X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=contrib%2Fslapd-modules%2Fpasswd%2Fapr1.c;h=ce7b8c76322f4cccff24ab225d1fb2a7b42af52f;hb=caf751fbb20fbccf535b900df1dabef0f40e0222;hp=f6697368122ccea72429742b9cd509a0b190518a;hpb=5d2a30c8605822139aba3dcea33aefd2ec2cd2bc;p=openldap diff --git a/contrib/slapd-modules/passwd/apr1.c b/contrib/slapd-modules/passwd/apr1.c index f669736812..ce7b8c7632 100644 --- a/contrib/slapd-modules/passwd/apr1.c +++ b/contrib/slapd-modules/passwd/apr1.c @@ -1,3 +1,4 @@ +/* $OpenLDAP$ */ /* * This file is derived from OpenLDAP Software. All of the modifications to * OpenLDAP Software represented in the following file were developed by @@ -8,12 +9,14 @@ * notice: * * Copyright 2011 Devin J. Pohly + * Portions Copyright 2011 Howard Chu * Redistribution and use in source and binary forms, with or without * modification, are permitted only as authorized by the OpenLDAP Public * License. * * A portion of this code is used in accordance with the Beer-ware License, * revision 42, as noted. + * */ #include #include @@ -23,9 +26,16 @@ #include +/* the only difference between this and straight PHK is the magic */ static LUTIL_PASSWD_CHK_FUNC chk_apr1; static LUTIL_PASSWD_HASH_FUNC hash_apr1; -static const struct berval scheme = BER_BVC("{APR1}"); +static const struct berval scheme_apr1 = BER_BVC("{APR1}"); +static const struct berval magic_apr1 = BER_BVC("$apr1$"); + +static LUTIL_PASSWD_CHK_FUNC chk_bsdmd5; +static LUTIL_PASSWD_HASH_FUNC hash_bsdmd5; +static const struct berval scheme_bsdmd5 = BER_BVC("{BSDMD5}"); +static const struct berval magic_bsdmd5 = BER_BVC("$1$"); static const unsigned char apr64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; @@ -41,9 +51,10 @@ static const unsigned char apr64[] = * this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp * ---------------------------------------------------------------------------- */ -static void do_apr_hash( +static void do_phk_hash( const struct berval *passwd, const struct berval *salt, + const struct berval *magic, unsigned char *digest) { lutil_MD5_CTX ctx, ctx1; @@ -52,7 +63,7 @@ static void do_apr_hash( /* Start hashing */ lutil_MD5Init(&ctx); lutil_MD5Update(&ctx, (const unsigned char *) passwd->bv_val, passwd->bv_len); - lutil_MD5Update(&ctx, "$apr1$", 6); + lutil_MD5Update(&ctx, (const unsigned char *) magic->bv_val, magic->bv_len); lutil_MD5Update(&ctx, (const unsigned char *) salt->bv_val, salt->bv_len); /* Inner hash */ lutil_MD5Init(&ctx1); @@ -100,8 +111,8 @@ static void do_apr_hash( } } -static int chk_apr1( - const struct berval *scheme, +static int chk_phk( + const struct berval *magic, const struct berval *passwd, const struct berval *cred, const char **text) @@ -132,8 +143,7 @@ static int chk_apr1( salt.bv_val = (char *) &orig_pass[sizeof(digest)]; salt.bv_len = rc - sizeof(digest); - /* the only difference between this and straight PHK is the magic */ - do_apr_hash(cred, &salt, digest); + do_phk_hash(cred, magic, &salt, digest); if (text) *text = NULL; @@ -144,9 +154,28 @@ static int chk_apr1( return rc ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; } -static int hash_apr1( +static int chk_apr1( + const struct berval *scheme, + const struct berval *passwd, + const struct berval *cred, + const char **text) +{ + return chk_phk(&magic_apr1, passwd, cred, text); +} + +static int chk_bsdmd5( const struct berval *scheme, const struct berval *passwd, + const struct berval *cred, + const char **text) +{ + return chk_phk(&magic_bsdmd5, passwd, cred, text); +} + +static int hash_phk( + const struct berval *scheme, + const struct berval *magic, + const struct berval *passwd, struct berval *hash, const char **text) { @@ -168,8 +197,7 @@ static int hash_apr1( for (n = 0; n < salt.bv_len; n++) salt.bv_val[n] = apr64[salt.bv_val[n] % (sizeof(apr64) - 1)]; - /* the only difference between this and straight PHK is the magic */ - do_apr_hash(passwd, &salt, digest_buf); + do_phk_hash(passwd, magic, &salt, digest_buf); if (text) *text = NULL; @@ -177,6 +205,29 @@ static int hash_apr1( return lutil_passwd_string64(scheme, &digest, hash, &salt); } +static int hash_apr1( + const struct berval *scheme, + const struct berval *passwd, + struct berval *hash, + const char **text) +{ + return hash_phk(scheme, &magic_apr1, passwd, hash, text); +} + +static int hash_bsdmd5( + const struct berval *scheme, + const struct berval *passwd, + struct berval *hash, + const char **text) +{ + return hash_phk(scheme, &magic_bsdmd5, passwd, hash, text); +} + int init_module(int argc, char *argv[]) { - return lutil_passwd_add((struct berval *) &scheme, chk_apr1, hash_apr1); + int rc; + rc = lutil_passwd_add((struct berval *) &scheme_apr1, chk_apr1, hash_apr1); + if ( !rc ) + rc = lutil_passwd_add((struct berval *) &scheme_bsdmd5, + chk_bsdmd5, hash_bsdmd5); + return rc; }