forked from github/server
simpler hack, um den brypt workfactor einzustellen (oder passwort-checks abzuschalten), weil man manchmal halt keine Zeit hat.
This commit is contained in:
parent
fc23926559
commit
b74e8c0ebd
2 changed files with 12 additions and 4 deletions
|
@ -28,6 +28,7 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|||
#include <util/language.h>
|
||||
#include <util/log.h>
|
||||
#include <util/path.h>
|
||||
#include <util/password.h>
|
||||
|
||||
#include "eressea.h"
|
||||
#ifdef USE_CURSES
|
||||
|
@ -231,6 +232,10 @@ static int parse_args(int argc, char **argv)
|
|||
i = get_arg(argc, argv, 2, i, &arg, 0);
|
||||
turn = atoi(arg);
|
||||
break;
|
||||
case 'w':
|
||||
i = get_arg(argc, argv, 2, i, &arg, 0);
|
||||
bcrypt_workfactor = arg ? atoi(arg) : 0xff;
|
||||
break;
|
||||
case 'q':
|
||||
verbosity = 0;
|
||||
break;
|
||||
|
|
|
@ -17,7 +17,7 @@ bool password_is_implemented(cryptalgo_t algo) {
|
|||
}
|
||||
|
||||
const char * password_hash(const char * passwd, cryptalgo_t algo) {
|
||||
if (algo == PASSWORD_BCRYPT) {
|
||||
if (algo == PASSWORD_BCRYPT && bcrypt_workfactor != 0) {
|
||||
char salt[BCRYPT_HASHSIZE];
|
||||
static char hash[BCRYPT_HASHSIZE];
|
||||
int ret;
|
||||
|
@ -32,10 +32,13 @@ const char * password_hash(const char * passwd, cryptalgo_t algo) {
|
|||
int password_verify(const char * pwhash, const char * passwd) {
|
||||
if (pwhash[0] == '$') {
|
||||
if (pwhash[1] == '2') {
|
||||
if (bcrypt_workfactor > 0) {
|
||||
int ret = bcrypt_checkpw(passwd, pwhash);
|
||||
assert(ret != -1);
|
||||
return (ret == 0) ? VERIFY_OK : VERIFY_FAIL;
|
||||
}
|
||||
return VERIFY_OK;
|
||||
}
|
||||
}
|
||||
return (strcmp(passwd, pwhash) == 0) ? VERIFY_OK : VERIFY_FAIL;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue