diff options
author | Matthias Schiffer <matthias@gamezock.de> | 2009-08-24 04:47:54 +0200 |
---|---|---|
committer | Matthias Schiffer <matthias@gamezock.de> | 2009-08-24 04:47:54 +0200 |
commit | c964aa2708ed2839ded3c35eed7338f3e81f568f (patch) | |
tree | 21f17452e648cd25c7cdf80d844b1a366767f14b /src/modules | |
parent | 84a5ceeb7db03d75425d72e8a23a0bb0f267bc01 (diff) | |
download | mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.tar mad-c964aa2708ed2839ded3c35eed7338f3e81f568f.zip |
Authentifikation: Übertrage Passwörter gehasht
Diffstat (limited to 'src/modules')
-rw-r--r-- | src/modules/AuthBackendFile/AuthBackendFile.cpp | 20 | ||||
-rw-r--r-- | src/modules/AuthBackendFile/AuthBackendFile.h | 20 |
2 files changed, 29 insertions, 11 deletions
diff --git a/src/modules/AuthBackendFile/AuthBackendFile.cpp b/src/modules/AuthBackendFile/AuthBackendFile.cpp index ac7a1db..b05b2db 100644 --- a/src/modules/AuthBackendFile/AuthBackendFile.cpp +++ b/src/modules/AuthBackendFile/AuthBackendFile.cpp @@ -74,11 +74,11 @@ bool AuthBackendFile::handleConfigEntry(const Core::ConfigEntry &entry, bool /*h return true; } -boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &user, - const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/, +boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &subMethod, + const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/, boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) { if(method != "Password") - throw(Core::Exception(Core::Exception::INVALID_INPUT)); + throw(Core::Exception(Core::Exception::NOT_IMPLEMENTED)); if(context.get() != 0 && dynamic_cast<AuthContextFile*>(context.get()) == 0) throw(Core::Exception(Core::Exception::INVALID_INPUT)); @@ -86,12 +86,20 @@ boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std:: if(context.get() == 0) context.reset(new AuthContextFile); - std::string password(data.begin(), data.end()); - std::map<std::string, std::string>::iterator userIt = userMap.find(user); - if(userIt == userMap.end() || password != userIt->second) + if(userIt == userMap.end()) throw(Core::Exception(Core::Exception::AUTHENTICATION)); + if(subMethod == "Clear") { + if(userIt->second != std::string(data.begin(), data.end())) + throw(Core::Exception(Core::Exception::AUTHENTICATION)); + } + else { + if(!std::equal(data.begin(), data.end(), Common::Hash::hash(userIt->second, subMethod).begin())) + throw(Core::Exception(Core::Exception::AUTHENTICATION)); + } + + return context; } diff --git a/src/modules/AuthBackendFile/AuthBackendFile.h b/src/modules/AuthBackendFile/AuthBackendFile.h index 90f572c..5f13b51 100644 --- a/src/modules/AuthBackendFile/AuthBackendFile.h +++ b/src/modules/AuthBackendFile/AuthBackendFile.h @@ -25,6 +25,7 @@ #include <Common/AuthBackend.h> #include <Common/AuthContext.h> #include <Common/Application.h> +#include <Common/Hash.h> #include <Core/Configurable.h> #include <Core/ConfigManager.h> @@ -44,10 +45,11 @@ class MAD_MODULE_EXPORT AuthBackendFile : public Common::AuthBackend, private Co void readFile(const std::string &name); - std::vector<std::string> methods; - Common::Application *application; + std::vector<std::string> methods; + std::vector<std::string> subMethods; + std::map<std::string, std::string> userMap; protected: @@ -57,13 +59,21 @@ class MAD_MODULE_EXPORT AuthBackendFile : public Common::AuthBackend, private Co return methods; } - virtual boost::shared_ptr<Common::AuthContext> authenticate(const std::string &method, const std::string &user, - const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t> &response, + virtual const std::vector<std::string>& getSubMethods(const std::string &method) const throw(Core::Exception) { + if(method != "Password") + throw(Core::Exception(Core::Exception::NOT_IMPLEMENTED)); + + return subMethods; + } + + virtual boost::shared_ptr<Common::AuthContext> authenticate(const std::string &method, const std::string &subMethod, + const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t> &response, boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception); public: - AuthBackendFile(Common::Application *application0) : application(application0) { + AuthBackendFile(Common::Application *application0) : application(application0), subMethods(Common::Hash::getHashList()) { methods.push_back("Password"); + subMethods.push_back("Clear"); application->getConfigManager()->registerConfigurable(this); } |