Roxen.git / server / modules / ldap / userdb_ldap.pike

version» Context lines:

Roxen.git/server/modules/ldap/userdb_ldap.pike:11:   #define DEBUGLOG(s) werror("LDAPuserdb: "+s+"\n")   #else   #define DEBUGLOG(s)   #endif      #define LOG_ALL 1      #define ROXEN_HASH_SIGN "{x-roxen-hash}"      constant cvs_version = -  "$Id: userdb_ldap.pike,v 1.15 2009/05/07 14:15:55 mast Exp $"; +  "$Id$";   inherit UserDB;   inherit "module";      constant name = "ldapuserdb";   constant module_unique = 0;      //<locale-token project="mod_userdb_ldap">_</locale-token>   #define _(X,Y) _DEF_LOCALE("mod_userdb_ldap",X,Y)      #include <module.h>
Roxen.git/server/modules/ldap/userdb_ldap.pike:92:    } else if(query("CI_cache_password"))    flg = pass[rhs..] == password;    else    flg = bind_dir(dn(), password);    DEBUGLOG("pass_auth("+name()+") "+(flg?"successed":"failed")+".");    if(flg) pwent[1] = ROXEN_HASH_SIGN + password;    return flg;    }    }    -  // Digests {CRYPT}, {SH1}, {SSHA}, {MD5} and {SMD5} -  string sv, salt; -  if (sizeof(pass) > 6) -  switch (upper_case(pass[..4])) { -  case "{SHA}" : -  flg = (pass[5..] == MIME.encode_base64(Crypto.SHA1()->update(password)->digest())); -  DEBUGLOG ("Trying SHA digest ..."); -  break; -  -  case "{SSHA" : -  if (sizeof(pass) > 7 && pass[5] == '}') { -  if(sscanf(MIME.decode_base64(pass[6..]),"%20s%s",sv,salt) != 2 || sizeof(sv) != 20 || sizeof(salt) < 4) -  break; -  flg = (pass[6..] == MIME.encode_base64(Crypto.SHA1()->update(password+salt)->digest()+salt)); -  DEBUGLOG ("Trying SSHA digest ..."); +  if (has_prefix(pass, "{")) { +  // RFC 2307 +  // Digests {CRYPT}, {SH1}, {SSHA}, {MD5} and {SMD5}. +  flg = verify_password(password, pass); +  } else { +  flg = pass == password;    } -  break; +     -  case "{MD5}" : -  flg = (pass[5..] == MIME.encode_base64(Crypto.MD5()->update(password)->digest())); -  DEBUGLOG ("Trying MD5 digest ..."); -  break; -  -  case "{SMD5" : -  if (sizeof(pass) > 7 && pass[5] == '}') { -  if(sscanf(MIME.decode_base64(pass[6..]),"%16s%s",sv,salt) != 2 || sizeof(sv) != 16 || sizeof(salt) < 4) -  break; -  flg = (pass[6..] == MIME.encode_base64(Crypto.MD5()->update(password+salt)->digest()+salt)); -  DEBUGLOG ("Trying SMD5 digest ..."); -  } -  break; -  -  case "{CRYP" : -  if (sizeof(pass) > 7 && pass[5..6] == "T}") { -  flg = !crypt(password,pass[7..]); -  DEBUGLOG ("Trying CRYPT digest ..."); -  } -  break; -  -  default: -  flg = pass == password; -  break; -  } // switch -  else -  flg = pass == password; -  +     if(flg) {    DEBUGLOG("pass_auth("+name()+") successed.");    return 1;    }       //return(crypt(password, pass));    DEBUGLOG("pass_auth("+name()+") failed.");    return 0;    }   
Roxen.git/server/modules/ldap/userdb_ldap.pike:306:   }      int username_parsing_is_positional() {       return !(query("CI_username_parse") == "positional");   }         int default_uid() {    - #if efun(geteuid) + #if constant(geteuid)    return(geteuid());   #else    return(0);   #endif   }      /*    * Object management and configuration variables definitions    */