use password_ok() instead of calling crypt()

(This used to be commit 53dc8ea5e315abf9ee8d38ffdb8a3057df0235be)

2 files changed, 4 insertions, 22 deletions

diff --git a/source3/cgi.c b/source3/cgi.c
index 2008f9a8d3..6468c92917 100644
--- a/source3/cgi.c
+++ b/source3/cgi.c
@@ -459,8 +459,6 @@ handle a http authentication line
 static int cgi_handle_authorization(char *line)
 {
 	char *p, *user, *pass;
-	struct passwd *pwd;
-	int ret=0;
 
 	if (strncasecmp(line,"Basic ", 6)) {
 		cgi_setup_error("401 Bad Authorization", "", 
@@ -478,20 +476,13 @@ static int cgi_handle_authorization(char *line)
 	pass = p+1;
 
 	/* currently only allow connections as root */
-	if (strcasecmp(user,"root")) {
+	if (strcmp(user,"root")) {
 		cgi_setup_error("401 Bad Authorization", "", 
 				"incorrect username/password");
 	}
-	
-	pwd = getpwnam(user);
-
-	if (!strcmp((char *)crypt(pass, pwd->pw_passwd),pwd->pw_passwd)) {
-		ret = 1;
-	}
 
-	memset(pass, 0, strlen(pass));
 
-	return ret;
+	return password_ok(user, pass, strlen(pass), NULL);
 }
 
 
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index 2008f9a8d3..6468c92917 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -459,8 +459,6 @@ handle a http authentication line
 static int cgi_handle_authorization(char *line)
 {
 	char *p, *user, *pass;
-	struct passwd *pwd;
-	int ret=0;
 
 	if (strncasecmp(line,"Basic ", 6)) {
 		cgi_setup_error("401 Bad Authorization", "", 
@@ -478,20 +476,13 @@ static int cgi_handle_authorization(char *line)
 	pass = p+1;
 
 	/* currently only allow connections as root */
-	if (strcasecmp(user,"root")) {
+	if (strcmp(user,"root")) {
 		cgi_setup_error("401 Bad Authorization", "", 
 				"incorrect username/password");
 	}
-	
-	pwd = getpwnam(user);
-
-	if (!strcmp((char *)crypt(pass, pwd->pw_passwd),pwd->pw_passwd)) {
-		ret = 1;
-	}
 
-	memset(pass, 0, strlen(pass));
 
-	return ret;
+	return password_ok(user, pass, strlen(pass), NULL);
 }