summaryrefslogtreecommitdiff
path: root/sql
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2006-06-27 19:01:58 +0000
committerSergey Poznyakoff <gray@gnu.org.ua>2006-06-27 19:01:58 +0000
commit4dbde7f53b025eb6704ea5b55c8f5bc91a832bea (patch)
tree5c6f5e4c1ae9fc60af48c85043b8bc50a104cd14 /sql
parent3b373a64fe7c6cd856897a32e4834cf125797713 (diff)
downloadmailutils-4dbde7f53b025eb6704ea5b55c8f5bc91a832bea.tar.gz
mailutils-4dbde7f53b025eb6704ea5b55c8f5bc91a832bea.tar.bz2
Implement verification against mysql v4 passwords
Diffstat (limited to 'sql')
-rw-r--r--sql/mysql.c61
1 files changed, 32 insertions, 29 deletions
diff --git a/sql/mysql.c b/sql/mysql.c
index da7330047..9961ce341 100644
--- a/sql/mysql.c
+++ b/sql/mysql.c
@@ -25,6 +25,7 @@
#include <mysql/mysql.h>
#include <mysql/errmsg.h>
+#include <sha1.h>
struct mu_mysql_data
{
@@ -250,11 +251,10 @@ scramble_password (unsigned long *result, const char *password)
result[1] = nr2 & (((unsigned long) 1L << 31) -1L);
}
-#if 0
static void
octet2hex (char *to, const unsigned char *str, unsigned len)
{
- const char *str_end= str + len;
+ const unsigned char *str_end= str + len;
static char d[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ( ; str != str_end; ++str)
@@ -266,16 +266,13 @@ octet2hex (char *to, const unsigned char *str, unsigned len)
}
#define SHA1_HASH_SIZE 20
-int
+static int
mu_check_mysql_4x_password (const char *scrambled, const char *message)
{
struct sha1_ctx sha1_context;
- uint8 hash_stage2[SHA1_HASH_SIZE];
+ unsigned char hash_stage2[SHA1_HASH_SIZE];
char to[2*SHA1_HASH_SIZE + 2];
- if (!to)
- return 1;
-
/* stage 1: hash password */
sha1_init_ctx (&sha1_context);
sha1_process_bytes (message, strlen (message), &sha1_context);
@@ -287,37 +284,22 @@ mu_check_mysql_4x_password (const char *scrambled, const char *message)
sha1_finish_ctx (&sha1_context, hash_stage2);
/* convert hash_stage2 to hex string */
- *to++= '*';
- octet2hex (to, hash_stage2, SHA1_HASH_SIZE);
+ to[0] = '*';
+ octet2hex (to + 1, hash_stage2, SHA1_HASH_SIZE);
/* Compare both strings */
return memcmp (to, scrambled, strlen (scrambled));
}
-#endif
-/* Check whether a plaintext password MESSAGE matches MySQL scrambled password
- PASSWORD */
-int
-mu_check_mysql_scrambled_password (const char *scrambled, const char *message)
+static int
+mu_check_mysql_3x_password (const char *scrambled, const char *message)
{
unsigned long hash_pass[2], hash_message[2];
char buf[17];
- if (strlen (scrambled) < 16)
- return 1;
- if (strlen (scrambled) > 16)
- {
- const char *p;
- /* Try to normalize it by cutting off trailing whitespace */
- for (p = scrambled + strlen (scrambled) - 1;
- p > scrambled && isspace (*p); p--)
- ;
- if (p - scrambled != 15)
- return 1;
- memcpy (buf, scrambled, 16);
- buf[17] = 0;
- scrambled = buf;
- }
+ memcpy (buf, scrambled, 16);
+ buf[16] = 0;
+ scrambled = buf;
get_salt_from_scrambled (hash_pass, scrambled);
scramble_password (hash_message, message);
@@ -325,6 +307,27 @@ mu_check_mysql_scrambled_password (const char *scrambled, const char *message)
&& hash_message[1] == hash_pass[1]);
}
+/* Check whether a plaintext password MESSAGE matches MySQL scrambled password
+ PASSWORD */
+int
+mu_check_mysql_scrambled_password (const char *scrambled, const char *message)
+{
+ const char *p;
+
+ /* Try to normalize it by cutting off trailing whitespace */
+ for (p = scrambled + strlen (scrambled) - 1;
+ p > scrambled && isspace (*p); p--)
+ ;
+ switch (p - scrambled)
+ {
+ case 15:
+ return mu_check_mysql_3x_password (scrambled, message);
+ case 40:
+ return mu_check_mysql_4x_password (scrambled, message);
+ }
+ return 1;
+}
+
/* Register module */
MU_DECL_SQL_DISPATCH_T(mysql) = {

Return to:

Send suggestions and report system problems to the System administrator.