--- a/src/server/daemon/keyfile_auth.c Mon Nov 04 10:55:27 2013 +0100 +++ b/src/server/daemon/keyfile_auth.c Sun Aug 17 15:15:32 2014 +0200 @@ -97,8 +97,8 @@ user->groups = calloc(ngroups, sizeof(sstr_t)); for(int i=0;i<ngroups;i++) { - //user->groups[i] = sstrdup(groups[i]); - sstrdup(groups[i]); + user->groups[i] = sstrdup(groups[i]); + //sstrdup(groups[i]); // wtf? } // add to keyfile @@ -139,9 +139,11 @@ int ssha_verify(KeyfileUser *user, char *password) { /* * SSHA: SHA1(pw + salt) + 8 bytes salt - * the SSHA hash is already base64 decoded + * user->hash is already base64 decoded */ + // TODO: variable length salt + char *salt = user->hash + user->hashlen - 8; // last 8 bytes are the salt size_t pwlen = strlen(password);