lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

added support for md5 and blowfish passwords (fixes #73)

Browse Source 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@710 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.6
Jan Kneschke 17 years ago
parent dce84f26e1
commit be5f187d0f
1 changed files with 42 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 47
      src/http_auth.c

47
src/http_auth.c
Unescape View File

@ -442,22 +442,59 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
}
} else if (p->conf.auth_backend == AUTH_BACKEND_HTPASSWD) {
#ifdef HAVE_CRYPT
char salt[3];
char salt[32];
char *crypted;
size_t salt_len = 0;
/*
* htpasswd format
*
* user:crypted password
*/
/*
* Algorithm Salt
* CRYPT_STD_DES 2-character (Default)
* CRYPT_EXT_DES 9-character
* CRYPT_MD5 12-character beginning with $1$
* CRYPT_BLOWFISH 16-character beginning with $2$
*/
if (password->used < 13 + 1) {
fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
return -1;
}
if (password->used == 13 + 1) {
/* a simple DES password is 2 + 11 characters */
salt_len = 2;
} else if (password->ptr[0] == '$' && password->ptr[2] == '$') {
char *dollar = NULL;
if (NULL == (dollar = strchr(password->ptr + 3, '$'))) {
fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
return -1;
}
salt_len = dollar - password->ptr;
}
if (salt_len - 1 > sizeof(salt)) {
fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
return -1;
}
strncpy(salt, password->ptr, salt_len);
salt[salt_len] = '\0';
salt[0] = password->ptr[0];
salt[1] = password->ptr[1];
salt[2] = '\0';
crypted = crypt(pw, salt);
if (0 == strcmp(password->ptr, crypted)) {
return 0;
} else {
fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
}
#endif
} else if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) {
if (0 == strcmp(password->ptr, pw)) {
@ -647,7 +684,7 @@ int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p,
/* password doesn't match */
if (http_auth_basic_password_compare(srv, p, req, username, realm->value, password, pw)) {
log_error_write(srv, __FILE__, __LINE__, "sbb", "password doesn't match", con->uri.path, username);
log_error_write(srv, __FILE__, __LINE__, "sbb", "password doesn't match for", con->uri.path, username);
buffer_free(username);
buffer_free(password);

Write Preview
Loading…
Cancel
Save