svn_error_t *
svn_checksum(svn_checksum_t **checksum,
svn_checksum_kind_t kind,
const void *data,
apr_size_t len,
apr_pool_t *pool)
{
apr_sha1_ctx_t sha1_ctx;
SVN_ERR(validate_kind(kind));
*checksum = svn_checksum_create(kind, pool);
switch (kind)
{
case svn_checksum_md5:
apr_md5((unsigned char *)(*checksum)->digest, data, len);
break;
case svn_checksum_sha1:
apr_sha1_init(&sha1_ctx);
apr_sha1_update(&sha1_ctx, data, len);
apr_sha1_final((unsigned char *)(*checksum)->digest, &sha1_ctx);
break;
default:
/* We really shouldn't get here, but if we do... */
return svn_error_create(SVN_ERR_BAD_CHECKSUM_KIND, NULL, NULL);
}
return SVN_NO_ERROR;
}
char *
ipr_file_digest (
char * filename // File to digest
)
{
FILE
*file_stream; // File stream to digest
ipr_bucket_t
*bucket; // Bucket of data from file
apr_sha1_ctx_t
context;
apr_byte_t
bin_digest [APR_SHA1_DIGESTSIZE];
char *
digest = NULL; // Not documented
//
assert (filename);
# define DIGEST_BLOCK 1000000 // Read 1MB at a time from file
file_stream = fopen (filename, "rb");
if (file_stream) {
apr_sha1_init (&context);
bucket = ipr_bucket_new (DIGEST_BLOCK);
while ((bucket->cur_size = fread (bucket->data, 1, DIGEST_BLOCK, file_stream)) > 0)
apr_sha1_update (&context, (char *) bucket->data, bucket->cur_size);
fclose (file_stream);
ipr_bucket_destroy (&bucket);
apr_sha1_final (bin_digest, &context);
digest = icl_mem_alloc (ICL_SHORTSTR_MAX);
apr_base64_encode (digest, (char *) bin_digest, APR_MD5_DIGESTSIZE);
}
return (digest);
}
/**
* Generate a SHA1 hash of the supplied data.
*/
static char *mod_sslhaf_generate_sha1(apr_pool_t *pool, char *data, int len) {
unsigned char digest[APR_SHA1_DIGESTSIZE];
apr_sha1_ctx_t context;
apr_sha1_init(&context);
apr_sha1_update(&context, (const char *)data, len);
apr_sha1_final(digest, &context);
return mod_sslhaf_bytes2hex(pool, digest, APR_SHA1_DIGESTSIZE);
}
svn_error_t *
svn_checksum_update(svn_checksum_ctx_t *ctx,
const void *data,
apr_size_t len)
{
switch (ctx->kind)
{
case svn_checksum_md5:
apr_md5_update(ctx->apr_ctx, data, len);
break;
case svn_checksum_sha1:
apr_sha1_update(ctx->apr_ctx, data, len);
break;
default:
/* We really shouldn't get here, but if we do... */
return svn_error_create(SVN_ERR_BAD_CHECKSUM_KIND, NULL, NULL);
}
return SVN_NO_ERROR;
}
int sha1_file(const std::string& filename, std::string& checksum, bool binary)
{
apr_initialize();
apr_pool_t* pool;
apr_pool_create(&pool, NULL);
apr_file_t* in;
apr_int32_t flags = (binary ? APR_READ | APR_BINARY : APR_READ);
apr_file_open(&in, filename.c_str(), flags, APR_OS_DEFAULT, pool);
char buffer[512];
memset(buffer, 0, sizeof(buffer));
apr_size_t bytes_read = 0;
apr_file_read_full(in, buffer, 512, &bytes_read);
apr_file_close(in);
unsigned char digest[APR_SHA1_DIGESTSIZE + 1];
memset(digest, 0, APR_SHA1_DIGESTSIZE + 1);
apr_sha1_ctx_t context;
apr_sha1_init(&context);
if(binary) apr_sha1_update_binary(&context, (const unsigned char*)buffer, bytes_read);
else apr_sha1_update(&context, buffer, bytes_read);
apr_sha1_final(digest, &context);
std::ostringstream oss;
for(int i = 0; i < APR_SHA1_DIGESTSIZE; i++)
{
unsigned short letter = digest[i];
oss << std::hex << std::setw(2) << std::setfill('0') << letter;
}
checksum = oss.str();
apr_pool_destroy(pool);
apr_terminate();
return 0;
}
