From 0785a24392bc993ceb36b9450b4ca720caf25531 Mon Sep 17 00:00:00 2001
From: David Troy <dave@popvox.com>
Date: Sat, 1 Apr 2006 19:58:09 +0000
Subject: git-svn-id:
 http://svncommunity.digium.com/svn/astmanproxy/branches/1.20pre@55
 f02b47b9-160a-0410-81a6-dc3441afb0ec

---
 src/proxyfunc.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'src')

diff --git a/src/proxyfunc.c b/src/proxyfunc.c
index 95257c2..2992267 100644
--- a/src/proxyfunc.c
+++ b/src/proxyfunc.c
@@ -78,7 +78,7 @@ int ProxyChallenge(struct mansession *s, struct message *m) {
 
     memset(&mo, 0, sizeof(struct message));
     AddHeader(&mo, "Response: Success");
-    AddHeader(&mo, "Challenge: %d", s->challenge);
+    AddHeader(&mo, "Challenge: %s", s->challenge);
 
     s->output->write(s, &mo);
     return 0;
@@ -114,29 +114,35 @@ int AuthMD5(char *key, char *challenge, char *password) {
     struct MD5Context md5;
     unsigned char digest[16];
 
-    if (!*challenge || !*password || !*key)
+    if (!*key || !*challenge || !*password )
 	return 1;
 
+    if (debug)
+	debugmsg("MD5 password=%s, challenge=%s", password, challenge);
+
     MD5Init(&md5);
     MD5Update(&md5, (unsigned char *) challenge, strlen(challenge));
     MD5Update(&md5, (unsigned char *) password, strlen(password));
     MD5Final(digest, &md5);
     for (x=0;x<16;x++)
             len += sprintf(md5key + len, "%2.2x", digest[x]);
+    if( debug ) {
+	debugmsg("MD5 computed=%s, received=%s", md5key, key);
+    }
     if (!strcmp(md5key, key))
 	return 0;
-    
-    return 1;
+    else
+	return 1;
 }
 
 void *ProxyLogin(struct mansession *s, struct message *m) {
     struct message mo;
     struct proxy_user *pu;
-    char *user, *secret, *md5key;
+    char *user, *secret, *key;
 
     user = astman_get_header(m, "Username");
     secret = astman_get_header(m, "Secret");
-    md5key = astman_get_header(m, "Key");
+    key = astman_get_header(m, "Key");
 
     memset(&mo, 0, sizeof(struct message));
     if( debug )
@@ -146,7 +152,7 @@ void *ProxyLogin(struct mansession *s, struct message *m) {
     pu = pc.userlist;
     while( pu ) {
 	if ( !strcmp(user, pu->username) ) {
-            if (!AuthMD5(md5key, s->challenge, pu->secret) ||
+            if (!AuthMD5(key, s->challenge, pu->secret) ||
 		!strcmp(secret, pu->secret) ) {
                 AddHeader(&mo, "Response: Success");
                 AddHeader(&mo, "Message: Authentication accepted");
-- 
cgit