From 6074f3441aa4584bb7abb98ba8ba905c85ed0f0a Mon Sep 17 00:00:00 2001
From: "Kevin P. Fleming" <kpfleming@digium.com>
Date: Mon, 25 Jul 2005 18:59:11 +0000
Subject: add MD5-hash matching (bug #4764, with mods)

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6198 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 apps/app_authenticate.c | 38 ++++++++++++++++++++++++++++++++------
 1 file changed, 32 insertions(+), 6 deletions(-)

(limited to 'apps/app_authenticate.c')

diff --git a/apps/app_authenticate.c b/apps/app_authenticate.c
index d1383eb85..d50b5b2f2 100755
--- a/apps/app_authenticate.c
+++ b/apps/app_authenticate.c
@@ -46,6 +46,10 @@ static char *descrip =
 "of the following letters:\n"
 "     a - Set account code to the password that is entered\n"
 "     d - Interpret path as database key, not literal file\n"
+"     m - Interpret path as a file which contains a list of\n"
+"         account codes and password hashes delimited with ':'\n"
+"         one per line. When password matched, corresponding\n"
+"         account code will be set\n"
 "     j - Support jumping to n+101\n"
 "     r - Remove database key upon successful entry (valid with 'd' only)\n"
 "\n"
@@ -115,17 +119,39 @@ static int auth_exec(struct ast_channel *chan, void *data)
 				f = fopen(password, "r");
 				if (f) {
 					char buf[256] = "";
-					while(!feof(f)) {
+					char md5passwd[33] = "";
+					char *md5secret;
+
+					while (!feof(f)) {
 						fgets(buf, sizeof(buf), f);
 						if (!feof(f) && !ast_strlen_zero(buf)) {
-							buf[strlen(buf) - 1] = '\0';
-							if (!ast_strlen_zero(buf) && !strcmp(passwd, buf))
-								break;
+							if (strchr(opts, 'm')) {
+								md5secret = strchr(buf, ':');
+								if (md5secret == NULL)
+									continue;
+								*md5secret = '\0';
+								md5secret++;
+								ast_md5_hash(md5passwd, passwd);
+								if (!strcmp(md5passwd, md5secret)) {
+									ast_cdr_setaccount(chan, buf);
+									break;
+								}
+							} else {
+								if(!strcmp(passwd, buf))
+									break;
+							}
 						}
 					}
 					fclose(f);
-					if (!ast_strlen_zero(buf) && !strcmp(passwd, buf))
-						break;
+					if (!ast_strlen_zero(buf)) {
+						if (strchr(opts, 'm')) {
+							if (!strcmp(md5passwd, md5secret))
+								break;
+						} else {
+							if (!strcmp(passwd, buf))
+								break;
+						}
+					}
 				} else 
 					ast_log(LOG_WARNING, "Unable to open file '%s' for authentication: %s\n", password, strerror(errno));
 			}
-- 
cgit v1.2.3