Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1331:d55cf9c28062 HEAD
MD5crypt password fixes.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Fri, 04 Apr 2003 02:42:54 +0300 |
| parents | 7cde19dbe754 |
| children | f2f3fe0916c1 |
| files | src/auth/md5crypt.c src/auth/md5crypt.h src/auth/password-scheme.c |
| diffstat | 3 files changed, 14 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/md5crypt.c Wed Apr 02 05:09:41 2003 +0300 +++ b/src/auth/md5crypt.c Fri Apr 04 02:42:54 2003 +0300 @@ -44,11 +44,11 @@ * Use MD5 for what it is best at... */ -char * +const char * md5_crypt(const char *pw, const char *salt) { - static char passwd[120], *p; - static const char *sp,*ep; + char passwd[120], *p; + const char *sp,*ep; unsigned char final[16]; int sl,pl,i,j; struct md5_context ctx,ctx1; @@ -143,5 +143,5 @@ /* Don't leave anything around in vm they could use. */ memset(final,0,sizeof final); - return passwd; + return t_strdup(passwd); }
--- a/src/auth/md5crypt.h Wed Apr 02 05:09:41 2003 +0300 +++ b/src/auth/md5crypt.h Fri Apr 04 02:42:54 2003 +0300 @@ -1,6 +1,6 @@ #ifndef __MD5CRYPT_H #define __MD5CRYPT_H -char *md5_crypt(const char *pw, const char *salt); +const char *md5_crypt(const char *pw, const char *salt); #endif
--- a/src/auth/password-scheme.c Wed Apr 02 05:09:41 2003 +0300 +++ b/src/auth/password-scheme.c Fri Apr 04 02:42:54 2003 +0300 @@ -59,8 +59,15 @@ return NULL; if (strncmp(*password, "$1$", 3) == 0) { - *password = t_strcut(*password + 3, '$'); - return "MD5"; + /* skip the salt */ + p = strchr(*password + 3, '$'); + if (p != NULL) { + /* stop at next '$' */ + p = strchr(p+1, '$'); + if (p != NULL) + *password = t_strdup_until(*password, p); + return "MD5"; + } } if (**password != '{')