From 0ce1ae2a366451d6b28c3754abcaec9038402aa4 Mon Sep 17 00:00:00 2001
From: Matteo Brancaleoni <mbrancaleoni@espia.it>
Date: Mon, 10 Mar 2003 20:39:12 +0000
Subject: lun mar 10 21:39:02 CET 2003

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@638 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 astman/Makefile |  4 ++--
 astman/astman.c | 44 ++++++++++++++++++++++++++++++++++++++------
 2 files changed, 40 insertions(+), 8 deletions(-)

(limited to 'astman')

diff --git a/astman/Makefile b/astman/Makefile
index 106affcd8..239b11b0e 100755
--- a/astman/Makefile
+++ b/astman/Makefile
@@ -15,5 +15,5 @@ none:
 clean:
 	rm -f *.o astman
 
-astman: astman.o
-	$(CC) -o astman astman.o -lnewt
+astman: astman.o ../md5.o
+	$(CC) -o astman astman.o ../md5.o -lnewt
diff --git a/astman/astman.c b/astman/astman.c
index 6bda4ff9c..6fa6b8118 100755
--- a/astman/astman.c
+++ b/astman/astman.c
@@ -20,6 +20,7 @@
 #include <unistd.h>
 #include <stdlib.h>
 
+#include <asterisk/md5.h>
 #include <asterisk/manager.h>
 
 #define MAX_HEADERS 80
@@ -609,18 +610,49 @@ static int login(char *hostname)
 		if (es.u.co == login) {
 			snprintf(tmp, sizeof(tmp), "Logging in '%s'...", user);
 			show_doing("Logging in", tmp);
-			manager_action("Login", 
-				"Username: %s\r\n"
-				"Secret: %s\r\n",
-					user, pass);
+			/* Check to see if the remote host supports MD5 Authentication */
+			manager_action("Challenge", "AuthType: MD5\r\n");
 			m = wait_for_response(10000);
-			hide_doing();
-			if (m) {
+			if (m && !strcasecmp(get_header(m, "Response"), "Success")) {
+				char *challenge = get_header(m, "Challenge");
+				int x;
+				int len = 0;
+				char md5key[256] = "";
+				struct MD5Context md5;
+				unsigned char digest[16];
+				MD5Init(&md5);
+				MD5Update(&md5, challenge, strlen(challenge));
+				MD5Update(&md5, pass, strlen(pass));
+				MD5Final(digest, &md5);
+				for (x=0; x<16; x++)
+					len += sprintf(md5key + len, "%2.2x", digest[x]);
+				manager_action("Login",
+						"AuthType: MD5\r\n"
+						"Username: %s\r\n"
+						"Key: %s\r\n",
+						user, md5key);
+				m = wait_for_response(10000);
+				hide_doing();
 				if (!strcasecmp(get_header(m, "Response"), "Success")) {
 					res = 0;
 				} else {
 					show_message("Login Failed", get_header(m, "Message"));
 				}
+			} else {
+				memset(m, 0, sizeof(m));
+				manager_action("Login", 
+					"Username: %s\r\n"
+					"Secret: %s\r\n",
+						user, pass);
+				m = wait_for_response(10000);
+				hide_doing();
+				if (m) {
+					if (!strcasecmp(get_header(m, "Response"), "Success")) {
+						res = 0;
+					} else {
+						show_message("Login Failed", get_header(m, "Message"));
+					}
+				}
 			}
 		}
 	}
-- 
cgit v1.2.3