From d4a4a4cd25ee0c8e3e08628347aad2bcbcb4c894 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 6 Nov 1998 22:04:14 +0000 Subject: [PATCH] Add lutil_passwd() --- include/lutil.h | 2 +- libraries/liblutil/Makefile.in | 4 +- libraries/liblutil/passwd.c | 79 ++++++++++++++++++++++++++++++++++ 3 files changed, 82 insertions(+), 3 deletions(-) create mode 100644 libraries/liblutil/passwd.c diff --git a/include/lutil.h b/include/lutil.h index 6f14d55980..0d0208a903 100644 --- a/include/lutil.h +++ b/include/lutil.h @@ -13,7 +13,7 @@ LDAP_BEGIN_DECL LDAP_F int b64_ntop LDAP_P((u_char const *, size_t, char *, size_t)); LDAP_F int b64_pton LDAP_P((char const *, u_char *, size_t)); LDAP_F void lutil_detach LDAP_P((int debug, int do_close)); - +LDAP_F int lutil_passwd LDAP_P((const char *cred, const char *passwd)); LDAP_END_DECL #endif /* _LUTIL_H */ diff --git a/libraries/liblutil/Makefile.in b/libraries/liblutil/Makefile.in index 80b5420e56..8ec7760921 100644 --- a/libraries/liblutil/Makefile.in +++ b/libraries/liblutil/Makefile.in @@ -3,8 +3,8 @@ ## LIBRARY = liblutil.a -SRCS = base64.c md5.c sha1.c detach.c -OBJS = base64.o md5.o sha1.o detach.o @LIBOBJS@ +SRCS = base64.c detach.c md5.c passwd.c sha1.c +OBJS = base64.o detach.c md5.o passwd.c sha1.o @LIBOBJS@ LDAP_INCDIR= ../../include LDAP_LIBDIR= ../../libraries diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c new file mode 100644 index 0000000000..89b45b92c3 --- /dev/null +++ b/libraries/liblutil/passwd.c @@ -0,0 +1,79 @@ +/* + * lutil_password(credentials, password) + * + * Returns true if user supplied credentials matches + * the stored password. + * + * Due to the use of the crypt(3) function + * this routine is NOT thread-safe. + */ + +#include "portable.h" + +#include +#include + +#include "lutil_md5.h" +#include "lutil_sha1.h" +#include "lutil.h" + +/* + */ + +int +lutil_passwd( + const char *cred, + const char *passwd) +{ + + if (cred == NULL || passwd == NULL) { + return 0; + } + + if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) { + const char *p = passwd + (sizeof("{CRYPT}") - 1); + + return( strcmp(p, crypt(cred, p)) != 0 ); + + } else if (strncasecmp(passwd, "{MD5}", sizeof("{MD5}") - 1) == 0 ) { + ldap_MD5_CTX MD5context; + unsigned char MD5digest[20]; + char base64digest[29]; /* ceiling(sizeof(input)/3) * 4 + 1 */ + + const char *p = passwd + (sizeof("{MD5}") - 1); + + ldap_MD5Init(&MD5context); + ldap_MD5Update(&MD5context, + cred, strlen(cred)); + ldap_MD5Final(MD5digest, &MD5context); + + if ( b64_ntop(MD5digest, sizeof(MD5digest), + base64digest, sizeof(base64digest)) < 0) + { + return ( 1 ); + } + + return (strcmp(p, base64digest) != 0); + + } else if (strncasecmp(passwd, "{SHA}",sizeof("{SHA}") - 1) == 0 ) { + ldap_SHA1_CTX SHA1context; + unsigned char SHA1digest[20]; + char base64digest[29]; /* ceiling(sizeof(input)/3) * 4 + 1 */ + const char *p = passwd + (sizeof("{SHA}") - 1); + + ldap_SHA1Init(&SHA1context); + ldap_SHA1Update(&SHA1context, + (unsigned char *) cred, strlen(cred)); + ldap_SHA1Final(SHA1digest, &SHA1context); + + if (b64_ntop(SHA1digest, sizeof(SHA1digest), + base64digest, sizeof(base64digest)) < 0) + { + return ( 0 ); + } + + return( strcmp(p, base64digest) != 0 ); + } + + return( strcmp(passwd, cred) != 0 ); +} -- 2.39.5