File: checkpassword.c

package info (click to toggle)
courier-authlib 0.72.4-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 14,824 kB
  • sloc: ansic: 15,828; sh: 5,047; cpp: 4,205; makefile: 853; perl: 761
file content (89 lines) | stat: -rw-r--r-- 2,102 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
/*
** Copyright 1998 - 2008 Double Precision, Inc.  See COPYING for
** distribution information.
*/

#if	HAVE_CONFIG_H
#include	"courier_auth_config.h"
#endif
#include	<string.h>
#if	HAVE_UNISTD_H
#include	<unistd.h>
#endif
#if	HAVE_CRYPT_H
#include	<crypt.h>
#endif
#include	"auth.h"
#include	"courierauthdebug.h"


#if HAVE_CRYPT
#if NEED_CRYPT_PROTOTYPE
extern char *crypt(const char *, const char *);
#endif
#endif

extern int authcheckpasswordmd5(const char *, const char *);
extern int authcheckpasswordsha1(const char *, const char *);

static int safe_strcmp(const char *a, const char *nullable_b)
{
	if (!nullable_b)
		return -1;
	return strcmp(a, nullable_b);
}

static int do_authcheckpassword(const char *password, const char *encrypted_password)
{
	char *cpass;
	if (strncmp(encrypted_password, "$1$", 3) == 0
	    || strncasecmp(encrypted_password, "{MD5}", 5) == 0
	    || strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0
	    )
		return (authcheckpasswordmd5(password, encrypted_password));

	if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 ||
	    strncasecmp(encrypted_password, "{SHA256}", 8) == 0 ||
	    strncasecmp(encrypted_password, "{SHA512}", 8) == 0 ||
	    strncasecmp(encrypted_password, "{SSHA}", 6) == 0)
		return (authcheckpasswordsha1(password, encrypted_password));


#if	HAVE_CRYPT
	if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0)
		encrypted_password += 7;
#endif

#if	HAVE_CRYPT

	cpass = crypt(password, encrypted_password);
	if (cpass == NULL) {
		return 1;
	} else {
		return safe_strcmp(encrypted_password, cpass);
	}
#else
	return safe_strcmp(encrypted_password, password);
#endif
}

int authcheckpassword(const char *password, const char *encrypted_password)
{
int rc;

	rc=do_authcheckpassword(password, encrypted_password);
	if (rc == 0)
	{
		DPRINTF("password matches successfully");
	}
	else if (courier_authdebug_login_level >= 2)
	{
		DPRINTF("supplied password '%s' does not match encrypted password '%s'",
			password, encrypted_password);
	}
	else
	{
		DPRINTF("supplied password does not match encrypted password");
	}
	return rc;
}