break;
case 1 : //do we have valide data?
if ((strlen(data[1])==0)||(strlen(data[2])==0)) {
- (void) rou_alert(0,"%s data[1]=<%s> or data[2]=<%s> missing (Bug?)",
+ (void) rou_alert(0,"%s data[1]=<%s> or data[2]=<%s> missing (Remote Bug?)",
OPEP,data[1],data[2]);
phase=999; //No need to go further
}
char *givenpass;
givenpass=data[2];
- if (givenpass!=(char *)0) {
+ if (usr->passwd==(char *)0) {
+ (void) rou_alert(0,"%s usr=<%s> password empty, assigning one",
+ OPEP,data[1]);
+ usr->passwd=cnv_getrndstr(10);
+ }
+ if (givenpass!=(char *)0)
*rmtpass=strdup(givenpass);
- if (strncmp(usr->passwd,"$1",2)==0)
- givenpass=crypt("$1",givenpass);
- isok=(strcmp(givenpass,usr->passwd)==0);
+ if (usr->passwd[0]=='$') {
+ if ((givenpass=crypt(givenpass,usr->passwd))==(char *)0) {
+ (void) rou_alert(0,"%s Trouble to crypt (Bug?) pass=<%s> "
+ "user=<%s> (error=<%s>)",
+ OPEP,givenpass,usr->passwd,strerror(errno));
+ givenpass=data[2]; //trying to overcome
+ }
}
+ isok=(strcmp(givenpass,usr->passwd)==0);
usr=sql_freeusr(usr);
}
}
RETURNS trigger AS $$
BEGIN
NEW.hash = md5(concat (NEW.email,':',NEW.realm,':',new.password));
-// NEW.password = crypt(new.password, gen_salt('md5'));
+ NEW.password = crypt(new.password, gen_salt('md5'));
RETURN NEW;
END
$$ LANGUAGE 'plpgsql';
vps2: / jmp / mailleur / commitdiff