Mercurial > dovecot > original-hg > dovecot-1.2
changeset 2366:33c584ef528a HEAD
Support MD5 passwords. Patch by Pascal Malterre
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 26 Jul 2004 18:42:52 +0300 |
parents | 979af608d7c4 |
children | 203938a7f45e |
files | src/auth/passdb-vpopmail.c |
diffstat | 1 files changed, 19 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/passdb-vpopmail.c Mon Jul 26 18:30:11 2004 +0300 +++ b/src/auth/passdb-vpopmail.c Mon Jul 26 18:42:52 2004 +0300 @@ -10,6 +10,7 @@ #include "common.h" #include "safe-memset.h" #include "passdb.h" +#include "password-scheme.h" #include "mycrypt.h" #include "userdb-vpopmail.h" @@ -22,7 +23,9 @@ { char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT]; struct vqpasswd *vpw; - int result; + const char *crypted_pass; + const char *scheme; + int ret; vpw = vpopmail_lookup_vqp(request->user, vpop_user, vpop_domain); @@ -43,16 +46,26 @@ return; } - /* verify password */ - result = strcmp(mycrypt(password, vpw->pw_passwd), vpw->pw_passwd) == 0; + crypted_pass = vpw->pw_passwd; + scheme = password_get_scheme(&crypted_pass); + if (scheme == NULL) scheme = "CRYPT"; + + ret = password_verify(password, crypted_pass, scheme, request->user); + safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd)); + if (vpw->pw_clear_passwd != NULL) { + safe_memset(vpw->pw_clear_passwd, 0, + strlen(vpw->pw_clear_passwd)); + } - if (!result) { - if (verbose) { + if (ret <= 0) { + if (ret < 0) { + i_error("vpopmail(%s): Unknown password scheme %s", + get_log_prefix(request), scheme); + } else if (verbose) { i_info("vpopmail(%s): password mismatch", get_log_prefix(request)); } - callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); return; }