1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
/*
** Copyright 1998 - 1999 Double Precision, Inc. See COPYING for
** distribution information.
*/
#if HAVE_CONFIG_H
#include "courier_auth_config.h"
#endif
#include <string.h>
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
#include "auth.h"
#include "courierauthdebug.h"
static const char rcsid[]="$Id: checkpassword.c,v 1.14 2005/07/10 00:47:37 mrsam Exp $";
#if HAVE_CRYPT
#if NEED_CRYPT_PROTOTYPE
extern char *crypt(const char *, const char *);
#endif
#endif
#if HAVE_MD5LIB
extern int authcheckpasswordmd5(const char *, const char *);
#endif
#if HAVE_SHA1LIB
extern int authcheckpasswordsha1(const char *, const char *);
#endif
static int do_authcheckpassword(const char *password, const char *encrypted_password)
{
#if HAVE_MD5LIB
if (strncmp(encrypted_password, "$1$", 3) == 0
|| strncasecmp(encrypted_password, "{MD5}", 5) == 0
)
return (authcheckpasswordmd5(password, encrypted_password));
#endif
#if HAVE_SHA1LIB
if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 ||
strncasecmp(encrypted_password, "{SHA256}", 8) == 0
)
return (authcheckpasswordsha1(password, encrypted_password));
#endif
#if HAVE_CRYPT
if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0)
encrypted_password += 7;
#endif
return (
#if HAVE_CRYPT
strcmp(encrypted_password,
crypt(password, encrypted_password))
#else
strcmp(encrypted_password, password)
#endif
);
}
int authcheckpassword(const char *password, const char *encrypted_password)
{
int rc;
rc=do_authcheckpassword(password, encrypted_password);
if (rc == 0)
DPRINTF("password matches successfully");
else if (courier_authdebug_login_level >= 2)
DPRINTF("supplied password '%s' does not match encrypted password '%s'",
password, encrypted_password);
else
DPRINTF("supplied password does not match encrypted password");
return rc;
}
|
