config util UPDATE use random salt for generating passwords

Roytak · Roytak · commit 86eb6275676e · 2026-01-05T11:02:58.000+01:00
Using constant public salt is equivalent to using none,
so generate one each time
diff --git a/src/server_config_util_ssh.c b/src/server_config_util_ssh.c
@@ -495,15 +495,31 @@ _nc_server_config_add_ssh_user_password(const struct ly_ctx *ctx, const char *tr
         const char *password, struct lyd_node **config)
 {
     int ret = 0;
+    size_t i;
     char *hashed_pw = NULL;
-    const char *salt = "$6$idsizuippipk$";
+    char salt[3 /* "$6$" */ + 16 /* random chars */ + 1 /* trailing '$' */ + 1 /* NUL */];
     struct crypt_data *cdata = NULL;
-
-    NC_CHECK_ARG_RET(NULL, ctx, tree_path, password, config, 1);
+    unsigned char rnd[16];
+    static const char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
     cdata = calloc(1, sizeof *cdata);
     NC_CHECK_ERRMEM_GOTO(!cdata, ret = 1, cleanup);
 
+    /* generate a random salt compatible with crypt SHA-512: "$6$<salt>$" */
+    if (nc_tls_generate_random_bytes_wrap(rnd, sizeof rnd)) {
+        ret = 1;
+        goto cleanup;
+    }
+
+    salt[0] = '$';
+    salt[1] = '6';
+    salt[2] = '$';
+    for (i = 0; i < sizeof rnd; ++i) {
+        salt[3 + i] = itoa64[rnd[i] % 64];
+    }
+    salt[3 + sizeof rnd] = '$';
+    salt[3 + sizeof rnd + 1] = '\0';
+
     hashed_pw = crypt_r(password, salt, cdata);
     if (!hashed_pw) {
         ERR(NULL, "Hashing password failed (%s).", strerror(errno));
diff --git a/src/session_mbedtls.c b/src/session_mbedtls.c
@@ -2478,3 +2478,26 @@ nc_tls_keylog_session_wrap(void *session)
 {
     mbedtls_ssl_set_export_keys_cb(session, nc_tls_keylog_write_line, NULL);
 }
+
+int
+nc_tls_generate_random_bytes_wrap(void *buf, size_t num)
+{
+    int rc = 0;
+    mbedtls_ctr_drbg_context *ctr_drbg = NULL;
+    mbedtls_entropy_context *entropy = NULL;
+
+    rc = nc_tls_rng_new(&ctr_drbg, &entropy);
+    if (rc) {
+        goto cleanup;
+    }
+
+    rc = mbedtls_ctr_drbg_random(ctr_drbg, buf, num);
+    if (rc) {
+        nc_mbedtls_strerr(NULL, rc, "Creating random bytes failed");
+        goto cleanup;
+    }
+
+cleanup:
+    nc_tls_rng_destroy(ctr_drbg, entropy);
+    return rc;
+}
diff --git a/src/session_openssl.c b/src/session_openssl.c
@@ -40,6 +40,7 @@
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include <openssl/rand.h>
 #include <openssl/ssl.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
@@ -1975,3 +1976,14 @@ nc_tls_keylog_session_wrap(void *session)
 
     SSL_CTX_set_keylog_callback(ctx, nc_tls_keylog_write_line);
 }
+
+int
+nc_tls_generate_random_bytes_wrap(void *buf, size_t num)
+{
+    if (RAND_bytes(buf, (int)num) != 1) {
+        ERR(NULL, "Generating random bytes failed (%s).", ERR_reason_error_string(ERR_get_error()));
+        return 1;
+    }
+
+    return 0;
+}
diff --git a/src/session_wrapper.h b/src/session_wrapper.h
@@ -757,4 +757,13 @@ time_t nc_tls_get_cert_exp_time_wrap(void *cert);
  */
 void nc_tls_keylog_session_wrap(void *session);
 
+/**
+ * @brief Generate random bytes.
+ *
+ * @param[in] buf Buffer to fill with random bytes.
+ * @param[in] num Number of random bytes to generate. Caller is responsible for ensuring the buffer is large enough.
+ * @return 0 on success, 1 on error.
+ */
+int nc_tls_generate_random_bytes_wrap(void *buf, size_t num);
+
 #endif
