypt($passwd, $hash) };
+my $ohash = eval { crypt($passwd, $hash) };
 return 1 if ($ohash eq $hash);
 
 return 0;
@@ -269,8 +272,9 @@ else {
 	}
 foreach my $f (@files) {
 	my $found = 0;
-	&open_readfile(WORDS, $f);
-	while(<WORDS>) {
+	my $fh = "WORDS";
+	&open_readfile($fh, $f);
+	while(<$fh>) {
 		s/#.*//;
 		s/\s//;
 		if (lc($_) eq $word) {
@@ -278,7 +282,7 @@ foreach my $f (@files) {
 			last;
 			}
 		}
-	close(WORDS);
+	close($fh);
 	return 1 if ($found);
 	}
 return 0;