Fixed a "hang" when wrong password was used

Due to the current implementation of SHA512 salts, it could be experienced as if the application hung on wrong passwords. This is because the rounds count for the passwords are scrambled, with values based on the given password. When a wrong password is given, this will also result in getting a wrong salt length and hash rounds for the following hash calculation. Due to this, the extracted rounds value from the salt string could return some really high number of rounds on wrong passwords (possibly the max value if integer). And this is why the "hang" is experienced. To avoid this, a check is added to make sure the rounds is not unreasonably much higher than the configured max rounds values. If the descrambled rounds number from the salt exceeds max rounds * 1.5, the password (most probaly) is wrong. In this case we do a sleep() to slow down bruteforce attacks and return NULL. The drawback is if the maxrounds later on is changed to a value which hits this scenario: passwordsalt_rounds > maxrounds_cfg * 1.5 In this case these old passwords will be invalidated by that configuration change. This is considered to be a feature and not a bug. The reason for mulitiplying by 1.5, is to allow a little room for a degrading the max rounds setting. By adjusting the max rounds up again, these passwords will be valid again. Added also a sleep() when wrong username is attempted.
author: David Sommerseth <dazo@users.sourceforge.net> 2009-03-28 19:16:29 +0100
committer: David Sommerseth <dazo@users.sourceforge.net> 2009-03-28 19:16:29 +0100
commit: add06f4a6033f517b6147a12be703b049ae7338a (patch)
tree: 94792134b7838273bf0fcf47b474ab57106d6150 /database
parent: b1d3a7b2621374d23ef8be5cb79d06fb3a18e3dc (diff)
download: eurephia-add06f4a6033f517b6147a12be703b049ae7338a.tar.gz
eurephia-add06f4a6033f517b6147a12be703b049ae7338a.tar.xz
eurephia-add06f4a6033f517b6147a12be703b049ae7338a.zip
2 files changed, 8 insertions, 4 deletions
diff --git a/database/sqlite/administration.c b/database/sqlite/administration.c
index 0e71e03..b5f35d8 100644
--- a/database/sqlite/administration.c
+++ b/database/sqlite/administration.c
@@ -20,6 +20,7 @@
  */
 
 #include <string.h>
+#include <unistd.h>
 #include <assert.h>
 
 #include <libxml/tree.h>
@@ -148,13 +149,13 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co
                         int pwdok = 0;
                         // Verify the password
                         crpwd = eurephia_pwd_crypt(ctx, pwd, dbpwd);
-                        assert(crpwd != NULL);
-                        pwdok = (strcmp(crpwd, dbpwd) == 0 ? 1 : 0);
+                        pwdok = ((crpwd != NULL) && (strcmp(crpwd, dbpwd) == 0) ? 1 : 0);
                         memset(crpwd, 0, strlen_nullsafe(crpwd));
                         memset(dbpwd, 0, strlen_nullsafe(dbpwd));
                         free_nullsafe(crpwd);
                         if( pwdok == 0 ) {
                                 eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed.");
+                                sleep(2);
                                 sqlite_free_results(res);
                                 return 0;
                         }
@@ -183,6 +184,7 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co
         } else {
                 eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed. No unique records found.");
                 sqlite_free_results(res);
+                sleep(2);
                 return 0;
         }
 
diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c
index 02d15e0..30959e1 100644
--- a/database/sqlite/edb-sqlite.c
+++ b/database/sqlite/edb-sqlite.c
@@ -22,6 +22,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <unistd.h>
 #include <assert.h>
 
 #define DRIVERVERSION "1.1"
@@ -269,8 +270,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
                         pwdok = 0;
                 } else {
                         crpwd = eurephia_pwd_crypt(ctx, passwd, dbpwd);
-                        assert(crpwd != NULL);
-                        pwdok = (strcmp(crpwd, dbpwd) == 0 ? 1 : 0);
+                        pwdok = ((crpwd != NULL) && (strcmp(crpwd, dbpwd) == 0) ? 1 : 0);
                         memset(crpwd, 0, strlen_nullsafe(crpwd));
                         memset(dbpwd, 0, strlen_nullsafe(dbpwd));
                         free_nullsafe(crpwd);
@@ -297,6 +297,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
                 } else if( pwdok != 1 ) {
                         eurephia_log(ctx, LOG_WARNING, 0,"Authentication failed for user '%s'. Wrong password.",
                                      username);
+                        sleep(2);
                         uicid = -1;
                 } else {
                         dbresult *upd = NULL;
@@ -317,6 +318,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
         } else {
                 eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed for user '%s'.  "
                              "Could not find user or user-certificate link.", username);
+                sleep(2);
                 uicid = 0;
         }
         sqlite_free_results(res);
author	David Sommerseth <dazo@users.sourceforge.net>	2009-03-28 19:16:29 +0100
committer	David Sommerseth <dazo@users.sourceforge.net>	2009-03-28 19:16:29 +0100
commit	add06f4a6033f517b6147a12be703b049ae7338a (patch)
tree	94792134b7838273bf0fcf47b474ab57106d6150 /database
parent	b1d3a7b2621374d23ef8be5cb79d06fb3a18e3dc (diff)
download	eurephia-add06f4a6033f517b6147a12be703b049ae7338a.tar.gz eurephia-add06f4a6033f517b6147a12be703b049ae7338a.tar.xz eurephia-add06f4a6033f517b6147a12be703b049ae7338a.zip