summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
e14b480)
file with encrypted passwords. The directive 'passwd' specifies user
accounts file with clear-text passwords. The previous version of Zebra
used plain/clear text depending on configuration automatically. That
caused upgrade trouble. Bug #356.
-/* $Id: passwddb.h,v 1.6 2005-01-15 21:45:42 adam Exp $
+/* $Id: passwddb.h,v 1.7 2005-05-30 13:27:08 adam Exp $
Copyright (C) 1995-2005
Index Data ApS
Copyright (C) 1995-2005
Index Data ApS
Passwd_db passwd_db_open (void);
int passwd_db_auth (Passwd_db db, const char *user, const char *pass);
Passwd_db passwd_db_open (void);
int passwd_db_auth (Passwd_db db, const char *user, const char *pass);
-int passwd_db_file (Passwd_db db, const char *fname);
+int passwd_db_file_plain(Passwd_db db, const char *fname);
+int passwd_db_file_crypt(Passwd_db db, const char *fname);
void passwd_db_close (Passwd_db db);
void passwd_db_show (Passwd_db db);
void passwd_db_close (Passwd_db db);
void passwd_db_show (Passwd_db db);
-/* $Id: zebraapi.c,v 1.169 2005-05-17 08:50:49 adam Exp $
+/* $Id: zebraapi.c,v 1.170 2005-05-30 13:27:08 adam Exp $
Copyright (C) 1995-2005
Index Data ApS
Copyright (C) 1995-2005
Index Data ApS
+ const char *passwd_plain = 0;
+ const char *passwd_encrypt = 0;
ZebraService zebra_start (const char *configName)
{
return zebra_start_res(configName, 0, 0);
ZebraService zebra_start (const char *configName)
{
return zebra_start_res(configName, 0, 0);
zebra_chdir (zh);
zebra_mutex_cond_init (&zh->session_lock);
zebra_chdir (zh);
zebra_mutex_cond_init (&zh->session_lock);
- if (!res_get (zh->global_res, "passwd"))
+ passwd_plain = res_get (zh->global_res, "passwd");
+ passwd_encrypt = res_get (zh->global_res, "passwd.c");
+
+ if (!passwd_plain && !passwd_encrypt)
zh->passwd_db = NULL;
else
{
zh->passwd_db = NULL;
else
{
- zh->passwd_db = passwd_db_open ();
+ zh->passwd_db = passwd_db_open();
if (!zh->passwd_db)
yaz_log (YLOG_WARN|YLOG_ERRNO, "passwd_db_open failed");
else
if (!zh->passwd_db)
yaz_log (YLOG_WARN|YLOG_ERRNO, "passwd_db_open failed");
else
- passwd_db_file (zh->passwd_db,
- res_get (zh->global_res, "passwd"));
+ {
+ if (passwd_plain)
+ passwd_db_file_plain(zh->passwd_db, passwd_plain);
+ if (passwd_encrypt)
+ passwd_db_file_crypt(zh->passwd_db, passwd_encrypt);
+ }
}
zh->path_root = res_get (zh->global_res, "root");
zh->nmem = nmem_create();
}
zh->path_root = res_get (zh->global_res, "root");
zh->nmem = nmem_create();
-/* $Id: passtest.c,v 1.5 2005-01-15 19:38:42 adam Exp $
+/* $Id: passtest.c,v 1.6 2005-05-30 13:27:08 adam Exp $
Copyright (C) 1995-2005
Index Data ApS
Copyright (C) 1995-2005
Index Data ApS
- passwd_db_file (db, "/etc/passwd");
- passwd_db_auth (db, "adam", "xtx9Y=");
- passwd_db_close (db);
+ passwd_db_file_plain(db, "/etc/passwd");
+ passwd_db_auth(db, "adam", "xtx9Y=");
+ passwd_db_close(db);
-/* $Id: passwddb.c,v 1.11 2005-05-12 10:10:32 adam Exp $
+/* $Id: passwddb.c,v 1.12 2005-05-30 13:27:08 adam Exp $
Copyright (C) 1995-2005
Index Data ApS
Copyright (C) 1995-2005
Index Data ApS
#include <passwddb.h>
struct passwd_entry {
#include <passwddb.h>
struct passwd_entry {
char *name;
char *des;
struct passwd_entry *next;
char *name;
char *des;
struct passwd_entry *next;
-int passwd_db_file (Passwd_db db, const char *fname)
+static int passwd_db_file_int(Passwd_db db, const char *fname,
+ int encrypt_flag)
{
FILE *f;
char buf[1024];
{
FILE *f;
char buf[1024];
pe = (struct passwd_entry *) xmalloc (sizeof(*pe));
pe->name = xstrdup (name);
pe->des = xstrdup (des);
pe = (struct passwd_entry *) xmalloc (sizeof(*pe));
pe->name = xstrdup (name);
pe->des = xstrdup (des);
+ pe->encrypt_flag = encrypt_flag;
pe->next = db->entries;
db->entries = pe;
}
pe->next = db->entries;
db->entries = pe;
}
-void passwd_db_close (Passwd_db db)
+void passwd_db_close(Passwd_db db)
{
struct passwd_entry *pe = db->entries;
while (pe)
{
struct passwd_entry *pe = db->entries;
while (pe)
-void passwd_db_show (Passwd_db db)
+void passwd_db_show(Passwd_db db)
{
struct passwd_entry *pe;
for (pe = db->entries; pe; pe = pe->next)
yaz_log (YLOG_LOG,"%s:%s", pe->name, pe->des);
}
{
struct passwd_entry *pe;
for (pe = db->entries; pe; pe = pe->next)
yaz_log (YLOG_LOG,"%s:%s", pe->name, pe->des);
}
-int passwd_db_auth (Passwd_db db, const char *user, const char *pass)
+int passwd_db_auth(Passwd_db db, const char *user, const char *pass)
{
struct passwd_entry *pe;
{
struct passwd_entry *pe;
-#if HAVE_CRYPT_H
- char salt[3];
- const char *des_try;
-#endif
for (pe = db->entries; pe; pe = pe->next)
if (user && !strcmp (user, pe->name))
break;
if (!pe)
return -1;
for (pe = db->entries; pe; pe = pe->next)
if (user && !strcmp (user, pe->name))
break;
if (!pe)
return -1;
+ if (pe->encrypt_flag)
+ {
- if (strlen (pe->des) < 3)
- return -3;
- if (!pass)
- return -2;
- memcpy (salt, pe->des, 2);
- salt[2] = '\0';
- des_try = crypt (pass, salt);
- if (strcmp (des_try, pe->des))
- return -2;
+ char salt[3];
+ const char *des_try;
+ if (strlen (pe->des) < 3)
+ return -3;
+ if (!pass)
+ return -2;
+ memcpy (salt, pe->des, 2);
+ salt[2] = '\0';
+ des_try = crypt (pass, salt);
+ if (strcmp (des_try, pe->des))
+ return -2;
- if (strcmp (pe->des, pass))
+ }
+ else
+ {
+ if (strcmp (pe->des, pass))
+ return -2;
+ }
+int passwd_db_file_crypt(Passwd_db db, const char *fname)
+{
+#if HAVE_CRYPT_H
+ return passwd_db_file_int(db, fname, 1);
+#else
+ return -1;
+#endif
+}
+
+int passwd_db_file_plain(Passwd_db db, const char *fname)
+{
+ return passwd_db_file_int(db, fname, 0);
+}
+