[prev in list] [next in list] [prev in thread] [next in thread]
List: courier-users
Subject: [courier-users] Authorization with mysql - md5
From: "Rafal (sxat)" <gonzak () op ! pl>
Date: 2006-09-28 13:22:09
Message-ID: BE7557148F734F88A92CED0C68ECDB8E () sxat
[Download RAW message or body]
Hello!
How maybe check this source (i am adding authorized from mysql when password
is in md5 (in mysql md5(password field) without base64 ..).
Regards
Rafal
["md5test.c" (application/octet-stream)]
/*
** Copyright 1998 - 2000 Double Precision, Inc.
** See COPYING for distribution information.
*/
#include <stdio.h>
#include <string.h>
#include "md5.h"
int main()
{
static const char * const teststr[]={
"",
"a",
"abc",
"message digest",
"abcdefghijklmnopqrstuvwxyz",
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
"12345678901234567890123456789012345678901234567890123456789012345678901234567890"};
char *salts[4]={"abcdef","01234567","76543210","QWERTY"};
char *passwds[4]={ "rosebud",
"trust noone",
"trust, but verify",
"for the world is hollow, and I have touched the sky"};
int i,j;
printf("MD5 test suite:\n");
for (i=0; i<(int)sizeof(teststr)/sizeof(teststr[0]); i++)
{
MD5_DIGEST digest;
md5_digest(teststr[i], strlen(teststr[i]), digest);
printf("MD5 (\"%s\") = ", teststr[i]);
for (j=0; j<sizeof(digest); j++)
printf("%02x", digest[j]);
printf("\n");
}
for (i=0; i<sizeof(salts)/sizeof(salts[0]); i++)
printf("Salt: %s\nPassword: %s\nHash:%s\n\n",
salts[i], passwds[i],
md5_crypt_redhat(passwds[i], salts[i]));
printf("MD5_hash_rfc: %s\n", md5_hash_rfc("hello"));
return (0);
}
["md5_hash.c" (application/octet-stream)]
/*
** Copyright 2000 Double Precision, Inc.
** See COPYING for distribution information.
*/
#include "md5.h"
#include <string.h>
#include <stdio.h>
static const char rcsid[]="$Id: md5_hash.c,v 1.5 2002/12/12 04:23:58 mrsam Exp $";
static const char base64tab[]=
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
const char *md5_hash_courier(const char *passw)
{
MD5_DIGEST md5buf;
static char hash_buffer[1+(sizeof(md5buf)+2)/3*4];
int a=0,b=0,c=0;
int i, j;
int d, e, f, g;
md5_digest(passw, strlen(passw), md5buf);
j=0;
for (i=0; i<sizeof(md5buf); i += 3)
{
a=md5buf[i];
b= i+1 < sizeof(md5buf) ? md5buf[i+1]:0;
c= i+2 < sizeof(md5buf) ? md5buf[i+2]:0;
d=base64tab[ a >> 2 ];
e=base64tab[ ((a & 3 ) << 4) | (b >> 4)];
f=base64tab[ ((b & 15) << 2) | (c >> 6)];
g=base64tab[ c & 63 ];
if (i + 1 >= sizeof(md5buf)) f='=';
if (i + 2 >= sizeof(md5buf)) g='=';
hash_buffer[j++]=d;
hash_buffer[j++]=e;
hash_buffer[j++]=f;
hash_buffer[j++]=g;
}
hash_buffer[j]=0;
return (hash_buffer);
}
const char *md5_hash_rfc(const char *passw)
{
MD5_DIGEST md5buf;
static char hash_buffer[33];
char *hash=hash_buffer;
int i;
md5_digest(passw, strlen(passw), md5buf);
for (i=0; i<sizeof(md5buf); i++)
{
sprintf(hash,"%.2x",md5buf[i]);
hash+=2;
}
*hash=0;
return (hash_buffer);
}
["md5.h" (application/octet-stream)]
["checkpasswordmd5.c" (application/octet-stream)]
/*
** Copyright 1998 - 1999 Double Precision, Inc. See COPYING for
** distribution information.
*/
#include <stdio.h>
#if HAVE_CONFIG_H
#include "courier_auth_config.h"
#endif
#include <string.h>
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "md5/md5.h"
#include "auth.h"
static const char rcsid[]="$Id: checkpasswordmd5.c,v 1.7 2004/10/21 00:10:49 mrsam Exp $";
int authcheckpasswordmd5(const char *password, const char *encrypted_password)
{
if (strncmp(encrypted_password, "$1$", 3) == 0)
{
return (strcmp(encrypted_password,
md5_crypt(password, encrypted_password)));
}
if (strncasecmp(encrypted_password, "{MD5}", 5) == 0)
{
return (strcmp(encrypted_password+5, md5_hash_courier(password)));
}
if (strncasecmp(encrypted_password, "{MD5rfc}", 8) == 0)
{
return (strcmp(encrypted_password+8, md5_hash_rfc(password)));
}
return (-1);
}
["checkpassword.c" (application/octet-stream)]
/*
** Copyright 1998 - 1999 Double Precision, Inc. See COPYING for
** distribution information.
*/
#include <stdio.h>
#if HAVE_CONFIG_H
#include "courier_auth_config.h"
#endif
#include <string.h>
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
#include "auth.h"
#include "courierauthdebug.h"
static const char rcsid[]="$Id: checkpassword.c,v 1.14 2005/07/10 00:47:37 mrsam Exp $";
#if HAVE_CRYPT
#if NEED_CRYPT_PROTOTYPE
extern char *crypt(const char *, const char *);
#endif
#endif
#if HAVE_MD5LIB
extern int authcheckpasswordmd5(const char *, const char *);
#endif
#if HAVE_SHA1LIB
extern int authcheckpasswordsha1(const char *, const char *);
#endif
static int do_authcheckpassword(const char *password, const char *encrypted_password)
{
#if HAVE_MD5LIB
if (strncmp(encrypted_password, "$1$", 3) == 0
|| strncasecmp(encrypted_password, "{MD5}", 5) == 0
|| strncasecmp(encrypted_password, "{MD5rfc}", 8) == 0
)
return (authcheckpasswordmd5(password, encrypted_password));
#endif
#if HAVE_SHA1LIB
if (strncasecmp(encrypted_password, "{SHA}", 5) == 0 ||
strncasecmp(encrypted_password, "{SHA256}", 8) == 0
)
return (authcheckpasswordsha1(password, encrypted_password));
#endif
#if HAVE_CRYPT
if (strncasecmp(encrypted_password, "{CRYPT}", 7) == 0)
encrypted_password += 7;
#endif
return (
#if HAVE_CRYPT
strcmp(encrypted_password,
crypt(password, encrypted_password))
#else
strcmp(encrypted_password, password)
#endif
);
}
int authcheckpassword(const char *password, const char *encrypted_password)
{
int rc;
rc=do_authcheckpassword(password, encrypted_password);
if (rc == 0)
DPRINTF("password matches successfully");
else if (courier_authdebug_login_level >= 2)
DPRINTF("supplied password '%s' does not match encrypted password '%s'",
password, encrypted_password);
else
DPRINTF("supplied password does not match encrypted password");
return rc;
}
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic