arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

the author method is changed as we discussed last week; verify the password as encrypted pw firstly; if it fails, then treat the password as non-encyrpted password to verify one more time

Browse Source 
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@4772 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
mxi1 2009-12-15 06:34:55 +00:00
parent 70892149d9
commit 88dd0b3c72
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
xCAT-server/sbin/xcatd
View File

@ -1300,12 +1300,18 @@ sub becomeuser {
return undef;
}
$passent=$passent->{password};
if ($passent =~ /^\$(2a|1)\$.*\$/) { #MD5 or Blowfish hash, calculate before comparison
$pass = crypt($pass,$passent);
} #Not bothering with old DES method, for now assume plaintext if not set
if ($pass eq $passent) {
my $encryptedpass = crypt($pass,$passent);
if ($encryptedpass eq $passent) {
return $id;
}elsif ($pass eq $passent) {
return $id;
}
# if ($passent =~ /^\$(2a|1)\$.*\$/) { #MD5 or Blowfish hash, calculate before comparison
# $pass = crypt($pass,$passent);
# } #Not bothering with old DES method, for now assume plaintext if not set
# if ($pass eq $passent) {
# return $id;
# }
#If here, unable to validate given credential
return undef;
}