rename to password_encode, streamline tests

This commit is contained in:
Enno Rehling 2016-02-12 08:31:42 +01:00
parent c0c6d19be2
commit 40530f2066
8 changed files with 19 additions and 16 deletions

View File

@ -392,7 +392,7 @@ static int tolua_faction_set_password(lua_State * L)
{
faction *self = (faction *)tolua_tousertype(L, 1, 0);
const char * passw = tolua_tostring(L, 2, 0);
faction_setpassword(self, password_hash(passw, 0, PASSWORD_DEFAULT));
faction_setpassword(self, password_encode(passw, PASSWORD_DEFAULT));
return 0;
}

View File

@ -252,7 +252,7 @@ faction *addfaction(const char *email, const char *password,
}
if (!password) password = itoa36(rng_int());
faction_setpassword(f, password_hash(password, 0, PASSWORD_DEFAULT));
faction_setpassword(f, password_encode(password, PASSWORD_DEFAULT));
ADDMSG(&f->msgs, msg_message("changepasswd", "value", password));
f->alliance_joindate = turn;

View File

@ -124,7 +124,7 @@ static void test_check_passwd(CuTest *tc) {
faction *f;
f = test_create_faction(0);
faction_setpassword(f, password_hash("password", 0, PASSWORD_DEFAULT));
faction_setpassword(f, password_encode("password", PASSWORD_DEFAULT));
CuAssertTrue(tc, checkpasswd(f, "password"));
CuAssertTrue(tc, !checkpasswd(f, "assword"));
CuAssertTrue(tc, !checkpasswd(f, "PASSWORD"));

View File

@ -1239,7 +1239,7 @@ faction *readfaction(struct gamedata * data)
}
READ_STR(data->store, name, sizeof(name));
faction_setpassword(f, (data->version >= CRYPT_VERSION) ? name : password_hash(name, 0, PASSWORD_DEFAULT));
faction_setpassword(f, (data->version >= CRYPT_VERSION) ? name : password_encode(name, PASSWORD_DEFAULT));
if (data->version < NOOVERRIDE_VERSION) {
READ_STR(data->store, 0, 0);
}

View File

@ -2173,7 +2173,7 @@ int password_cmd(unit * u, struct order *ord)
cmistake(u, ord, 283, MSG_EVENT);
strlcpy(pwbuf, itoa36(rng_int()), sizeof(pwbuf));
}
faction_setpassword(u->faction, password_hash(pwbuf, 0, PASSWORD_DEFAULT));
faction_setpassword(u->faction, password_encode(pwbuf, PASSWORD_DEFAULT));
ADDMSG(&u->faction->msgs, msg_message("changepasswd",
"value", pwbuf));
return 0;

View File

@ -91,10 +91,10 @@ static const char * password_hash_i(const char * passwd, const char *input, int
return NULL;
}
const char * password_hash(const char * passwd, const char * salt, int algo) {
const char * password_encode(const char * passwd, int algo) {
static char result[64]; // TODO: static result buffers are bad mojo!
if (algo < 0) algo = PASSWORD_DEFAULT;
return password_hash_i(passwd, salt, algo, result, sizeof(result));
return password_hash_i(passwd, 0, algo, result, sizeof(result));
}
int password_verify(const char * pwhash, const char * passwd) {
@ -106,6 +106,9 @@ int password_verify(const char * pwhash, const char * passwd) {
assert(pwhash);
assert(pwhash[0] == '$');
algo = pwhash[1];
if (!password_is_implemented(algo)) {
return VERIFY_UNKNOWN;
}
if (algo == PASSWORD_BCRYPT) {
char sample[200];
_crypt_blowfish_rn(passwd, pwhash, sample, sizeof(sample));
@ -115,9 +118,6 @@ int password_verify(const char * pwhash, const char * passwd) {
assert(pos && pos[0] == '$');
pos = strchr(pos, '$')+1;
result = password_hash_i(passwd, pos, algo, hash, sizeof(hash));
if (!password_is_implemented(algo)) {
return VERIFY_UNKNOWN;
}
if (strcmp(pwhash, result) == 0) {
return VERIFY_OK;
}

View File

@ -12,4 +12,4 @@
#define VERIFY_FAIL 1 // password is wrong
#define VERIFY_UNKNOWN 2 // hashing algorithm not supported
int password_verify(const char *hash, const char *passwd);
const char * password_hash(const char *passwd, const char *salt, int algo);
const char * password_encode(const char *passwd, int algo);

View File

@ -9,25 +9,28 @@ static void test_passwords(CuTest *tc) {
expect = "$apr1$FqQLkl8g$.icQqaDJpim4BVy.Ho5660";
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "Hodor"));
hash = password_hash("Hodor", "FqQLkl8g", PASSWORD_APACHE_MD5);
hash = password_encode("Hodor", PASSWORD_APACHE_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, expect, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 6));
expect = "$1$ZouUn04i$yNnT1Oy8azJ5V.UM9ppP5/";
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "jollygood"));
hash = password_hash("jollygood", "ZouUn04i", PASSWORD_MD5);
hash = password_encode("jollygood", PASSWORD_MD5);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, expect, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 3));
expect = "$0$password";
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "password"));
CuAssertIntEquals(tc, VERIFY_FAIL, password_verify(expect, "arseword"));
hash = password_hash("password", "hodor", PASSWORD_PLAIN);
hash = password_encode("password", PASSWORD_PLAIN);
CuAssertPtrNotNull(tc, hash);
CuAssertStrEquals(tc, expect, hash);
expect = "$2y$05$RJ8qAhu.foXyJLdc2eHTLOaK4MDYn3/v4HtOVCq0Plv2yxcrEB7Wm";
CuAssertIntEquals(tc, VERIFY_OK, password_verify(expect, "Hodor"));
hash = password_encode("Hodor", PASSWORD_BCRYPT);
CuAssertPtrNotNull(tc, hash);
CuAssertIntEquals(tc, 0, strncmp(hash, expect, 7));
}
CuSuite *get_password_suite(void) {