David van Geest escribió:
Digging into this more, seems like using a salt isn't even possible.
Use it if you dare, I found it somewhere back in 2004 ;-)
--- checkpw.c 2009-04-28 10:09:15.000000000 -0500
+++ checkpw.c 2009-05-15 15:48:50.000000000 -0500
@@ -52,6 +52,7 @@
#include "saslutil.h"
#include "saslplug.h"
#include "saslint.h"
+#include <crypt.h>
#include <assert.h>
#ifdef HAVE_UNISTD_H
@@ -144,6 +145,10 @@
NULL };
struct propval auxprop_values[3];
+ /* added lopaka */
+ char salt[31];
+ char *crypt_passwd = NULL;
+
if (!conn || !userstr)
return SASL_BADPARAM;
@@ -180,12 +185,28 @@
goto done;
}
+ /* 20041008 lopaka */
+ /* encrypt the passwd and then compare it with the encrypted passwd */
+ if(!strncmp(auxprop_values[0].values[0],"$1",2))
+ {
+ /* MD5 */
+ /* obtain salt = first 12 chars */
+ strncpy(salt,auxprop_values[0].values[0],13);
+ }
+ else
+ {
+ /* DES */
+ /* obtain salt = first 2 chars */
+ strncpy(salt,auxprop_values[0].values[0],3);
+ }
+ crypt_passwd = crypt(passwd,salt);
+
/* At the point this has been called, the username has been canonified
* and we've done the auxprop lookup. This should be easy. */
if(auxprop_values[0].name
&& auxprop_values[0].values
&& auxprop_values[0].values[0]
- && !strcmp(auxprop_values[0].values[0], passwd)) {
+ && !strcmp(auxprop_values[0].values[0], crypt_passwd)) {
/* We have a plaintext version and it matched! */
return SASL_OK;
} else if(auxprop_values[1].name
begin:vcard
fn;quoted-printable:Rodolfo Gonz=C3=A1lez
n;quoted-printable:Gonz=C3=A1lez;Rodolfo
org:Global Networks Technologies, S.A. de C.V.
email;internet:rgonzalez@xxxxxx
tel;work:+52 (222) 2666468
version:2.1
end:vcard
