Fixed user sql, added debug and wrapped in check for libcrypto

git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@1243 e3e1d417-86f3-4887-817a-d78f3d33393f
This commit is contained in:
stan 2005-01-26 20:55:50 +00:00
parent 74c2e6859c
commit 76bc4cb613
1 changed files with 11 additions and 5 deletions

View File

@ -106,7 +106,7 @@ bool User::canAccess( int monitor_id )
User *zmLoadUser( const char *username, const char *password )
{
char sql[BUFSIZ] = "";
snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );
snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );
if ( mysql_query( &dbconn, sql ) )
{
@ -139,6 +139,7 @@ User *zmLoadUser( const char *username, const char *password )
// Function to validate an authentication string
User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
{
#ifdef HAVE_LIBCRYPTO
const char *remote_addr = "";
if ( use_remote_addr )
{
@ -150,8 +151,9 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
}
}
Debug( 1, ( "Attempting to authenticate user from auth string '%s'", auth ));
char sql[BUFSIZ] = "";
snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );
snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );
if ( mysql_query( &dbconn, sql ) )
{
@ -180,7 +182,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
char auth_key[512] = "";
char auth_md5[32+1] = "";
unsigned char md5sum[64] = "";
unsigned char md5sum[MD5_DIGEST_LENGTH];
time_t now = time( 0 );
int max_tries = 2;
@ -202,10 +204,11 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
MD5( (unsigned char *)auth_key, strlen(auth_key), md5sum );
auth_md5[0] = '\0';
for ( int j = 0; j < strlen((const char *)md5sum); j++ )
for ( int j = 0; j < MD5_DIGEST_LENGTH; j++ )
{
sprintf( auth_md5+strlen(auth_md5), "%02x", md5sum[j] );
sprintf( &auth_md5[2*j], "%02x", md5sum[j] );
}
Debug( 1, ( "Checking auth_key '%s' -> auth_md5 '%s'", auth_key, auth_md5 ));
if ( !strcmp( auth, auth_md5 ) )
{
@ -216,5 +219,8 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
}
}
}
#else // HAVE_LIBCRYPTO
Error(( "You need to build with openssl installed to use hash based authentication" ));
#endif // HAVE_LIBCRYPTO
return( 0 );
}