HCoop / hcoop / debian / courier-authlib.git / blame
| Commit | Line | Data |
|---|---|---|
| d9898ee8 | 1 | /* |
| ac40fd9e | 2 | ** Copyright 1998 - 2008 Double Precision, Inc. See COPYING for |
| d9898ee8 | 3 | ** distribution information. |
| 4 | */ | |
| 5 | ||
| 6 | #if HAVE_CONFIG_H | |
| 7 | #include "courier_auth_config.h" | |
| 8 | #endif | |
| 9 | #include <string.h> | |
| 10 | #if HAVE_UNISTD_H | |
| 11 | #include <unistd.h> | |
| 12 | #endif | |
| 13 | #if HAVE_CRYPT_H | |
| 14 | #include <crypt.h> | |
| 15 | #endif | |
| 16 | #include "auth.h" | |
| 17 | #include "courierauthdebug.h" | |
| 18 | ||
| d9898ee8 | 19 | |
| 20 | #if HAVE_CRYPT | |
| 21 | #if NEED_CRYPT_PROTOTYPE | |
| 22 | extern char *crypt(const char *, const char *); | |
| 23 | #endif | |
| 24 | #endif | |
| 25 | ||
| d9898ee8 | 26 | extern int authcheckpasswordmd5(const char *, const char *); |
| d9898ee8 | 27 | extern int authcheckpasswordsha1(const char *, const char *); |
| d9898ee8 | 28 | |
| d50284c4 CE |
29 | static int safe_strcmp(const char *a, const char *nullable_b) |
| 30 | { | |
| 31 | if (!nullable_b) | |
| 32 | return -1; | |
| 33 | return strcmp(a, nullable_b); | |
| 34 | } | |
| 35 | ||
| d9898ee8 | 36 | static int do_authcheckpassword(const char *password, const char *encrypted_password) |
| 37 | { | |
| 0e333c05 | 38 | char *cpass; |
| d9898ee8 | 39 | if (strncmp(encrypted_password, "$1$", 3) == 0 |
| dd184caf | 40 | || strncasecmp(encrypted_password, "{MD5}", 5) == 0 |
| 41 | || strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0 | |
| 42 | ) | |
| d9898ee8 | 43 | return (authcheckpasswordmd5(password, encrypted_password)); |
| d9898ee8 | 44 | |
| d9898ee8 | 45 | if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 || |
| 8d138742 CE |
46 | strncasecmp(encrypted_password, "{SHA256}", 8) == 0 || |
| 47 | strncasecmp(encrypted_password, "{SHA512}", 8) == 0 || | |
| 48 | strncasecmp(encrypted_password, "{SSHA}", 6) == 0) | |
| d9898ee8 | 49 | return (authcheckpasswordsha1(password, encrypted_password)); |
| d9898ee8 | 50 | |
| 8d138742 | 51 | |
| d9898ee8 | 52 | #if HAVE_CRYPT |
| 53 | if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0) | |
| 54 | encrypted_password += 7; | |
| 55 | #endif | |
| 56 | ||
| d9898ee8 | 57 | #if HAVE_CRYPT |
| 0e333c05 CE |
58 | |
| 59 | cpass = crypt(password, encrypted_password); | |
| 60 | if (cpass == NULL) { | |
| 61 | return 1; | |
| 62 | } else { | |
| 63 | return safe_strcmp(encrypted_password, cpass); | |
| 64 | } | |
| d9898ee8 | 65 | #else |
| 0e333c05 | 66 | return safe_strcmp(encrypted_password, password) |
| d9898ee8 | 67 | #endif |
| d9898ee8 | 68 | } |
| 69 | ||
| 70 | int authcheckpassword(const char *password, const char *encrypted_password) | |
| 71 | { | |
| 72 | int rc; | |
| 73 | ||
| 74 | rc=do_authcheckpassword(password, encrypted_password); | |
| 75 | if (rc == 0) | |
| 76 | { | |
| 77 | DPRINTF("password matches successfully"); | |
| 78 | } | |
| 79 | else if (courier_authdebug_login_level >= 2) | |
| 80 | { | |
| 81 | DPRINTF("supplied password '%s' does not match encrypted password '%s'", | |
| 82 | password, encrypted_password); | |
| 83 | } | |
| 84 | else | |
| 85 | { | |
| 86 | DPRINTF("supplied password does not match encrypted password"); | |
| 87 | } | |
| 88 | return rc; | |
| 89 | } |