diff options
Diffstat (limited to 'src/apop.c')
-rw-r--r-- | src/apop.c | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/src/apop.c b/src/apop.c new file mode 100644 index 0000000..ce423a5 --- /dev/null +++ b/src/apop.c | |||
@@ -0,0 +1,84 @@ | |||
1 | /* This file is part of tagr. | ||
2 | Copyright (C) 2009 Sergey Poznyakoff | ||
3 | |||
4 | This program is free software; you can redistribute it and/or modify | ||
5 | it under the terms of the GNU General Public License as published by | ||
6 | the Free Software Foundation; either version 3, or (at your option) | ||
7 | any later version. | ||
8 | |||
9 | This program is distributed in the hope that it will be useful, | ||
10 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
11 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
12 | GNU General Public License for more details. | ||
13 | |||
14 | You should have received a copy of the GNU General Public License | ||
15 | along with this program. If not, see <http://www.gnu.org/licenses/>. */ | ||
16 | |||
17 | #ifdef HAVE_CONFIG_H | ||
18 | # include <config.h> | ||
19 | #endif | ||
20 | |||
21 | #include <unistd.h> | ||
22 | #include <fcntl.h> | ||
23 | #include <stdlib.h> | ||
24 | #include <stdio.h> | ||
25 | #include <string.h> | ||
26 | #include <tagr.h> | ||
27 | |||
28 | #include <md5.h> | ||
29 | |||
30 | static char *msg_id; | ||
31 | |||
32 | const char * | ||
33 | tagr_auth_init () | ||
34 | { | ||
35 | asprintf (&msg_id, "<%lu.%lu@%s>", | ||
36 | (unsigned long) getpid (), | ||
37 | (unsigned long) time (NULL), | ||
38 | hostname); | ||
39 | return msg_id; | ||
40 | } | ||
41 | |||
42 | static int | ||
43 | verify_apop (const char *password, const char *user_digest) | ||
44 | { | ||
45 | int i; | ||
46 | struct md5_ctx md5context; | ||
47 | unsigned char md5digest[16]; | ||
48 | char buf[sizeof (md5digest) * 2 + 1]; | ||
49 | char *p; | ||
50 | |||
51 | md5_init_ctx (&md5context); | ||
52 | md5_process_bytes (msg_id, strlen (msg_id), &md5context); | ||
53 | md5_process_bytes (password, strlen (password), &md5context); | ||
54 | md5_finish_ctx (&md5context, md5digest); | ||
55 | |||
56 | for (i = 0, p = buf; i < 16; i++, p += 2) | ||
57 | sprintf (p, "%02x", md5digest[i]); | ||
58 | return strcmp (user_digest, buf); | ||
59 | } | ||
60 | |||
61 | int | ||
62 | tagr_auth (const char *username, const char *authstr) | ||
63 | { | ||
64 | int rc = 1; | ||
65 | char *password; | ||
66 | |||
67 | rc = udb_get_password (username, &password); | ||
68 | if (rc == 1) | ||
69 | { | ||
70 | logmsg (L_ERR, _("no such user `%s'"), username); | ||
71 | } | ||
72 | else if (rc == 0) | ||
73 | { | ||
74 | rc = verify_apop (password, authstr); | ||
75 | if (rc) | ||
76 | logmsg (L_ERR, _("authentication failed for `%s'"), | ||
77 | username); | ||
78 | else | ||
79 | verbose (1, _("%s authenticated"), username); | ||
80 | udb_free_password (password); | ||
81 | } | ||
82 | return rc; | ||
83 | } | ||
84 | |||