diff options
author | David Troy <dave@popvox.com> | 2006-04-01 19:14:17 +0000 |
---|---|---|
committer | David Troy <dave@popvox.com> | 2006-04-01 19:14:17 +0000 |
commit | fe3ac9141e8cc4caf966b64d8c370f818436d79f (patch) | |
tree | 1740d4b590f5d54edafba1033539681db96761a3 | |
parent | e7575b72bd6cd202c6a9b93369d86bf7c7974938 (diff) | |
download | astmanproxy-fe3ac9141e8cc4caf966b64d8c370f818436d79f.tar.gz astmanproxy-fe3ac9141e8cc4caf966b64d8c370f818436d79f.tar.xz astmanproxy-fe3ac9141e8cc4caf966b64d8c370f818436d79f.zip |
git-svn-id: http://svncommunity.digium.com/svn/astmanproxy/branches/1.20pre@54 f02b47b9-160a-0410-81a6-dc3441afb0ec
-rw-r--r-- | src/proxyfunc.c | 48 |
1 files changed, 37 insertions, 11 deletions
diff --git a/src/proxyfunc.c b/src/proxyfunc.c index 54b7789..95257c2 100644 --- a/src/proxyfunc.c +++ b/src/proxyfunc.c @@ -1,4 +1,5 @@ #include "astmanproxy.h" +#include "md5.h" extern struct mansession *sessions; extern struct iohandler *iohandlers; @@ -106,6 +107,28 @@ void *ProxySetAutoFilter(struct mansession *s, struct message *m) { return 0; } +int AuthMD5(char *key, char *challenge, char *password) { + int x; + int len=0; + char md5key[256] = ""; + struct MD5Context md5; + unsigned char digest[16]; + + if (!*challenge || !*password || !*key) + return 1; + + MD5Init(&md5); + MD5Update(&md5, (unsigned char *) challenge, strlen(challenge)); + MD5Update(&md5, (unsigned char *) password, strlen(password)); + MD5Final(digest, &md5); + for (x=0;x<16;x++) + len += sprintf(md5key + len, "%2.2x", digest[x]); + if (!strcmp(md5key, key)) + return 0; + + return 1; +} + void *ProxyLogin(struct mansession *s, struct message *m) { struct message mo; struct proxy_user *pu; @@ -122,17 +145,20 @@ void *ProxyLogin(struct mansession *s, struct message *m) { pthread_mutex_lock(&userslock); pu = pc.userlist; while( pu ) { - if ( !strcmp(user, pu->username) && !strcmp(secret, pu->secret) ) { - AddHeader(&mo, "Response: Success"); - AddHeader(&mo, "Message: Authentication accepted"); - s->output->write(s, &mo); - s->authenticated = 1; - strcpy(s->user.channel, pu->channel); - strcpy(s->user.icontext, pu->icontext); - strcpy(s->user.ocontext, pu->ocontext); - if( debug ) - debugmsg("Login as: %s", user); - break; + if ( !strcmp(user, pu->username) ) { + if (!AuthMD5(md5key, s->challenge, pu->secret) || + !strcmp(secret, pu->secret) ) { + AddHeader(&mo, "Response: Success"); + AddHeader(&mo, "Message: Authentication accepted"); + s->output->write(s, &mo); + s->authenticated = 1; + strcpy(s->user.channel, pu->channel); + strcpy(s->user.icontext, pu->icontext); + strcpy(s->user.ocontext, pu->ocontext); + if( debug ) + debugmsg("Login as: %s", user); + break; + } } pu = pu->next; } |