Back to index

openldap  2.4.31
netscape.c
Go to the documentation of this file.
00001 /* $OpenLDAP$ */
00002 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
00003  *
00004  * Copyright 1998-2012 The OpenLDAP Foundation.
00005  * All rights reserved.
00006  *
00007  * Redistribution and use in source and binary forms, with or without
00008  * modification, are permitted only as authorized by the OpenLDAP
00009  * Public License.
00010  *
00011  * A copy of this license is available in the file LICENSE in the
00012  * top-level directory of the distribution or, alternatively, at
00013  * <http://www.OpenLDAP.org/license.html>.
00014  */
00015 
00016 #include <unistd.h>
00017 
00018 #include <lber.h>
00019 #include <lber_pvt.h>
00020 #include "lutil.h"
00021 #include "lutil_md5.h"
00022 #include <ac/string.h>
00023 
00024 static LUTIL_PASSWD_CHK_FUNC chk_ns_mta_md5;
00025 static const struct berval scheme = BER_BVC("{NS-MTA-MD5}");
00026 
00027 #define NS_MTA_MD5_PASSLEN  64
00028 static int chk_ns_mta_md5(
00029        const struct berval *scheme,
00030        const struct berval *passwd,
00031        const struct berval *cred,
00032        const char **text )
00033 {
00034        lutil_MD5_CTX MD5context;
00035        unsigned char MD5digest[LUTIL_MD5_BYTES], c;
00036        char buffer[LUTIL_MD5_BYTES*2];
00037        int i;
00038 
00039        if( passwd->bv_len != NS_MTA_MD5_PASSLEN ) {
00040               return LUTIL_PASSWD_ERR;
00041        }
00042 
00043        /* hash credentials with salt */
00044        lutil_MD5Init(&MD5context);
00045        lutil_MD5Update(&MD5context,
00046               (const unsigned char *) &passwd->bv_val[32],
00047               32 );
00048 
00049        c = 0x59;
00050        lutil_MD5Update(&MD5context,
00051               (const unsigned char *) &c,
00052               1 );
00053 
00054        lutil_MD5Update(&MD5context,
00055               (const unsigned char *) cred->bv_val,
00056               cred->bv_len );
00057 
00058        c = 0xF7;
00059        lutil_MD5Update(&MD5context,
00060               (const unsigned char *) &c,
00061               1 );
00062 
00063        lutil_MD5Update(&MD5context,
00064               (const unsigned char *) &passwd->bv_val[32],
00065               32 );
00066 
00067        lutil_MD5Final(MD5digest, &MD5context);
00068 
00069        for( i=0; i < sizeof( MD5digest ); i++ ) {
00070               buffer[i+i]   = "0123456789abcdef"[(MD5digest[i]>>4) & 0x0F]; 
00071               buffer[i+i+1] = "0123456789abcdef"[ MD5digest[i] & 0x0F]; 
00072        }
00073 
00074        /* compare */
00075        return memcmp((char *)passwd->bv_val,
00076               (char *)buffer, sizeof(buffer)) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
00077 }
00078 
00079 int init_module(int argc, char *argv[]) {
00080        return lutil_passwd_add( (struct berval *)&scheme, chk_ns_mta_md5, NULL );
00081 }