diff options
Diffstat (limited to 'src/modules/AuthBackendFile/AuthBackendFile.cpp')
| -rw-r--r-- | src/modules/AuthBackendFile/AuthBackendFile.cpp | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/src/modules/AuthBackendFile/AuthBackendFile.cpp b/src/modules/AuthBackendFile/AuthBackendFile.cpp index ac7a1db..b05b2db 100644 --- a/src/modules/AuthBackendFile/AuthBackendFile.cpp +++ b/src/modules/AuthBackendFile/AuthBackendFile.cpp @@ -74,11 +74,11 @@ bool AuthBackendFile::handleConfigEntry(const Core::ConfigEntry &entry, bool /*h return true; } -boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &user, - const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/, +boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std::string &method, const std::string &subMethod, + const std::string &user, const std::vector<boost::uint8_t> &data, std::vector<boost::uint8_t>& /*response*/, boost::shared_ptr<Common::AuthContext> context) throw(Core::Exception) { if(method != "Password") - throw(Core::Exception(Core::Exception::INVALID_INPUT)); + throw(Core::Exception(Core::Exception::NOT_IMPLEMENTED)); if(context.get() != 0 && dynamic_cast<AuthContextFile*>(context.get()) == 0) throw(Core::Exception(Core::Exception::INVALID_INPUT)); @@ -86,12 +86,20 @@ boost::shared_ptr<Common::AuthContext> AuthBackendFile::authenticate(const std:: if(context.get() == 0) context.reset(new AuthContextFile); - std::string password(data.begin(), data.end()); - std::map<std::string, std::string>::iterator userIt = userMap.find(user); - if(userIt == userMap.end() || password != userIt->second) + if(userIt == userMap.end()) throw(Core::Exception(Core::Exception::AUTHENTICATION)); + if(subMethod == "Clear") { + if(userIt->second != std::string(data.begin(), data.end())) + throw(Core::Exception(Core::Exception::AUTHENTICATION)); + } + else { + if(!std::equal(data.begin(), data.end(), Common::Hash::hash(userIt->second, subMethod).begin())) + throw(Core::Exception(Core::Exception::AUTHENTICATION)); + } + + return context; } |