Skip to content
Snippets Groups Projects
Commit 9cb67140 authored by Per Cederqvist's avatar Per Cederqvist
Browse files

Fixed crypted password checking.

parent f9a91a5b
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 35 additions and 8 deletions
src/server/person.c
+ 35
8
View file @ 9cb67140
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
* All atomic calls that deals with persons. * All atomic calls that deals with persons.
*/ */
static char *rcsid = "$Id: person.c,v 0.8 1991/09/11 23:03:48 ceder Exp $"; static char *rcsid = "$Id: person.c,v 0.9 1991/09/12 16:35:15 ceder Exp $";
#include <m-config.h> #include <m-config.h>
#include <time.h> #include <time.h>
...@@ -26,13 +26,21 @@ static char *rcsid = "$Id: person.c,v 0.8 1991/09/11 23:03:48 ceder Exp $"; ...@@ -26,13 +26,21 @@ static char *rcsid = "$Id: person.c,v 0.8 1991/09/11 23:03:48 ceder Exp $";
#include "connections.h" #include "connections.h"
#include "send-async.h" #include "send-async.h"
#include <debug.h> #include <debug.h>
/* /*
* Static functions. * Static functions.
*/ */
static Bool static Bool
legal_passwd(const String pwd) legal_passwd(const String pwd)
{ {
return TRUE; /* ??? */ int i;
for (i = 0; i < s_strlen(pwd); i++)
if (pwd.string[i] == '\0')
return FALSE;
return TRUE;
} }
static Success static Success
...@@ -43,6 +51,7 @@ do_set_passwd( Password pwd, ...@@ -43,6 +51,7 @@ do_set_passwd( Password pwd,
char salt[3]; char salt[3];
static char crypt_seed[] = ("abcdefghijklmnopqrstuvwxyz" static char crypt_seed[] = ("abcdefghijklmnopqrstuvwxyz"
"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./"); "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./");
char *password;
if ( !legal_passwd(new_pwd) ) if ( !legal_passwd(new_pwd) )
return FAILURE; return FAILURE;
...@@ -51,7 +60,15 @@ do_set_passwd( Password pwd, ...@@ -51,7 +60,15 @@ do_set_passwd( Password pwd,
salt[1] = crypt_seed [rand() % sizeof (crypt_seed)]; salt[1] = crypt_seed [rand() % sizeof (crypt_seed)];
salt[2] = '\0'; salt[2] = '\0';
strcpy((char *)pwd, (const char *)crypt((char *)new_pwd.string, salt)); password = s_crea_c_str(new_pwd);
if (password == NULL)
return FAILURE;
else
{
strcpy((char *)pwd, (const char *)crypt(password, salt));
sfree(password);
return OK;
}
#else #else
...@@ -63,9 +80,9 @@ do_set_passwd( Password pwd, ...@@ -63,9 +80,9 @@ do_set_passwd( Password pwd,
strncpy(pwd, (const char *)new_pwd.string, strncpy(pwd, (const char *)new_pwd.string,
min( PASSWD_LEN-1, new_pwd.len )); min( PASSWD_LEN-1, new_pwd.len ));
#endif
return OK; return OK;
#endif
} }
...@@ -307,13 +324,23 @@ chk_passwd (Password pwd, ...@@ -307,13 +324,23 @@ chk_passwd (Password pwd,
const String try) const String try)
{ {
#ifdef ENCRYPT_PASSWORDS #ifdef ENCRYPT_PASSWORDS
char *c_try;
c_try = s_crea_c_str(try);
if (c_try == NULL)
return FAILURE;
if (strcmp ((const char *)pwd, if (strcmp ((const char *)pwd,
(const char *)crypt((const char *)&try.string[2], (const char *)crypt(c_try, (const char *)pwd)) != 0)
(const char *)try.string))) {
sfree(c_try);
return FAILURE; return FAILURE;
}
else else
{
sfree(c_try);
return OK; return OK;
}
#else #else
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment