gnats-diffs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Changes to gnats/gnats/gnatsd.c

From: Yngve Svendsen
Subject: Changes to gnats/gnats/gnatsd.c
Date: Mon, 14 Oct 2002 07:42:25 -0400 
Index: gnats/gnats/gnatsd.c
diff -c gnats/gnats/gnatsd.c:1.47 gnats/gnats/gnatsd.c:1.48
*** gnats/gnats/gnatsd.c:1.47   Sun Aug  4 06:58:29 2002
--- gnats/gnats/gnatsd.c        Mon Oct 14 07:42:25 2002
***************
*** 253,273 ****
  static int
  password_match (const char *password, const char *hash)
  {
!   if (! strncmp (hash, "$0$", 3))
      {
!       /* explicit plain-text password */
!       return ! match (password, hash, TRUE);
!     }
!   else
!     {
!       /* DES crypt or MD5 hash of the password */
  #ifdef HAVE_LIBCRYPT
!       char *encrypted = crypt (password, hash);
!       return encrypted && ! strcmp (encrypted, hash);
  #else
!       /* TODO: log some warning */
!       return FALSE;
  #endif
      }
  }
  
--- 253,287 ----
  static int
  password_match (const char *password, const char *hash)
  {
!   if (strlen(password) && strlen(hash))
      {
!       if (! strncmp (hash, "$0$", 3))
!       {
!         /* explicit plain-text password */
!         return match (password, hash+3, TRUE);
!       }
!       else
!       {
  #ifdef HAVE_LIBCRYPT
!         /* DES crypt or MD5 hash of the password */
!         char *encrypted = crypt (password, hash);
!         return encrypted && ! strcmp (encrypted, hash);
  #else
!         /* TODO: log some warning */
!         return FALSE;
  #endif
+       }
+     }
+   else
+     {
+       if (strlen(password))
+       {
+         return FALSE;
+       }
+       else
+       {
+         return ! strlen(hash) ;
+       }
      }
  }
  
***************
*** 450,457 ****
              if (! password_match (passwd, ent->admFields[1]))
                {
                  /* Username matched but password didn't.  */
!                 *access = ACCESS_NONE;
!                 found = 1;
                }
              else
                {
--- 464,474 ----
              if (! password_match (passwd, ent->admFields[1]))
                {
                  /* Username matched but password didn't.  */
!                 if (strlen(ent->admFields[1]) && strlen(passwd))
!                   {
!                     *access = ACCESS_NONE;
!                     found = 1;
!                   }
                }
              else
                {
***************
*** 460,466 ****
                      /* Compare all given names against the name of the
                         requested database. */
                      const char *l2 = ent->admFields[3];
! 
                      while (l2 != NULL && ! found)
                        {
                          char *token = get_next_field (&l2, ',');
--- 477,486 ----
                      /* Compare all given names against the name of the
                         requested database. */
                      const char *l2 = ent->admFields[3];
!                     
!                     if (! strlen(l2))
!                       found = 1;
!                     
                      while (l2 != NULL && ! found)
                        {
                          char *token = get_next_field (&l2, ',');
reply via email to
[Prev in Thread] Current Thread [Next in Thread]