You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by je...@apache.org on 2003/11/16 20:17:14 UTC
cvs commit: apr-util/crypto apr_md5.c
jerenkrantz 2003/11/16 11:17:14
Modified: . CHANGES
crypto apr_md5.c
Log:
Add SHA1 support to apr_password_validate().
Submitted by: Paul Querna <chip force-elite.com>
Reviewed by: Justin Erenkrantz
Revision Changes Path
1.120 +3 -0 apr-util/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apr-util/CHANGES,v
retrieving revision 1.119
retrieving revision 1.120
diff -u -u -r1.119 -r1.120
--- CHANGES 6 Oct 2003 20:39:09 -0000 1.119
+++ CHANGES 16 Nov 2003 19:17:14 -0000 1.120
@@ -1,5 +1,8 @@
Changes with APR-util 1.0
+ *) Add SHA1 support to apr_password_validate.
+ [Paul Querna <chip force-elite.com>]
+
*) Pass error codes returned from constructors all the way back to
the reslist consumer. Also fix a minor reslist memory leak that could
happen when a constructor returns an error code. PR 23492.
1.8 +8 -4 apr-util/crypto/apr_md5.c
Index: apr_md5.c
===================================================================
RCS file: /home/cvs/apr-util/crypto/apr_md5.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -u -r1.7 -r1.8
--- apr_md5.c 2 Jun 2003 13:47:57 -0000 1.7
+++ apr_md5.c 16 Nov 2003 19:17:14 -0000 1.8
@@ -99,6 +99,7 @@
#include "apr_md5.h"
#include "apr_lib.h"
#include "apu_config.h"
+#include "apr_sha1.h"
#if APR_HAVE_STRING_H
#include <string.h>
@@ -703,10 +704,10 @@
#endif
/*
- * Validate a plaintext password against a smashed one. Use either
- * crypt() (if available) or apr_md5_encode(), depending upon the format
- * of the smashed input password. Return APR_SUCCESS if they match, or
- * APR_EMISMATCH if they don't.
+ * Validate a plaintext password against a smashed one. Uses either
+ * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending
+ * upon the format of the smashed input password. Returns APR_SUCCESS if
+ * they match, or APR_EMISMATCH if they don't.
*/
APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd,
@@ -721,6 +722,9 @@
* The hash was created using our custom algorithm.
*/
apr_md5_encode(passwd, hash, sample, sizeof(sample));
+ }
+ else if(!strncmp(hash, APR_SHA1PW_ID, strlen(APR_SHA1PW_ID))) {
+ apr_sha1_base64(passwd, strlen(passwd), sample);
}
else {
/*