]>
Commit | Line | Data |
---|---|---|
d93ca823 | 1 | diff -urN cyrus-sasl-2.1.21.orig/lib/checkpw.c cyrus-sasl-2.1.21/lib/checkpw.c |
2 | --- cyrus-sasl-2.1.21.orig/lib/checkpw.c 2005-08-24 11:36:23.000000000 +0200 | |
3 | +++ cyrus-sasl-2.1.21/lib/checkpw.c 2005-08-24 11:36:07.000000000 +0200 | |
4 | @@ -103,10 +103,12 @@ | |
5 | #define PASSWORD_FORMAT_CLEARTEXT 1 | |
6 | #define PASSWORD_FORMAT_CRYPT 2 | |
7 | #define PASSWORD_FORMAT_CRYPTTRAD 3 | |
8 | +#define PASSWORD_FORMAT_MD5 4 | |
9 | #define PASSWORD_SALT_BUF_LEN 22 | |
10 | ||
11 | /* weeds out crypt(3) password's salt */ | |
12 | int _sasl_get_salt (char *dest, char *src, int format); | |
13 | +const char *_sasl_md5sum(const char *src); | |
14 | ||
15 | /****************************** | |
16 | * crypt(3) patch stop * | |
17 | @@ -192,6 +194,9 @@ | |
18 | /* traditional crypt(3) */ | |
19 | else if (strncmp(p, "crypt_trad", 11) == 0) | |
20 | password_format = PASSWORD_FORMAT_CRYPTTRAD; | |
21 | + /* md5sum like hash */ | |
22 | + else if (strncmp(p, "md5", 11) == 0) | |
23 | + password_format = PASSWORD_FORMAT_MD5; | |
24 | /* cleartext password */ | |
25 | else | |
26 | password_format = PASSWORD_FORMAT_CLEARTEXT; | |
27 | @@ -250,13 +255,20 @@ | |
28 | _sasl_get_salt(salt, (char *) auxprop_values[0].values[0], password_format); | |
29 | ||
30 | /* crypt(3)-ed password? */ | |
31 | - if (password_format != PASSWORD_FORMAT_CLEARTEXT) { | |
32 | + if (password_format == PASSWORD_FORMAT_CRYPT || password_format == PASSWORD_FORMAT_CRYPTTRAD) { | |
33 | /* compare password */ | |
34 | if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(crypt(passwd, salt), auxprop_values[0].values[0]) == 0) | |
35 | return SASL_OK; | |
36 | else | |
37 | ret = SASL_BADAUTH; | |
38 | } | |
39 | + /* md5 hash password */ | |
40 | + else if (password_format == PASSWORD_FORMAT_MD5) { | |
41 | + if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcasecmp(auxprop_values[0].values[0], _sasl_md5sum(passwd)) == 0) | |
42 | + return SASL_OK; | |
43 | + else | |
44 | + ret = SASL_BADAUTH; | |
45 | + } | |
46 | else if (password_format == PASSWORD_FORMAT_CLEARTEXT) { | |
47 | /* compare passwords */ | |
48 | if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(auxprop_values[0].values[0], passwd) == 0) | |
49 | @@ -1087,3 +1099,24 @@ | |
50 | return 1; | |
51 | } | |
52 | ||
53 | + | |
54 | +const char *_sasl_md5sum(const char *src) { | |
55 | + static char md5sum[33]; | |
56 | + const char hex[] = "0123456789abcdef"; | |
57 | + char md5[16]; | |
58 | + MD5_CTX ctx; | |
59 | + int i = 0; | |
60 | + int j = 0; | |
61 | + | |
62 | + _sasl_MD5Init(&ctx); | |
63 | + _sasl_MD5Update(&ctx, src, strlen(src)); | |
64 | + _sasl_MD5Final(&md5, &ctx); | |
65 | + | |
66 | + for(i=0; i<16; i++) { | |
67 | + md5sum[j++] = hex[md5[i] >> 4]; | |
68 | + md5sum[j++] = hex[md5[i] & 0x0F]; | |
69 | + } | |
70 | + | |
71 | + md5sum[j] = 0; | |
72 | + return(md5sum); | |
73 | +} |