From: hno <> Date: Mon, 25 Jun 2007 17:27:03 +0000 (+0000) Subject: Imported ncsa_auth changes from Squid-2 X-Git-Tag: SQUID_3_0_PRE7~193 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8655ee19716784d8f2ccd5d47cb1080a2dc4e9f0;p=thirdparty%2Fsquid.git Imported ncsa_auth changes from Squid-2 - Support for plain MD5 hashed password (no salting) - man page documenting it's use --- diff --git a/helpers/basic_auth/NCSA/Makefile.am b/helpers/basic_auth/NCSA/Makefile.am index 825c3b961c..43d736f555 100644 --- a/helpers/basic_auth/NCSA/Makefile.am +++ b/helpers/basic_auth/NCSA/Makefile.am @@ -1,12 +1,14 @@ # # Makefile for the Squid Object Cache server # -# $Id: Makefile.am,v 1.5 2003/05/31 11:31:46 hno Exp $ +# $Id: Makefile.am,v 1.6 2007/06/25 11:27:03 hno Exp $ # # Uncomment and customize the following to suit your needs: # libexec_PROGRAMS = ncsa_auth ncsa_auth_SOURCES = ncsa_auth.c crypt_md5.c crypt_md5.h +man_MANS = ncsa_auth.8 +EXTRA_DIST = ncsa_auth.8 LDADD = -L$(top_builddir)/lib -lmiscutil $(CRYPTLIB) $(XTRA_LIBS) $(SSLLIB) INCLUDES = -I$(top_srcdir)/include diff --git a/helpers/basic_auth/NCSA/crypt_md5.c b/helpers/basic_auth/NCSA/crypt_md5.c index d781a02746..8936c84bee 100644 --- a/helpers/basic_auth/NCSA/crypt_md5.c +++ b/helpers/basic_auth/NCSA/crypt_md5.c @@ -16,6 +16,7 @@ */ #include +#include #include "config.h" #include "md5.h" @@ -166,3 +167,30 @@ char *crypt_md5(const char *pw, const char *salt) return passwd; } + +/* Created by Ramon de Carvalho + Refined by Rodrigo Rubira Branco +*/ +char *md5sum(const char *s){ + static unsigned char digest[16]; + MD5_CTX ctx; + int idx; + static char sum[33]; + + memset(digest,0,16); + + MD5Init(&ctx); + MD5Update(&ctx,(const unsigned char *)s,strlen(s)); + MD5Final(digest,&ctx); + + for(idx=0;idx<16;idx++) + sprintf(&sum[idx*2],"%02x",digest[idx]); + + sum[32]='\0'; + + /* Don't leave anything around in vm they could use. */ + memset(digest, 0, sizeof digest); + + return sum; +} + diff --git a/helpers/basic_auth/NCSA/crypt_md5.h b/helpers/basic_auth/NCSA/crypt_md5.h index 2e27d82d7e..47c4e7787f 100644 --- a/helpers/basic_auth/NCSA/crypt_md5.h +++ b/helpers/basic_auth/NCSA/crypt_md5.h @@ -13,3 +13,6 @@ * salt[0] = '\0'; */ char *crypt_md5(const char *pw, const char *salt); + +/* MD5 hash without salt */ +char *md5sum(const char *s); diff --git a/helpers/basic_auth/NCSA/ncsa_auth.c b/helpers/basic_auth/NCSA/ncsa_auth.c index 07e5f7b045..7d690515d7 100644 --- a/helpers/basic_auth/NCSA/ncsa_auth.c +++ b/helpers/basic_auth/NCSA/ncsa_auth.c @@ -141,10 +141,14 @@ main(int argc, char **argv) u = (user_data *) hash_lookup(hash, user); if (u == NULL) { printf("ERR No such user\n"); +#if HAVE_CRYPT } else if (strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) { printf("OK\n"); +#endif } else if (strcmp(u->passwd, (char *) crypt_md5(passwd, u->passwd)) == 0) { printf("OK\n"); + } else if (strcmp(u->passwd, (char *) md5sum(passwd)) == 0) { /* md5 without salt and magic strings - Added by Ramon de Carvalho and Rodrigo Rubira Branco */ + printf("OK\n"); } else { printf("ERR Wrong password\n"); }