You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@labs.apache.org by pq...@apache.org on 2009/03/15 09:17:53 UTC
svn commit: r754629 - /labs/orthrus/trunk/src/userdb.c
Author: pquerna
Date: Sun Mar 15 08:17:52 2009
New Revision: 754629
URL: http://svn.apache.org/viewvc?rev=754629&view=rev
Log:
Improve decode_reply a bit.
Modified:
labs/orthrus/trunk/src/userdb.c
Modified: labs/orthrus/trunk/src/userdb.c
URL: http://svn.apache.org/viewvc/labs/orthrus/trunk/src/userdb.c?rev=754629&r1=754628&r2=754629&view=diff
==============================================================================
--- labs/orthrus/trunk/src/userdb.c (original)
+++ labs/orthrus/trunk/src/userdb.c Sun Mar 15 08:17:52 2009
@@ -138,12 +138,12 @@
const char **challenge,
apr_pool_t *pool)
{
- orthrus_error_t* rv;
+ orthrus_error_t* err;
orthrus_user_t *user;
- rv = userdb_get_user(ort, username, &user);
- if (rv) {
- return rv;
+ err = userdb_get_user(ort, username, &user);
+ if (err) {
+ return err;
}
/* TODO: Configurable algorithms */
@@ -194,9 +194,9 @@
static orthrus_error_t* decode_reply(orthrus_t *ort,
const char *reply,
- orthrus_response_t **resp)
+ orthrus_response_t **out_resp)
{
-
+ orthrus_response_t *resp;
/* TODO: Support Six word dictionary decoding.
* (note, its just a SHOULD from the RFC) */
@@ -204,9 +204,15 @@
* If a six-word encoded one-time password is valid, it is accepted.
* Otherwise, if the one-time password can be interpreted as hexadecimal, and
* with that decoding it is valid, then it is accepted.*/
+ resp = apr_pcalloc(ort->pool, sizeof(orthrus_response_t));
+ resp->pool = ort->pool;
+
+ /* TODO: standard dictionary decode */
-
- *resp = apr_pcalloc(ort->pool, sizeof(orthrus_response_t));
+ orthrus__decode_hex(reply, &resp->reply);
+
+ *out_resp = resp;
+
return ORTHRUS_SUCCESS;
}
@@ -227,19 +233,20 @@
const char *reply,
apr_pool_t *pool)
{
- orthrus_error_t* rv;
+ apr_uint64_t last = 0;
+ orthrus_error_t* err;
orthrus_challenge_t ch;
orthrus_user_t *user;
orthrus_response_t *resp;
- rv = userdb_get_user(ort, username, &user);
- if (rv) {
- return rv;
+ err = userdb_get_user(ort, username, &user);
+ if (err) {
+ return err;
}
- rv = decode_challenge(ort, challenge, &ch);
- if (rv) {
- return rv;
+ err = decode_challenge(ort, challenge, &ch);
+ if (err) {
+ return err;
}
@@ -251,11 +258,24 @@
return orthrus_error_create(APR_EGENERAL, "sequence changed between challenge and verification.");
}
- rv = decode_reply(ort, reply, &resp);
+ err = decode_reply(ort, reply, &resp);
- if (rv) {
- return rv;
+ if (err) {
+ return err;
}
+
+ err = orthrus__alg_md5_cycle(1, resp);
+ if (err) {
+ return err;
+ }
+
+ orthrus__decode_hex(user->lastreply, &last);
- return orthrus_error_create(APR_ENOTIMPL, "userdb functionality is not complete");
+ if (last != resp->reply) {
+ return orthrus_error_createf(APR_EGENERAL,
+ "invalid response. expected=%"APR_UINT64_T_HEX_FMT" got=%"APR_UINT64_T_HEX_FMT"",
+ last, resp->reply);
+ }
+
+ return ORTHRUS_SUCCESS;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org