diff options
| author | Wilmer van der Gaast <wilmer@gaast.net> | 2008-03-16 16:03:52 +0000 |
|---|---|---|
| committer | Wilmer van der Gaast <wilmer@gaast.net> | 2008-03-16 16:03:52 +0000 |
| commit | 4e8db1c0141f74dc6156a57739613483344b358d (patch) | |
| tree | 4a0dbad1ddf9c41cac3961a7ddd14573b2bb0b4e /storage_xml.c | |
| parent | 50d26f33935aadc556dd3e79829b1ca01bbceab9 (diff) | |
Moved password hash verification to md5_verify_password() so this can be
reused for IRC/OPER passwords (to have encrypted in bitlbee.conf).
Diffstat (limited to 'storage_xml.c')
| -rw-r--r-- | storage_xml.c | 41 |
1 files changed, 11 insertions, 30 deletions
diff --git a/storage_xml.c b/storage_xml.c index 6ea4d442..f37fce44 100644 --- a/storage_xml.c +++ b/storage_xml.c @@ -79,49 +79,30 @@ static void xml_start_element( GMarkupParseContext *ctx, const gchar *element_na { char *nick = xml_attr( attr_names, attr_values, "nick" ); char *pass = xml_attr( attr_names, attr_values, "password" ); - md5_byte_t *pass_dec = NULL; + int st; if( !nick || !pass ) { g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, "Missing attributes for %s element", element_name ); } - else if( base64_decode( pass, &pass_dec ) != 21 ) + else if( ( st = md5_verify_password( xd->given_pass, pass ) ) == -1 ) { + xd->pass_st = XML_PASS_WRONG; g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, "Error while decoding password attribute" ); } + else if( st == 0 ) + { + if( xd->pass_st != XML_PASS_CHECK_ONLY ) + xd->pass_st = XML_PASS_OK; + } else { - md5_byte_t pass_md5[16]; - md5_state_t md5_state; - int i; - - md5_init( &md5_state ); - md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) ); - md5_append( &md5_state, (md5_byte_t*) pass_dec + 16, 5 ); /* Hmmm, salt! */ - md5_finish( &md5_state, pass_md5 ); - - for( i = 0; i < 16; i ++ ) - { - if( pass_dec[i] != pass_md5[i] ) - { - xd->pass_st = XML_PASS_WRONG; - g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, - "Password mismatch" ); - break; - } - } - - /* If we reached the end of the loop, it was a match! */ - if( i == 16 ) - { - if( xd->pass_st != XML_PASS_CHECK_ONLY ) - xd->pass_st = XML_PASS_OK; - } + xd->pass_st = XML_PASS_WRONG; + g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT, + "Password mismatch" ); } - - g_free( pass_dec ); } else if( xd->pass_st < XML_PASS_OK ) { |