1998-11-07 06:04:14 +08:00
|
|
|
/*
|
|
|
|
|
* lutil_password(credentials, password)
|
|
|
|
|
*
|
|
|
|
|
* Returns true if user supplied credentials matches
|
|
|
|
|
* the stored password.
|
|
|
|
|
*
|
|
|
|
|
* Due to the use of the crypt(3) function
|
|
|
|
|
* this routine is NOT thread-safe.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "portable.h"
|
|
|
|
|
|
|
|
|
|
#include <ac/string.h>
|
|
|
|
|
#include <ac/unistd.h>
|
|
|
|
|
|
|
|
|
|
#include "lutil_md5.h"
|
|
|
|
|
#include "lutil_sha1.h"
|
|
|
|
|
#include "lutil.h"
|
Protoized, moved extern definitions to .h files, fixed related bugs.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-16 06:40:11 +08:00
|
|
|
extern char *crypt (const char *, const char *);
|
1998-11-07 06:04:14 +08:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
lutil_passwd(
|
|
|
|
|
const char *cred,
|
|
|
|
|
const char *passwd)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
if (cred == NULL || passwd == NULL) {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) {
|
|
|
|
|
const char *p = passwd + (sizeof("{CRYPT}") - 1);
|
|
|
|
|
|
|
|
|
|
return( strcmp(p, crypt(cred, p)) != 0 );
|
|
|
|
|
|
|
|
|
|
} else if (strncasecmp(passwd, "{MD5}", sizeof("{MD5}") - 1) == 0 ) {
|
|
|
|
|
ldap_MD5_CTX MD5context;
|
|
|
|
|
unsigned char MD5digest[20];
|
|
|
|
|
char base64digest[29]; /* ceiling(sizeof(input)/3) * 4 + 1 */
|
|
|
|
|
|
|
|
|
|
const char *p = passwd + (sizeof("{MD5}") - 1);
|
|
|
|
|
|
|
|
|
|
ldap_MD5Init(&MD5context);
|
|
|
|
|
ldap_MD5Update(&MD5context,
|
|
|
|
|
cred, strlen(cred));
|
|
|
|
|
ldap_MD5Final(MD5digest, &MD5context);
|
|
|
|
|
|
|
|
|
|
if ( b64_ntop(MD5digest, sizeof(MD5digest),
|
|
|
|
|
base64digest, sizeof(base64digest)) < 0)
|
|
|
|
|
{
|
|
|
|
|
return ( 1 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return (strcmp(p, base64digest) != 0);
|
|
|
|
|
|
|
|
|
|
} else if (strncasecmp(passwd, "{SHA}",sizeof("{SHA}") - 1) == 0 ) {
|
|
|
|
|
ldap_SHA1_CTX SHA1context;
|
|
|
|
|
unsigned char SHA1digest[20];
|
|
|
|
|
char base64digest[29]; /* ceiling(sizeof(input)/3) * 4 + 1 */
|
|
|
|
|
const char *p = passwd + (sizeof("{SHA}") - 1);
|
|
|
|
|
|
|
|
|
|
ldap_SHA1Init(&SHA1context);
|
|
|
|
|
ldap_SHA1Update(&SHA1context,
|
|
|
|
|
(unsigned char *) cred, strlen(cred));
|
|
|
|
|
ldap_SHA1Final(SHA1digest, &SHA1context);
|
|
|
|
|
|
|
|
|
|
if (b64_ntop(SHA1digest, sizeof(SHA1digest),
|
|
|
|
|
base64digest, sizeof(base64digest)) < 0)
|
|
|
|
|
{
|
|
|
|
|
return ( 0 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( strcmp(p, base64digest) != 0 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( strcmp(passwd, cred) != 0 );
|
|
|
|
|
}
|
