forked from github/server
Merge branch 'feature/apache-md5' of https://github.com/ennorehling/eressea into ennorehling-feature/apache-md5
Conflicts: src/util/password.c src/util/password.h src/util/password.test.c
This commit is contained in:
commit
26a33e28ce
3 changed files with 20 additions and 16 deletions
|
@ -12,17 +12,13 @@
|
||||||
#define MAXSALTLEN 32 // maximum length in characters of any salt
|
#define MAXSALTLEN 32 // maximum length in characters of any salt
|
||||||
#define SALTLEN 8 // length of salts we generate
|
#define SALTLEN 8 // length of salts we generate
|
||||||
|
|
||||||
/* Table with characters for base64 transformation. */
|
|
||||||
static const char b64t[65] =
|
|
||||||
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
|
||||||
|
|
||||||
#define b64_from_24bit(B2, B1, B0, N) \
|
#define b64_from_24bit(B2, B1, B0, N) \
|
||||||
do { \
|
do { \
|
||||||
unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
|
unsigned int w = ((B2) << 16) | ((B1) << 8) | (B0); \
|
||||||
int n = (N); \
|
int n = (N); \
|
||||||
while (n-- > 0 && buflen > 0) \
|
while (n-- > 0 && buflen > 0) \
|
||||||
{ \
|
{ \
|
||||||
*cp++ = b64t[w & 0x3f]; \
|
*cp++ = itoa64[w & 0x3f]; \
|
||||||
--buflen; \
|
--buflen; \
|
||||||
w >>= 6; \
|
w >>= 6; \
|
||||||
} \
|
} \
|
||||||
|
@ -50,9 +46,12 @@ static const char * password_hash_i(const char * passwd, const char *salt, int a
|
||||||
_snprintf(result, len, "$0$%s$%s", salt, passwd);
|
_snprintf(result, len, "$0$%s$%s", salt, passwd);
|
||||||
}
|
}
|
||||||
else if (algo == PASSWORD_MD5) {
|
else if (algo == PASSWORD_MD5) {
|
||||||
char * result = md5_crypt(passwd, salt);
|
return md5_crypt_r(passwd, salt, result, len);
|
||||||
|
}
|
||||||
|
else if (algo == PASSWORD_APACHE_MD5) {
|
||||||
|
apr_md5_encode(passwd, salt, result, len);
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -66,7 +65,7 @@ const char * password_hash(const char * passwd, const char * salt, int algo) {
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool password_is_implemented(int algo) {
|
static bool password_is_implemented(int algo) {
|
||||||
return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5;
|
return algo==PASSWORD_PLAIN || algo==PASSWORD_MD5 || algo==PASSWORD_APACHE_MD5;
|
||||||
}
|
}
|
||||||
|
|
||||||
int password_verify(const char * pwhash, const char * passwd) {
|
int password_verify(const char * pwhash, const char * passwd) {
|
||||||
|
@ -79,7 +78,7 @@ int password_verify(const char * pwhash, const char * passwd) {
|
||||||
assert(passwd);
|
assert(passwd);
|
||||||
assert(pwhash);
|
assert(pwhash);
|
||||||
assert(pwhash[0] == '$');
|
assert(pwhash[0] == '$');
|
||||||
algo = pwhash[1] - '0';
|
algo = pwhash[1];
|
||||||
pos = strchr(pwhash+2, '$');
|
pos = strchr(pwhash+2, '$');
|
||||||
assert(pos && pos[0] == '$');
|
assert(pos && pos[0] == '$');
|
||||||
++pos;
|
++pos;
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
#pragma once
|
#pragma once
|
||||||
|
|
||||||
#define PASSWORD_PLAIN 0
|
#define PASSWORD_PLAIN '0'
|
||||||
#define PASSWORD_MD5 1
|
#define PASSWORD_MD5 '1'
|
||||||
#define PASSWORD_BCRYPT 2 // not implemented
|
#define PASSWORD_BCRYPT '2' // not implemented
|
||||||
#define PASSWORD_SHA256 5 // not implemented
|
#define PASSWORD_APACHE_MD5 'a'
|
||||||
#define PASSWORD_SHA512 6 // not implemented
|
#define PASSWORD_SHA256 '5' // not implemented
|
||||||
#define PASSWORD_DEFAULT PASSWORD_MD5
|
#define PASSWORD_SHA512 '6' // not implemented
|
||||||
|
#define PASSWORD_DEFAULT PASSWORD_APACHE_MD5
|
||||||
|
|
||||||
#define VERIFY_OK 0 // password matches hash
|
#define VERIFY_OK 0 // password matches hash
|
||||||
#define VERIFY_FAIL 1 // password is wrong
|
#define VERIFY_FAIL 1 // password is wrong
|
||||||
|
|
|
@ -5,6 +5,11 @@
|
||||||
static void test_passwords(CuTest *tc) {
|
static void test_passwords(CuTest *tc) {
|
||||||
const char *hash;
|
const char *hash;
|
||||||
|
|
||||||
|
hash = password_hash("Hodor", "FqQLkl8g", PASSWORD_APACHE_MD5);
|
||||||
|
CuAssertPtrNotNull(tc, hash);
|
||||||
|
CuAssertStrEquals(tc, "$apr1$FqQLkl8g$.icQqaDJpim4BVy.Ho5660", hash);
|
||||||
|
CuAssertIntEquals(tc, VERIFY_OK, password_verify(hash, "Hodor"));
|
||||||
|
|
||||||
hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5);
|
hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5);
|
||||||
CuAssertPtrNotNull(tc, hash);
|
CuAssertPtrNotNull(tc, hash);
|
||||||
CuAssertStrEquals(tc, "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/", hash);
|
CuAssertStrEquals(tc, "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/", hash);
|
||||||
|
|
Loading…
Reference in a new issue