comparison: src/server/daemon/keyfile_auth.c
src/server/daemon/keyfile_auth.c
- changeset 97
- 09fbefc0e6a9
- parent 88
- 73b3485e96f1
- child 99
- b9a6af0ae41a
equal
deleted
inserted
replaced
| 96:0185b13bf41f | 97:09fbefc0e6a9 |
|---|---|
| 95 user->hash = malloc(hash.length + 1); | 95 user->hash = malloc(hash.length + 1); |
| 96 user->hashlen = util_base64decode(hash.ptr, hash.length, user->hash); | 96 user->hashlen = util_base64decode(hash.ptr, hash.length, user->hash); |
| 97 | 97 |
| 98 user->groups = calloc(ngroups, sizeof(sstr_t)); | 98 user->groups = calloc(ngroups, sizeof(sstr_t)); |
| 99 for(int i=0;i<ngroups;i++) { | 99 for(int i=0;i<ngroups;i++) { |
| 100 //user->groups[i] = sstrdup(groups[i]); | 100 user->groups[i] = sstrdup(groups[i]); |
| 101 sstrdup(groups[i]); | 101 //sstrdup(groups[i]); // wtf? |
| 102 } | 102 } |
| 103 | 103 |
| 104 // add to keyfile | 104 // add to keyfile |
| 105 ucx_map_sstr_put(keyfile->users, name, user); | 105 ucx_map_sstr_put(keyfile->users, name, user); |
| 106 } | 106 } |
| 137 | 137 |
| 138 | 138 |
| 139 int ssha_verify(KeyfileUser *user, char *password) { | 139 int ssha_verify(KeyfileUser *user, char *password) { |
| 140 /* | 140 /* |
| 141 * SSHA: SHA1(pw + salt) + 8 bytes salt | 141 * SSHA: SHA1(pw + salt) + 8 bytes salt |
| 142 * the SSHA hash is already base64 decoded | 142 * user->hash is already base64 decoded |
| 143 */ | 143 */ |
| 144 | |
| 145 // TODO: variable length salt | |
| 144 | 146 |
| 145 char *salt = user->hash + user->hashlen - 8; // last 8 bytes are the salt | 147 char *salt = user->hash + user->hashlen - 8; // last 8 bytes are the salt |
| 146 size_t pwlen = strlen(password); | 148 size_t pwlen = strlen(password); |
| 147 | 149 |
| 148 size_t saltpwlen = pwlen + 8; | 150 size_t saltpwlen = pwlen + 8; |
