Hi,
I made a small but usefull extension to courier-authlib: The ability to
authenticate against raw hashes (like generated by php md5(), mysql MD5() or
md5sum, etc.) ... Could you include this with regular courier?
I agree that it is published under the license of courer ;-)
You have to do the following:
Add to checkpasswordmd5.c at approx. line 30:
if (strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0)
{
return (strcmp(encrypted_password+8,
md5_hash_raw(password)));
}
Add to checkpassword.c under the line where {MD5} is evaluated:
|| strncasecmp(encrypted_password, "{MD5RAW}", 8) == 0
Add to md5/md5.h:
const char *md5_hash_raw(const char *);
Add to md5/md5_hash.c:
#include <stdio.h>
const char *md5_hash_raw(const char *passw)
{
MD5_DIGEST digest;
static char hash_buffer[33];
int j=0,i=0;
char
tmp_buf[3];
md5_digest(passw, strlen(passw), digest);
for (j=0; j<sizeof(digest); j++)
{
sprintf(tmp_buf,"%02x",digest[j]);
hash_buffer[i++]=tmp_buf[0];
hash_buffer[i++]=tmp_buf[1];
}
hash_buffer[32]=0;
return(hash_buffer);
}
It is quite simple, and allowes the user to pass passwords in the form
{MD5RAW} in md5() format, just like this can be done with {MD5}. I use this
for quite a while on my production servers.
Best regards,
Martin
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
