checkpassword.c

   1 /*
   2 ** Copyright 1998 - 1999 Double Precision, Inc.  See COPYING for
   3 ** distribution information.
   4 */
   5
   6 #if     HAVE_CONFIG_H
   7 #include        "courier_auth_config.h"
   8 #endif
   9 #include        <string.h>
  10 #if     HAVE_UNISTD_H
  11 #include        <unistd.h>
  12 #endif
  13 #if     HAVE_CRYPT_H
  14 #include        <crypt.h>
  15 #endif
  16 #include        "auth.h"
  17 #include        "courierauthdebug.h"
  18
  19 static const char rcsid[]="$Id: checkpassword.c,v 1.15 2006/10/28 19:22:52 mrsam Exp $";
  20
  21 #if HAVE_CRYPT
  22 #if NEED_CRYPT_PROTOTYPE
  23 extern char *crypt(const char *, const char *);
  24 #endif
  25 #endif
  26
  27 #if     HAVE_MD5LIB
  28 extern int authcheckpasswordmd5(const char *, const char *);
  29 #endif
  30
  31 #if     HAVE_SHA1LIB
  32 extern int authcheckpasswordsha1(const char *, const char *);
  33 #endif
  34
  35 static int do_authcheckpassword(const char *password, const char *encrypted_password)
  36 {
  37 #if     HAVE_MD5LIB
  38         if (strncmp(encrypted_password, "$1$", 3) == 0
  39                 || strncasecmp(encrypted_password, "{MD5}", 5) == 0
  40                 )
  41                 return (authcheckpasswordmd5(password, encrypted_password));
  42 #endif
  43
  44 #if     HAVE_SHA1LIB
  45         if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 ||
  46             strncasecmp(encrypted_password, "{SHA256}", 8) == 0
  47                 )
  48                 return (authcheckpasswordsha1(password, encrypted_password));
  49 #endif
  50
  51 #if     HAVE_CRYPT
  52         if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0)
  53                 encrypted_password += 7;
  54 #endif
  55
  56         return (
  57 #if     HAVE_CRYPT
  58                 strcmp(encrypted_password,
  59                         crypt(password, encrypted_password))
  60 #else
  61                 strcmp(encrypted_password, password)
  62 #endif
  63                                 );
  64 }
  65
  66 int authcheckpassword(const char *password, const char *encrypted_password)
  67 {
  68 int rc;
  69
  70         rc=do_authcheckpassword(password, encrypted_password);
  71         if (rc == 0)
  72         {
  73                 DPRINTF("password matches successfully");
  74         }
  75         else if (courier_authdebug_login_level >= 2)
  76         {
  77                 DPRINTF("supplied password '%s' does not match encrypted password '%s'",
  78                         password, encrypted_password);
  79         }
  80         else
  81         {
  82                 DPRINTF("supplied password does not match encrypted password");
  83         }
  84         return rc;
  85 }