Authentifikation: Übertrage Passwörter gehasht

author: Matthias Schiffer <matthias@gamezock.de> 2009-08-24 04:47:54 +0200
committer: Matthias Schiffer <matthias@gamezock.de> 2009-08-24 04:47:54 +0200
commit: c964aa2708ed2839ded3c35eed7338f3e81f568f (patch)
tree: 21f17452e648cd25c7cdf80d844b1a366767f14b /src/modules/AuthBackendFile/AuthBackendFile.cpp
parent: 84a5ceeb7db03d75425d72e8a23a0bb0f267bc01 (diff)
download: mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.tar
mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.zip
1 files changed, 14 insertions, 6 deletions
diff --git a/src/modules/AuthBackendFile/AuthBackendFile.cpp b/src/modules/AuthBackendFile/AuthBackendFile.cpp
index ac7a1db..b05b2db 100644
--- a/src/modules/AuthBackendFile/AuthBackendFile.cpp
+++ b/src/modules/AuthBackendFile/AuthBackendFile.cpp
@@ -74,11 +74,11 @@ bool AuthBackendFile::handleConfigEntry(const Core::ConfigEntry &entry, bool /*h
   return true;
 }
 
-boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &user,
-    const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/,
+boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &subMethod,
+    const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/,
     boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) {
   if(method != "Password")
-    throw(Core::Exception(Core::Exception::INVALID_INPUT));
+    throw(Core::Exception(Core::Exception::NOT_IMPLEMENTED));
 
   if(context.get() != 0 && dynamic_cast<AuthContextFile*>(context.get()) == 0)
     throw(Core::Exception(Core::Exception::INVALID_INPUT));
@@ -86,12 +86,20 @@ boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::
   if(context.get() == 0)
     context.reset(new AuthContextFile);
 
-  std::string password(data.begin(), data.end());
-
   std::map<std::string, std::string>::iterator userIt = userMap.find(user);
-  if(userIt == userMap.end() || password != userIt->second)
+  if(userIt == userMap.end())
     throw(Core::Exception(Core::Exception::AUTHENTICATION));
 
+  if(subMethod == "Clear") {
+    if(userIt->second != std::string(data.begin(), data.end()))
+      throw(Core::Exception(Core::Exception::AUTHENTICATION));
+  }
+  else {
+    if(!std::equal(data.begin(), data.end(), Common::Hash::hash(userIt->second, subMethod).begin()))
+      throw(Core::Exception(Core::Exception::AUTHENTICATION));
+  }
+
+
   return context;
 }
author	Matthias Schiffer <matthias@gamezock.de>	2009-08-24 04:47:54 +0200
committer	Matthias Schiffer <matthias@gamezock.de>	2009-08-24 04:47:54 +0200
commit	c964aa2708ed2839ded3c35eed7338f3e81f568f (patch)
tree	21f17452e648cd25c7cdf80d844b1a366767f14b /src/modules/AuthBackendFile/AuthBackendFile.cpp
parent	84a5ceeb7db03d75425d72e8a23a0bb0f267bc01 (diff)
download	mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.tar mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.zip