mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
Add NT-MTA-MD5 Support.
Based, in part, from ITS#1502 submission from John Morrissey. Copyright 2001, John Morrissey (jwm at horde dot net), All rights reserved. This is free software; you can redistribute and use it under the same terms as OpenLDAP itself.
This commit is contained in:
parent
4d8a2e2815
commit
11761fa6ca
@ -65,6 +65,7 @@
|
|||||||
#include <lber.h>
|
#include <lber.h>
|
||||||
|
|
||||||
#include "ldap_pvt.h"
|
#include "ldap_pvt.h"
|
||||||
|
#include "lber_pvt.h"
|
||||||
|
|
||||||
#include "lutil_md5.h"
|
#include "lutil_md5.h"
|
||||||
#include "lutil_sha1.h"
|
#include "lutil_sha1.h"
|
||||||
@ -124,6 +125,13 @@ static int chk_lanman(
|
|||||||
const struct berval *cred );
|
const struct berval *cred );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef SLAPD_NT_MTA_MD5
|
||||||
|
static int chk_nt_mta_md5(
|
||||||
|
const struct pw_scheme *scheme,
|
||||||
|
const struct berval *passwd,
|
||||||
|
const struct berval *cred );
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef SLAPD_SPASSWD
|
#ifdef SLAPD_SPASSWD
|
||||||
static int chk_sasl(
|
static int chk_sasl(
|
||||||
const struct pw_scheme *scheme,
|
const struct pw_scheme *scheme,
|
||||||
@ -193,29 +201,33 @@ static struct berval *hash_clear(
|
|||||||
static const struct pw_scheme pw_schemes[] =
|
static const struct pw_scheme pw_schemes[] =
|
||||||
{
|
{
|
||||||
#ifdef LUTIL_SHA1_BYTES
|
#ifdef LUTIL_SHA1_BYTES
|
||||||
{ {sizeof("{SSHA}")-1, "{SSHA}"}, chk_ssha1, hash_ssha1 },
|
{ BER_BVC("{SSHA}"), chk_ssha1, hash_ssha1 },
|
||||||
{ {sizeof("{SHA}")-1, "{SHA}"}, chk_sha1, hash_sha1 },
|
{ BER_BVC("{SHA}"), chk_sha1, hash_sha1 },
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
{ {sizeof("{SMD5}")-1, "{SMD5}"}, chk_smd5, hash_smd5 },
|
{ BER_BVC("{SMD5}"), chk_smd5, hash_smd5 },
|
||||||
{ {sizeof("{MD5}")-1, "{MD5}"}, chk_md5, hash_md5 },
|
{ BER_BVC("{MD5}"), chk_md5, hash_md5 },
|
||||||
|
|
||||||
#ifdef SLAPD_LMHASH
|
#ifdef SLAPD_LMHASH
|
||||||
{ {sizeof("{LANMAN}")-1, "{LANMAN}"}, chk_lanman, hash_lanman },
|
{ BER_BVC("{LANMAN}"), chk_lanman, hash_lanman },
|
||||||
#endif /* SLAPD_LMHASH */
|
#endif /* SLAPD_LMHASH */
|
||||||
|
|
||||||
|
#ifdef SLAPD_NT_MTA_MD5
|
||||||
|
{ BER_BVC("{NT-MTA-MD5}"), chk_nt_mta_md5, NULL },
|
||||||
|
#endif /* SLAPD_NT_MTA_MD5 */
|
||||||
|
|
||||||
#ifdef SLAPD_SPASSWD
|
#ifdef SLAPD_SPASSWD
|
||||||
{ {sizeof("{SASL}")-1, "{SASL}"}, chk_sasl, NULL },
|
{ BER_BVC("{SASL}"), chk_sasl, NULL },
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef SLAPD_KPASSWD
|
#ifdef SLAPD_KPASSWD
|
||||||
{ {sizeof("{KERBEROS}")-1, "{KERBEROS}"}, chk_kerberos, NULL },
|
{ BER_BVC("{KERBEROS}"), chk_kerberos, NULL },
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef SLAPD_CRYPT
|
