[dovecot-cvs] dovecot/src/auth passdb-vpopmail.c,1.7,1.8

[cras at dovecot.org]

Update of /home/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv19172

Modified Files:
	passdb-vpopmail.c 
Log Message:
Support MD5 passwords. Patch by Pascal Malterre



Index: passdb-vpopmail.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/passdb-vpopmail.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- passdb-vpopmail.c	15 Jun 2004 02:44:05 -0000	1.7
+++ passdb-vpopmail.c	26 Jul 2004 15:42:52 -0000	1.8
@@ -10,6 +10,7 @@
 #include "common.h"
 #include "safe-memset.h"
 #include "passdb.h"
+#include "password-scheme.h"
 #include "mycrypt.h"
 
 #include "userdb-vpopmail.h"
@@ -22,7 +23,9 @@
 {
 	char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
 	struct vqpasswd *vpw;
-	int result;
+	const char *crypted_pass;
+	const char *scheme;
+	int ret;
 
 	vpw = vpopmail_lookup_vqp(request->user,
 				  vpop_user, vpop_domain);
@@ -43,16 +46,26 @@
 		return;
 	}
 
-	/* verify password */
-	result = strcmp(mycrypt(password, vpw->pw_passwd), vpw->pw_passwd) == 0;
+	crypted_pass = vpw->pw_passwd;
+	scheme = password_get_scheme(&crypted_pass);
+	if (scheme == NULL) scheme = "CRYPT";
+	
+	ret = password_verify(password, crypted_pass, scheme, request->user);
+
 	safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd));
+	if (vpw->pw_clear_passwd != NULL) {
+		safe_memset(vpw->pw_clear_passwd, 0,
+			    strlen(vpw->pw_clear_passwd));
+	}
 
-	if (!result) {
-		if (verbose) {
+	if (ret <= 0) {
+		if (ret < 0) {
+			i_error("vpopmail(%s): Unknown password scheme %s",
+				get_log_prefix(request), scheme);
+		} else if (verbose) {
 			i_info("vpopmail(%s): password mismatch",
 			       get_log_prefix(request));
 		}
-
 		callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
 		return;
 	}