checkpassword.c

   1 /*
   2 ** Copyright 1998 - 2008 Double Precision, Inc.  See COPYING for
   3 ** distribution information.
   4 */
   5
   6 #if     HAVE_CONFIG_H
   7 #include        "courier_auth_config.h"
   8 #endif
   9 #include        <string.h>
  10 #if     HAVE_UNISTD_H
  11 #include        <unistd.h>
  12 #endif
  13 #if     HAVE_CRYPT_H
  14 #include        <crypt.h>
  15 #endif
  16 #include        "auth.h"
  17 #include        "courierauthdebug.h"
  18
  19 static const char rcsid[]="$Id: checkpassword.c,v 1.19 2008/12/18 12:08:25 mrsam Exp $";
  20
  21 #if HAVE_CRYPT
  22 #if NEED_CRYPT_PROTOTYPE
  23 extern char *crypt(const char *, const char *);
  24 #endif
  25 #endif
  26
  27 extern int authcheckpasswordmd5(const char *, const char *);
  28 extern int authcheckpasswordsha1(const char *, const char *);
  29
  30 static int do_authcheckpassword(const char *password, const char *encrypted_password)
  31 {
  32         if (strncmp(encrypted_password, "$1$", 3) == 0
  33             || strncasecmp(encrypted_password, "{MD5}", 5) == 0
  34             || strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0
  35             )
  36                 return (authcheckpasswordmd5(password, encrypted_password));
  37
  38         if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 ||
  39             strncasecmp(encrypted_password, "{SHA256}", 8) == 0 ||
  40             strncasecmp(encrypted_password, "{SHA512}", 8) == 0 ||
  41             strncasecmp(encrypted_password, "{SSHA}", 6) == 0)
  42                 return (authcheckpasswordsha1(password, encrypted_password));
  43
  44
  45 #if     HAVE_CRYPT
  46         if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0)
  47                 encrypted_password += 7;
  48 #endif
  49
  50         return (
  51 #if     HAVE_CRYPT
  52                 strcmp(encrypted_password,
  53                         crypt(password, encrypted_password))
  54 #else
  55                 strcmp(encrypted_password, password)
  56 #endif
  57                                 );
  58 }
  59
  60 int authcheckpassword(const char *password, const char *encrypted_password)
  61 {
  62 int rc;
  63
  64         rc=do_authcheckpassword(password, encrypted_password);
  65         if (rc == 0)
  66         {
  67                 DPRINTF("password matches successfully");
  68         }
  69         else if (courier_authdebug_login_level >= 2)
  70         {
  71                 DPRINTF("supplied password '%s' does not match encrypted password '%s'",
  72                         password, encrypted_password);
  73         }
  74         else
  75         {
  76                 DPRINTF("supplied password does not match encrypted password");
  77         }
  78         return rc;
  79 }