#ifdef SLAPD_CRYPT
|
||||||
{ {sizeof("{CRYPT}")-1, "{CRYPT}"}, chk_crypt, hash_crypt },
|
{ BER_BVC("{CRYPT}"), chk_crypt, hash_crypt },
|
||||||
# if defined( HAVE_GETPWNAM ) && defined( HAVE_PW_PASSWD )
|
# if defined( HAVE_GETPWNAM ) && defined( HAVE_PW_PASSWD )
|
||||||
{ {sizeof("{UNIX}")-1, "{UNIX}"}, chk_unix, NULL },
|
{ BER_BVC("{UNIX}"), chk_unix, NULL },
|
||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -224,7 +236,7 @@ static const struct pw_scheme pw_schemes[] =
|
|||||||
{ {0, "{CLEARTEXT}"}, NULL, hash_clear },
|
{ {0, "{CLEARTEXT}"}, NULL, hash_clear },
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
{ {0, NULL}, NULL, NULL }
|
{ BER_BVNULL, NULL, NULL }
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct pw_scheme *get_scheme(
|
static const struct pw_scheme *get_scheme(
|
||||||
@ -625,6 +637,54 @@ static int chk_lanman(
|
|||||||
}
|
}
|
||||||
#endif /* SLAPD_LMHASH */
|
#endif /* SLAPD_LMHASH */
|
||||||
|
|
||||||
|
#ifdef SLAPD_NT_MTA_MD5
|
||||||
|
static int chk_nt_mta_md5(
|
||||||
|
const struct pw_scheme *scheme,
|
||||||
|
const struct berval *passwd,
|
||||||
|
const struct berval *cred )
|
||||||
|
{
|
||||||
|
lutil_MD5_CTX MD5context;
|
||||||
|
unsigned char MD5digest[LUTIL_MD5_BYTES], c;
|
||||||
|
char buffer[LUTIL_MD5_BYTES + LUTIL_MD5_BYTES + 1];
|
||||||
|
int i;
|
||||||
|
|
||||||
|
/* hash credentials with salt */
|
||||||
|
lutil_MD5Init(&MD5context);
|
||||||
|
lutil_MD5Update(&MD5context,
|
||||||
|
(const unsigned char *) &passwd->bv_val[32],
|
||||||
|
32 );
|
||||||
|
|
||||||
|
c = 0x59;
|
||||||
|
lutil_MD5Update(&MD5context,
|
||||||
|
(const unsigned char *) &c,
|
||||||
|
1 );
|
||||||
|
|
||||||
|
lutil_MD5Update(&MD5context,
|
||||||
|
(const unsigned char *) cred->bv_val,
|
||||||
|
cred->bv_len );
|
||||||
|
|
||||||
|
c = 0xF7;
|
||||||
|
lutil_MD5Update(&MD5context,
|
||||||
|
(const unsigned char *) &c,
|
||||||
|
1 );
|
||||||
|
|
||||||
|
lutil_MD5Update(&MD5context,
|
||||||
|
(const unsigned char *) &passwd->bv_val[32],
|
||||||
|
32 );
|
||||||
|
|
||||||
|
lutil_MD5Final(MD5digest, &MD5context);
|
||||||
|
|
||||||
|
for( i=0; i < sizeof( MD5digest ); i++ ) {
|
||||||
|
buffer[i+i] = "0123456789abcdef"[(MD5digest[i]>>4) & 0x0F];
|
||||||
|
buffer[i+i+1] = "0123456789abcdef"[ MD5digest[i] & 0x0F];
|
||||||
|
}
|
||||||
|
|
||||||
|
/* compare */
|
||||||
|
return memcmp((char *)passwd->bv_val, (char *)buffer, sizeof(buffer))
|
||||||
|
? 1 : 0;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef SLAPD_SPASSWD
|
#ifdef SLAPD_SPASSWD
|
||||||
#ifdef HAVE_CYRUS_SASL
|
#ifdef HAVE_CYRUS_SASL
|
||||||
sasl_conn_t *lutil_passwd_sasl_conn = NULL;
|
sasl_conn_t *lutil_passwd_sasl_conn = NULL;
|
||||||
@ -1266,4 +1326,3 @@ static struct berval *hash_clear(
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user