academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improvements to htpasswd code following review

Browse Source 
Improved multi-threading, including new test
This commit is contained in:
Arthur Barr
2020-11-18 10:05:03 +00:00
committed by Arthur J Barr
parent 5fd9fc5e26
commit 4257f6a199
7 changed files with 262 additions and 210 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
authservice/mqhtpass/src/htpass.c
View File

@@ -25,9 +25,9 @@ limitations under the License.
#include <apr_errno.h>
#include <apr_md5.h>
char * find_hash(char*, char*);
char *find_hash(char *, char *);
char * find_hash(char *filename, char *user)
char *find_hash(char *filename, char *user)
{
bool found = false;
FILE *fp;
@@ -45,27 +45,26 @@ char * find_hash(char *filename, char *user)
char *line = malloc(line_size);
while (fgets(line, line_size, fp) != NULL)
{
huser = strtok(line, ":");
if (strcmp(user, huser) == 0)
char *saveptr;
// Need to use strtok_r to be safe for multiple threads
huser = strtok_r(line, ":", &saveptr);
if (huser && (strcmp(user, huser) == 0))
{
hash = strtok(NULL, " \r\n\t");
// Make a duplicate of the string, because we'll be keeping it
hash = strdup(strtok_r(NULL, " \r\n\t", &saveptr));
found = true;
break;
}
}
fclose(fp);
// if (line)
// free(line);
// if (huser)
// free(huser);
// if (encPassword)
// free(encPassword);
if (line)
free(line);
}
if (!found)
{
hash = NULL;
}
return(hash);
return (hash);
}
bool htpass_authenticate_user(char *filename, char *user, char *password)
@@ -76,73 +75,18 @@ bool htpass_authenticate_user(char *filename, char *user, char *password)
// Supports multiple hashing algorithms, but we should only be using bcrypt
apr_status_t status = apr_password_validate(password, hash);
// status is usually either APR_SUCCESS or APR_EMISMATCH
if (status == APR_SUCCESS) {
if (status == APR_SUCCESS)
{
result = true;
log_debugf("Correct password supplied. user=%s", user);
} else {
}
else
{
log_debugf("Incorrect password supplied. user=%s", user);
}
return(result);
return (result);
}
// bool htpass_authenticate_user(char *filename, char *user, char *password)
// {
// bool result = false;
// FILE *fp;
// // char line[1024];
// char *huser;
// char *hash;
// // size_t len = 0;
// // size_t read;
// // int valid = -1;
// fp = fopen(filename, "r");
// if (fp == NULL)
// {
// log_errorf("Error %d opening htpasswd file '%s'", errno, filename);
// }
// if (fp)
// {
// const size_t line_size = 1024;
// char *line = malloc(line_size);
// while (fgets(line, line_size, fp) != NULL)
// {
// huser = strtok(line, ":");
// if (strcmp(user, huser) == 0)
// {
// hash = strtok(NULL, " \r\n\t");
// log_debugf("Matched user in htpasswd file: user=%s hash=%s*", huser, hash);
// // Use the Apache Portable Runtime utilities to validate the password against the hash.
// // Supports multiple hashing algorithms, but we should only be using bcrypt
// apr_status_t status = apr_password_validate(password, hash);
// // status is usually either APR_SUCCESS or APR_EMISMATCH
// if (status == APR_SUCCESS) {
// result = true;
// log_debugf("Correct password supplied. user=%s", huser);
// } else {
// log_debugf("Incorrect password supplied. user=%s", huser);
// }
// // Break out of the loop, as we've found the right user
// break;
// // TODO: Do we need to free(hash)?
// }
// else
// {
// log_debugf("Read incorrect user in htpassword: user=%s", huser);
// }
// }
// fclose(fp);
// // if (line)
// // free(line);
// // if (huser)
// // free(huser);
// // if (encPassword)
// // free(encPassword);
// }
// return result;
// }
bool htpass_valid_user(char *filename, char *user)
{
char *hash = find_hash(filename, user);
@@ -151,5 +95,5 @@ bool htpass_valid_user(char *filename, char *user)
{
valid = true;
}
return(valid);
return (valid);
}