char *challenge;
RSPTYP *resp;
-char realm[200];
-char usrrealm[200];
char answer[300];
char hash[40];
int phase;
*rmtpass=strdup("$1(ukn as digest_md5)");
challenge=(char *)0;
-(void) memset(realm,'\000',sizeof(realm));
-(void) memset(usrrealm,'\000',sizeof(usrrealm));
-(void) strncpy(realm,REALM,sizeof(realm)-1);
-if ((getenv("REALM"))!=(char *)0)
- (void) strncpy(realm,getenv("REALM"),sizeof(realm)-1);
resp=(RSPTYP *)0;
(void) memset(answer,'\000',sizeof(answer));
(void) memset(hash,'\000',sizeof(hash));
case 0 : //assign the reaml challeng
break;
case 1 : //Building the challenge sequence
- if ((challenge=dig_getchallenge(realm))==(char *)0) {
+ if ((challenge=dig_getchallenge())==(char *)0) {
(void) rou_alert(0,"%s Unable to get challenge sequence (Bug!)",OPEP);
phase=999;
}
/* challenge as an B64 string. */
/* */
/********************************************************/
-PUBLIC char *dig_getchallenge(char *realm)
+PUBLIC char *dig_getchallenge()
{
#define OPEP "unidig.c:dig_getchallenge,"
(void) memset(loc,'\000',sizeof(loc));
switch (num) {
case 0 : //realm
- (void) snprintf(loc,sizeof(loc),comp[num],realm);
+ (void) snprintf(loc,sizeof(loc),comp[num],rou_getrealm());
break;
case 1 : { //nonce
char *nonce;
//Procedure to generate a DISGEST-MD5 challaneg as a
//b64 string.
-extern char *dig_getchallenge(char *realm);
+extern char *dig_getchallenge();
//Procedure to compute local response to challenge and
//check if the remote session is the same
DELETE FROM emails;
//password is generated via command line:
//openssl password
-//present password is crypte 'mailleur'
+//present password is crypted as a hash
//adding a list of local email
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('postmaster@example.com','postmaster');
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('webmaster@example.com','webmaster');
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('utf8-áö_üñ@example.com','utf8-áö_üñ');
//Set for Postgresql database
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('user1@posdb.example.com','user1');
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('user2@posdb.example.com','user2');
//Set for MySQL database
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('user1@mardb.example.com','user1');
-INSERT INTO emails (email,password) \
+INSERT INTO emails (email,hash) \
values ('user2@mardb.example.com','user2');
creation DBTIMESTAMP //record creation
DFLT NOW(),
email TEXTUNIQUE, //User email
- password TEXT //User password
- DFLT '!',
hash TEXT, //'email:realm:password' MD5
space INTEGER //space used by user email
DFLT 0,
CREATE FUNCTION updpass()
RETURNS trigger AS $$
BEGIN
- NEW.hash = md5(concat (NEW.email,':',REALM,':',new.password));
- NEW.password = crypt(new.password, gen_salt('md5'));
+ NEW.hash = md5(concat (NEW.email,':',REALM,':',NEW.hash));
RETURN NEW;
END
$$ LANGUAGE 'plpgsql';
+++ /dev/null
-
-#To encrypt a field with md5 keys
-select crypt( 'data', gen_salt('md5'));
-
-
-DROP TRIGGER IF EXISTS cool
- ON emails CASCADE;
-
-CREATE OR REPLACE FUNCTION updpass()
- RETURNS trigger AS
-$$
-BEGIN
-NEW.hash = md5(concat (NEW.email,':',NEW.realm,':',new.password));
-NEW.password = crypt(new.password, gen_salt('md5'));
-RETURN NEW;
-END;
-
-$$
-LANGUAGE 'plpgsql';
-
-CREATE TRIGGER cool
- BEFORE INSERT OR UPDATE
- ON emails
- FOR EACH ROW
- EXECUTE PROCEDURE updpass();
vps2: / jmp / mailleur / commitdiff