ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed user sql, added debug and wrapped in check for libcrypto 

git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@1243 e3e1d417-86f3-4887-817a-d78f3d33393f
This commit is contained in:
stan 2005-01-26 20:55:50 +00:00
parent 74c2e6859c
commit 76bc4cb613
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/zm_user.cpp
View File

@ -106,7 +106,7 @@ bool User::canAccess( int monitor_id )
User *zmLoadUser( const char *username, const char *password ) User *zmLoadUser( const char *username, const char *password )
{ {
char sql[BUFSIZ] = ""; char sql[BUFSIZ] = "";
snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password ); snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", username, password );
if ( mysql_query( &dbconn, sql ) ) if ( mysql_query( &dbconn, sql ) )
{ {
@ -139,6 +139,7 @@ User *zmLoadUser( const char *username, const char *password )
// Function to validate an authentication string // Function to validate an authentication string
User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
{ {
#ifdef HAVE_LIBCRYPTO
const char *remote_addr = ""; const char *remote_addr = "";
if ( use_remote_addr ) if ( use_remote_addr )
{ {
@ -150,8 +151,9 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
} }
} }
Debug( 1, ( "Attempting to authenticate user from auth string '%s'", auth ));
char sql[BUFSIZ] = ""; char sql[BUFSIZ] = "";
snprintf( sql, sizeof(sql), "select Username, Password, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" ); snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Monitors+0, System+0, MonitorIds from Users where Enabled = 1" );
if ( mysql_query( &dbconn, sql ) ) if ( mysql_query( &dbconn, sql ) )
{ {
@ -180,7 +182,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
char auth_key[512] = ""; char auth_key[512] = "";
char auth_md5[32+1] = ""; char auth_md5[32+1] = "";
unsigned char md5sum[64] = ""; unsigned char md5sum[MD5_DIGEST_LENGTH];
time_t now = time( 0 ); time_t now = time( 0 );
int max_tries = 2; int max_tries = 2;
@ -202,10 +204,11 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
MD5( (unsigned char *)auth_key, strlen(auth_key), md5sum ); MD5( (unsigned char *)auth_key, strlen(auth_key), md5sum );
auth_md5[0] = '\0'; auth_md5[0] = '\0';
for ( int j = 0; j < strlen((const char *)md5sum); j++ ) for ( int j = 0; j < MD5_DIGEST_LENGTH; j++ )
{ {
sprintf( auth_md5+strlen(auth_md5), "%02x", md5sum[j] ); sprintf( &auth_md5[2*j], "%02x", md5sum[j] );
} }
Debug( 1, ( "Checking auth_key '%s' -> auth_md5 '%s'", auth_key, auth_md5 ));
if ( !strcmp( auth, auth_md5 ) ) if ( !strcmp( auth, auth_md5 ) )
{ {
@ -216,5 +219,8 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr )
} }
} }
} }
#else // HAVE_LIBCRYPTO
Error(( "You need to build with openssl installed to use hash based authentication" ));
#endif // HAVE_LIBCRYPTO
return( 0 ); return( 0 );
} }