From e1f131bab840f23b1ba5ae4ba36a4054857afc94 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 12 Mar 1998 02:42:39 +0000 Subject: use password_ok() instead of calling crypt() (This used to be commit 53dc8ea5e315abf9ee8d38ffdb8a3057df0235be) --- source3/cgi.c | 13 ++----------- source3/web/cgi.c | 13 ++----------- 2 files changed, 4 insertions(+), 22 deletions(-) (limited to 'source3') diff --git a/source3/cgi.c b/source3/cgi.c index 2008f9a8d3..6468c92917 100644 --- a/source3/cgi.c +++ b/source3/cgi.c @@ -459,8 +459,6 @@ handle a http authentication line static int cgi_handle_authorization(char *line) { char *p, *user, *pass; - struct passwd *pwd; - int ret=0; if (strncasecmp(line,"Basic ", 6)) { cgi_setup_error("401 Bad Authorization", "", @@ -478,20 +476,13 @@ static int cgi_handle_authorization(char *line) pass = p+1; /* currently only allow connections as root */ - if (strcasecmp(user,"root")) { + if (strcmp(user,"root")) { cgi_setup_error("401 Bad Authorization", "", "incorrect username/password"); } - - pwd = getpwnam(user); - - if (!strcmp((char *)crypt(pass, pwd->pw_passwd),pwd->pw_passwd)) { - ret = 1; - } - memset(pass, 0, strlen(pass)); - return ret; + return password_ok(user, pass, strlen(pass), NULL); } diff --git a/source3/web/cgi.c b/source3/web/cgi.c index 2008f9a8d3..6468c92917 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -459,8 +459,6 @@ handle a http authentication line static int cgi_handle_authorization(char *line) { char *p, *user, *pass; - struct passwd *pwd; - int ret=0; if (strncasecmp(line,"Basic ", 6)) { cgi_setup_error("401 Bad Authorization", "", @@ -478,20 +476,13 @@ static int cgi_handle_authorization(char *line) pass = p+1; /* currently only allow connections as root */ - if (strcasecmp(user,"root")) { + if (strcmp(user,"root")) { cgi_setup_error("401 Bad Authorization", "", "incorrect username/password"); } - - pwd = getpwnam(user); - - if (!strcmp((char *)crypt(pass, pwd->pw_passwd),pwd->pw_passwd)) { - ret = 1; - } - memset(pass, 0, strlen(pass)); - return ret; + return password_ok(user, pass, strlen(pass), NULL); } -- cgit