static authn_status check_mongodb_pw(request_rec *r, const char *user,
const char *password)
{
authn_mongodb_config_rec *conf = ap_get_module_config(r->per_dir_config,
&authn_mongodb_module);
apr_status_t rv;
char *password_hash;
char *colon_pw;
rv = fetch_mongodb_value(conf->host, conf->port,
conf->userfield, conf->passwdfield, conf->collection,
user, &password_hash,
r->pool);
if (rv != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
"could not open mongoDB (host %s) port: %d",
conf->host, conf->port);
return AUTH_GENERAL_ERROR;
}
if (!password_hash) {
return AUTH_USER_NOT_FOUND;
}
if ( conf->password_format != NULL) {
if ( strcasecmp( conf->password_format,"django")==0) {
char *token;
char *alg;
char *salt;
char *hsh;
char *saltpass;
alg= apr_strtok( password_hash, "$",&token);
salt = apr_strtok( NULL, "$",&token);
hsh = apr_strtok( NULL, "$",&token);
//ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,"password_hash=%s ALG=%s salt=%s hsh=%s", password_hash,alg,salt,hsh );
saltpass= apr_pstrcat(r->pool, salt, password, NULL);
//char hash[APR_SHA1_DIGESTSIZE+APR_SHA1PW_IDLEN];
apr_byte_t hash[APR_SHA1_DIGESTSIZE+1];
apr_sha1_ctx_t context;
apr_sha1_init(&context);
apr_sha1_update(&context, saltpass, strlen(saltpass));
apr_sha1_final(hash, &context);
hash[APR_SHA1_DIGESTSIZE]='\0';
int i=0;
int j=0;
for (i=0,j=0; i < APR_SHA1_DIGESTSIZE ;i+=1, j+=2 ) {
if ( hash[i] != parse_hexpair(&(hsh[j]))) {
return AUTH_DENIED;
}
}
return AUTH_GRANTED;
} else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,"unrecognized password format %s", conf->password_format);
return AUTH_DENIED;
}
} else {
colon_pw = ap_strchr(password_hash, ':');
if (colon_pw) {
*colon_pw = '\0';
}
rv = apr_password_validate(password, password_hash);
}
if (rv != APR_SUCCESS) {
return AUTH_DENIED;
}
return AUTH_GRANTED;
}
apr_status_t sha1_file(const std::string& filename, std::string& checksum, bool binary, apr_pool_t* parentPool)
{
apr_status_t ret = APR_SUCCESS;
apr_pool_t* pool = NULL;
ret = apr_pool_create(&pool, parentPool);
if(ret == APR_SUCCESS)
{
apr_file_t* in = NULL;
apr_int32_t flags = (binary ? APR_READ | APR_BINARY : APR_READ);
ret = apr_file_open(&in, filename.c_str(), flags, APR_OS_DEFAULT, pool);
if(ret == APR_SUCCESS)
{
unsigned char digest[APR_SHA1_DIGESTSIZE + 1];
memset(digest, 0, APR_SHA1_DIGESTSIZE + 1);
apr_sha1_ctx_t context;
apr_sha1_init(&context);
unsigned char buffer[512];
memset(buffer, 0, sizeof(buffer));
apr_size_t bytes_read = 0;
ret = apr_file_read_full(in, buffer, sizeof(buffer) - 1, &bytes_read);
if(ret == APR_SUCCESS || ret == APR_EOF)
{
if(binary) apr_sha1_update_binary(&context, buffer, bytes_read);
else apr_sha1_update(&context, (const char*)buffer, bytes_read);
}
while(ret == APR_SUCCESS)
{
ret = apr_file_read_full(in, buffer, sizeof(buffer) - 1, &bytes_read);
if(ret == APR_SUCCESS || ret == APR_EOF)
{
if(binary) apr_sha1_update_binary(&context, buffer, bytes_read);
else apr_sha1_update(&context, (const char*)buffer, bytes_read);
}
}
apr_sha1_final(digest, &context);
if(ret == APR_EOF)
{
std::ostringstream oss;
for(int i = 0; i < APR_SHA1_DIGESTSIZE; i++)
{
unsigned short letter = digest[i];
oss << std::hex << std::setw(2) << std::setfill('0') << letter;
}
checksum = oss.str();
ret = APR_SUCCESS;
}
apr_file_close(in);
}
apr_pool_destroy(pool);
}
return ret;
}
