static authn_status check_mongodb_pw(request_rec *r, const char *user, const char *password) { authn_mongodb_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_mongodb_module); apr_status_t rv; char *password_hash; char *colon_pw; rv = fetch_mongodb_value(conf->host, conf->port, conf->userfield, conf->passwdfield, conf->collection, user, &password_hash, r->pool); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, "could not open mongoDB (host %s) port: %d", conf->host, conf->port); return AUTH_GENERAL_ERROR; } if (!password_hash) { return AUTH_USER_NOT_FOUND; } if ( conf->password_format != NULL) { if ( strcasecmp( conf->password_format,"django")==0) { char *token; char *alg; char *salt; char *hsh; char *saltpass; alg= apr_strtok( password_hash, "$",&token); salt = apr_strtok( NULL, "$",&token); hsh = apr_strtok( NULL, "$",&token); //ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,"password_hash=%s ALG=%s salt=%s hsh=%s", password_hash,alg,salt,hsh ); saltpass= apr_pstrcat(r->pool, salt, password, NULL); //char hash[APR_SHA1_DIGESTSIZE+APR_SHA1PW_IDLEN]; apr_byte_t hash[APR_SHA1_DIGESTSIZE+1]; apr_sha1_ctx_t context; apr_sha1_init(&context); apr_sha1_update(&context, saltpass, strlen(saltpass)); apr_sha1_final(hash, &context); hash[APR_SHA1_DIGESTSIZE]='\0'; int i=0; int j=0; for (i=0,j=0; i < APR_SHA1_DIGESTSIZE ;i+=1, j+=2 ) { if ( hash[i] != parse_hexpair(&(hsh[j]))) { return AUTH_DENIED; } } return AUTH_GRANTED; } else { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,"unrecognized password format %s", conf->password_format); return AUTH_DENIED; } } else { colon_pw = ap_strchr(password_hash, ':'); if (colon_pw) { *colon_pw = '\0'; } rv = apr_password_validate(password, password_hash); } if (rv != APR_SUCCESS) { return AUTH_DENIED; } return AUTH_GRANTED; }
APU_DECLARE(apr_status_t) apr_uuid_parse(apr_uuid_t *uuid, const char *uuid_str) { int i; unsigned char *d = uuid->data; for (i = 0; i < 36; ++i) { char c = uuid_str[i]; if (!apr_isxdigit(c) && !(c == '-' && (i == 8 || i == 13 || i == 18 || i == 23))) /* ### need a better value */ return APR_BADARG; } if (uuid_str[36] != '\0') { /* ### need a better value */ return APR_BADARG; } d[0] = parse_hexpair(&uuid_str[0]); d[1] = parse_hexpair(&uuid_str[2]); d[2] = parse_hexpair(&uuid_str[4]); d[3] = parse_hexpair(&uuid_str[6]); d[4] = parse_hexpair(&uuid_str[9]); d[5] = parse_hexpair(&uuid_str[11]); d[6] = parse_hexpair(&uuid_str[14]); d[7] = parse_hexpair(&uuid_str[16]); d[8] = parse_hexpair(&uuid_str[19]); d[9] = parse_hexpair(&uuid_str[21]); for (i = 6; i--;) d[10 + i] = parse_hexpair(&uuid_str[i*2+24]); return APR_SUCCESS; }