void AuthUser::updatePasswdEncMethod() { if (strncmp(m_passwd.c_str(), "$apr1$", 6) == 0) setEncMethod(ENCRYPT_APMD5); else if (strncasecmp(m_passwd.c_str(), "{sha}", 5) == 0) { char buf[128]; const char *p = m_passwd.c_str() + 5; int len = ls_base64_decode(p, strlen(p), buf); if (len == 20) { setPasswd(buf, len); setEncMethod(ENCRYPT_SHA); } } }
int HTAuth::basicAuth(HttpSession *pSession, const char *pAuthorization, int size, char *pAuthUser, int bufLen, const AuthRequired *pRequired) const { char buf[MAX_BASIC_AUTH_LEN]; char *pUser = buf; int ret = ls_base64_decode(pAuthorization, size, pUser); if (ret == -1) return SC_401; while (isspace(*pUser)) ++pUser; if (*pUser == ':') return SC_401; char *passReq = strchr(pUser + 1, ':'); if (passReq == NULL) return SC_401; char *p = passReq++; while (isspace(p[-1])) --p; *p = 0; int userLen = p - pUser; memccpy(pAuthUser, pUser, 0, bufLen - 1); *(pAuthUser + bufLen - 1) = 0; while (isspace(*passReq)) ++passReq; p = (char *)buf + ret; if (passReq >= p) return SC_401; while ((p > passReq) && isspace(p[-1])) --p; *p = 0; ret = m_pUserDir->authenticate(pSession, pUser, userLen, passReq, ENCRYPT_PLAIN, pRequired); return ret; }