# # old_revision [df5dd81d62db331ba5c8de9f2257f9430c586534] # # patch "SoObjects/SOGo/GNUmakefile" # from [9e466added539ccacaecd830173afdf9d4755802] # to [0a6f033637d6af50a1768f0462e2bd4fe4c6909f] # # patch "SoObjects/SOGo/NSString+Utilities.h" # from [09d123e206a68c40e8fc0301e25d2e6052a2abf4] # to [ed9a551529054cdd3fb175e24db3316b24309987] # # patch "SoObjects/SOGo/NSString+Utilities.m" # from [26a0ba2fa690ba7464585e9959c25229992a66ed] # to [d7e02c1a2b5633935f3fe16fd8b154e949c01c9b] # # patch "SoObjects/SOGo/SQLSource.m" # from [3ba7f2ddd8b79c5caa63d11a0d9fea1cfe1e354a] # to [4544aedab94707f1aded7b4de8e5414f9b68a82f] # ============================================================ --- SoObjects/SOGo/GNUmakefile 9e466added539ccacaecd830173afdf9d4755802 +++ SoObjects/SOGo/GNUmakefile 0a6f033637d6af50a1768f0462e2bd4fe4c6909f @@ -46,6 +46,7 @@ SOGo_HEADER_FILES = \ NSObject+Utilities.h \ NSString+DAV.h \ NSString+Utilities.h \ + NSString+Crypto.h \ NSURL+DAV.h \ \ SOGoAuthenticator.h \ @@ -114,6 +115,7 @@ SOGo_OBJC_FILES = \ NSObject+Utilities.m \ NSString+DAV.m \ NSString+Utilities.m \ + NSString+Crypto.m \ NSURL+DAV.m \ \ SOGoSession.m \ ============================================================ --- SoObjects/SOGo/NSString+Utilities.h 09d123e206a68c40e8fc0301e25d2e6052a2abf4 +++ SoObjects/SOGo/NSString+Utilities.h ed9a551529054cdd3fb175e24db3316b24309987 @@ -66,10 +66,6 @@ - (id) objectFromJSONString; -- (NSString *) asCryptStringUsingSalt: (NSString *) theSalt; -- (NSString *) asMD5String; -- (NSString *) asSHA1String; - - (NSString *) asSafeSQLString; - (NSUInteger) countOccurrencesOfString: (NSString *) substring; ============================================================ --- SoObjects/SOGo/NSString+Utilities.m 26a0ba2fa690ba7464585e9959c25229992a66ed +++ SoObjects/SOGo/NSString+Utilities.m d7e02c1a2b5633935f3fe16fd8b154e949c01c9b @@ -21,10 +21,6 @@ * Boston, MA 02111-1307, USA. */ -#ifndef __OpenBSD__ -#include -#endif - #import #import #import @@ -44,12 +40,6 @@ #import "NSString+Utilities.h" -#define _XOPEN_SOURCE 1 -#include -#include -#include -#include - static NSMutableCharacterSet *urlNonEndingChars = nil; static NSMutableCharacterSet *urlAfterEndingChars = nil; static NSMutableCharacterSet *urlStartChars = nil; @@ -522,48 +512,6 @@ static int cssEscapingCount; return object; } -- (NSString *) asCryptStringUsingSalt: (NSString *) theSalt -{ - char *buf; - - // The salt is weak here, but who cares anyway, crypt should not - // be used anymore - buf = crypt([self UTF8String], [theSalt UTF8String]); - return [NSString stringWithUTF8String: buf]; -} - -- (NSString *) asMD5String -{ - unsigned char md[MD5_DIGEST_LENGTH]; - char buf[80]; - int i; - - memset(md, 0, MD5_DIGEST_LENGTH); - memset(buf, 0, 80); - - EVP_Digest((const void *) [self UTF8String], strlen([self UTF8String]), md, NULL, EVP_md5(), NULL); - for (i = 0; i < MD5_DIGEST_LENGTH; i++) - sprintf(&(buf[i*2]), "%02x", md[i]); - - return [NSString stringWithUTF8String: buf]; -} - -- (NSString *) asSHA1String -{ - unsigned char sha[SHA_DIGEST_LENGTH]; - char buf[80]; - int i; - - memset(sha, 0, SHA_DIGEST_LENGTH); - memset(buf, 0, 80); - - SHA1((const void *)[self UTF8String], strlen([self UTF8String]), sha); - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&(buf[i*2]), "%02x", sha[i]); - - return [NSString stringWithUTF8String: buf]; -} - - (NSString *) asSafeSQLString { return [[self stringByReplacingString: @"\\" withString: @"\\\\"] ============================================================ --- SoObjects/SOGo/SQLSource.m 3ba7f2ddd8b79c5caa63d11a0d9fea1cfe1e354a +++ SoObjects/SOGo/SQLSource.m 4544aedab94707f1aded7b4de8e5414f9b68a82f @@ -39,6 +39,7 @@ #import "SOGoConstants.h" #import "NSString+Utilities.h" +#import "NSString+Crypto.h" #import "SQLSource.h" @@ -47,7 +48,7 @@ * * c_uid - will be used for authentication - it's a username or username@domain.tld) * c_name - which can be identical to c_uid - will be used to uniquely identify entries) - * c_password - password of the user, plain-text, md5 or sha encoded for now + * c_password - password of the user, plain-text, md5, sha, ssha, sha256, sha2512 encoded for now * c_cn - the user's common name * mail - the user's mail address * @@ -151,28 +152,8 @@ if (!plainPassword || !encryptedPassword) return NO; - if ([_userPasswordAlgorithm caseInsensitiveCompare: @"none"] == NSOrderedSame) - { - return [plainPassword isEqualToString: encryptedPassword]; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"crypt"] == NSOrderedSame) - { - return [[plainPassword asCryptStringUsingSalt: encryptedPassword] isEqualToString: encryptedPassword]; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"md5"] == NSOrderedSame) - { - return [[plainPassword asMD5String] isEqualToString: encryptedPassword]; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"sha"] == NSOrderedSame) - { - - return [[plainPassword asSHA1String] isEqualToString: encryptedPassword]; - } - - - [self errorWithFormat: @"Unsupported user-password algorithm: %@", _userPasswordAlgorithm]; - - return NO; + return [plainPassword isEqualToCrypted: encryptedPassword + withDefaultScheme: _userPasswordAlgorithm]; } /** @@ -183,26 +164,8 @@ */ - (NSString *) _encryptPassword: (NSString *) plainPassword { - if ([_userPasswordAlgorithm caseInsensitiveCompare: @"none"] == NSOrderedSame) - { - return plainPassword; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"crypt"] == NSOrderedSame) - { - return [plainPassword asCryptStringUsingSalt: [plainPassword asMD5String]]; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"md5"] == NSOrderedSame) - { - return [plainPassword asMD5String]; - } - else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"sha"] == NSOrderedSame) - { - return [plainPassword asSHA1String]; - } - - [self errorWithFormat: @"Unsupported user-password algorithm: %@", _userPasswordAlgorithm]; - - return plainPassword; + return [NSString stringWithFormat: @"{%@}%@", _userPasswordAlgorithm, + [plainPassword asCryptedPassUsingScheme: _userPasswordAlgorithm] ]; } //