]> git.sur5r.net Git - bacula/bacula/commitdiff
projects / bacula / bacula / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6da504f)
Tweak authentication to work with 1.38.x FDs
authorKern Sibbald <kern@sibbald.com>
Sun, 23 Jul 2006 06:47:22 +0000 (06:47 +0000)
committerKern Sibbald <kern@sibbald.com>
Sun, 23 Jul 2006 06:47:22 +0000 (06:47 +0000)
git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@3170 91ce42f0-d328-0410-95d8-f526ca767f89

bacula/kes-1.39 patch | blob | history
bacula/src/dird/authenticate.c patch | blob | history
bacula/src/lib/cram-md5.c patch | blob | history

diff --git a/bacula/kes-1.39 b/bacula/kes-1.39
index c616351a8cd95d48ded8d477c0e6c36964b5ecae..3b4b6cf28e57129d9acafb3e26ee850dcd1afd91 100644 (file)
--- a/bacula/kes-1.39
+++ b/bacula/kes-1.39
@@ -3,6 +3,7 @@
 
 General:
 22Jul06
+- Tweak authentication to work with 1.38.x FDs. 
 - Tweak catalog make scripts.
 - Fix catalog upgrade scripts so that they work.
 - Correct despooling debug code to eliminate race condition.
diff --git a/bacula/src/dird/authenticate.c b/bacula/src/dird/authenticate.c
index 991ab8dd6d496e2509821b31d8b0cad66761d657..383e78ae57c3a7b4ea32d3483d6a7b94780bc359 100644 (file)
--- a/bacula/src/dird/authenticate.c
+++ b/bacula/src/dird/authenticate.c
@@ -166,6 +166,7 @@ int authenticate_file_daemon(JCR *jcr)
       Jmsg(jcr, M_FATAL, 0, _("Error sending Hello to File daemon. ERR=%s\n"), bnet_strerror(fd));
       return 0;
    }
+   Dmsg1(50, "Sent: %s", fd->msg);
 
    /* TLS Requirement */
    if (client->tls_enable) {
diff --git a/bacula/src/lib/cram-md5.c b/bacula/src/lib/cram-md5.c
index e880bb1118f846060007d4c93c96b20a6788fb73..fd0446e161506630e0080f58cbe335e8332c95e5 100644 (file)
--- a/bacula/src/lib/cram-md5.c
+++ b/bacula/src/lib/cram-md5.c
@@ -54,14 +54,15 @@ bool cram_md5_challenge(BSOCK *bs, char *password, int tls_local_need, int compa
    }
    /* Send challenge -- no hashing yet */
    bsnprintf(chal, sizeof(chal), "<%u.%u@%s>", (uint32_t)random(), (uint32_t)time(NULL), host);
-   Dmsg2(50, "send: auth cram-md5 %s ssl=%d\n", chal, tls_local_need);
    if (compatible) {
-      if (!bnet_fsend(bs, "auth cram-md5c %s ssl=%d\n", chal, tls_local_need)) {
+      Dmsg2(50, "send: auth cram-md5 %s ssl=%d\n", chal, tls_local_need);
+      if (!bnet_fsend(bs, "auth cram-md5 %s ssl=%d\n", chal, tls_local_need)) {
          Dmsg1(50, "Bnet send challenge error.\n", bnet_strerror(bs));
          return false;
       }
    } else {
       /* Old non-compatible system */
+      Dmsg2(50, "send: auth cram-md5 %s ssl=%d\n", chal, tls_local_need);
       if (!bnet_fsend(bs, "auth cram-md5 %s ssl=%d\n", chal, tls_local_need)) {
          Dmsg1(50, "Bnet send challenge error.\n", bnet_strerror(bs));
          return false;
@@ -82,7 +83,11 @@ bool cram_md5_challenge(BSOCK *bs, char *password, int tls_local_need, int compa
    if (ok) {
       Dmsg1(50, "Authenticate OK %s\n", host);
    } else {
-      Dmsg2(50, "Authenticate NOT OK: wanted %s, got %s\n", host, bs->msg);
+      bin_to_base64(host, sizeof(host), (char *)hmac, 16, false);     
+      ok = strcmp(bs->msg, host) == 0;
+      if (!ok) {
+         Dmsg2(50, "Authenticate NOT OK: wanted %s, got %s\n", host, bs->msg);
+      }
    }
    if (ok) {
       bnet_fsend(bs, "1000 OK auth\n");
Cloned from http://git.bacula.org/bacula