Return-Path: 
 <cvs-return-5309-apmail-apr-cvs-archive=apr.apache.org@apr.apache.org>
Delivered-To: apmail-apr-cvs-archive@www.apache.org
Received: (qmail 8227 invoked from network); 16 Nov 2003 19:17:15 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 16 Nov 2003 19:17:15 -0000
Received: (qmail 84777 invoked by uid 500); 16 Nov 2003 19:17:06 -0000
Delivered-To: apmail-apr-cvs-archive@apr.apache.org
Received: (qmail 84733 invoked by uid 500); 16 Nov 2003 19:17:06 -0000
Mailing-List: contact cvs-help@apr.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:cvs@apr.apache.org>
List-Help: <mailto:cvs-help@apr.apache.org>
List-Unsubscribe: <mailto:cvs-unsubscribe@apr.apache.org>
List-Subscribe: <mailto:cvs-subscribe@apr.apache.org>
Reply-To: dev@apr.apache.org
Delivered-To: mailing list cvs@apr.apache.org
Received: (qmail 84720 invoked by uid 500); 16 Nov 2003 19:17:06 -0000
Delivered-To: apmail-apr-util-cvs@apache.org
Date: 16 Nov 2003 19:17:14 -0000
Message-ID: <20031116191714.8186.qmail@minotaur.apache.org>
From: jerenkrantz@apache.org
To: apr-util-cvs@apache.org
Subject: cvs commit: apr-util/crypto apr_md5.c
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

jerenkrantz    2003/11/16 11:17:14

  Modified:    .        CHANGES
               crypto   apr_md5.c
  Log:
  Add SHA1 support to apr_password_validate().
  
  Submitted by:	Paul Querna <chip force-elite.com>
  Reviewed by:	Justin Erenkrantz
  
  Revision  Changes    Path
  1.120     +3 -0      apr-util/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/apr-util/CHANGES,v
  retrieving revision 1.119
  retrieving revision 1.120
  diff -u -u -r1.119 -r1.120
  --- CHANGES	6 Oct 2003 20:39:09 -0000	1.119
  +++ CHANGES	16 Nov 2003 19:17:14 -0000	1.120
  @@ -1,5 +1,8 @@
   Changes with APR-util 1.0
   
  +  *) Add SHA1 support to apr_password_validate.
  +     [Paul Querna <chip force-elite.com>]
  +
     *) Pass error codes returned from constructors all the way back to
        the reslist consumer. Also fix a minor reslist memory leak that could
        happen when a constructor returns an error code.  PR 23492.
  
  
  
  1.8       +8 -4      apr-util/crypto/apr_md5.c
  
  Index: apr_md5.c
  ===================================================================
  RCS file: /home/cvs/apr-util/crypto/apr_md5.c,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -u -r1.7 -r1.8
  --- apr_md5.c	2 Jun 2003 13:47:57 -0000	1.7
  +++ apr_md5.c	16 Nov 2003 19:17:14 -0000	1.8
  @@ -99,6 +99,7 @@
   #include "apr_md5.h"
   #include "apr_lib.h"
   #include "apu_config.h"
  +#include "apr_sha1.h"
   
   #if APR_HAVE_STRING_H
   #include <string.h>
  @@ -703,10 +704,10 @@
   #endif
   
   /*
  - * Validate a plaintext password against a smashed one.  Use either
  - * crypt() (if available) or apr_md5_encode(), depending upon the format
  - * of the smashed input password.  Return APR_SUCCESS if they match, or
  - * APR_EMISMATCH if they don't.
  + * Validate a plaintext password against a smashed one.  Uses either
  + * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending
  + * upon the format of the smashed input password.  Returns APR_SUCCESS if
  + * they match, or APR_EMISMATCH if they don't.
    */
   
   APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, 
  @@ -721,6 +722,9 @@
            * The hash was created using our custom algorithm.
            */
           apr_md5_encode(passwd, hash, sample, sizeof(sample));
  +    }
  +    else if(!strncmp(hash, APR_SHA1PW_ID, strlen(APR_SHA1PW_ID))) {
  +         apr_sha1_base64(passwd, strlen(passwd), sample);
       }
       else {
           /*