#1276 encrypt the password to access web client interface using SHA-2
This commit is contained in:
Mitchell Livingston
parent
e892398a95
commit
50c9385ceb
|
|
@ -19,6 +19,7 @@
|
|||
#include <stdarg.h>
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/des.h>
|
||||
#include <openssl/dh.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rc4.h>
|
||||
|
|
@ -349,3 +350,26 @@ tr_cryptoRandBuf( unsigned char *buf,
|
|||
logErrorFromSSL( );
|
||||
}
|
||||
|
||||
/***
|
||||
****
|
||||
***/
|
||||
|
||||
char*
|
||||
tr_crypt( const void * plaintext )
|
||||
{
|
||||
static const char * salter = "0123456789"
|
||||
"abcdefghijklmnopqrstuvwxyz"
|
||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||
"./";
|
||||
static const size_t salter_len = 64;
|
||||
|
||||
int i;
|
||||
char salt[12];
|
||||
|
||||
memcpy( salt, "$1$", 3 );
|
||||
for( i=0; i<8; ++i )
|
||||
salt[3+i] = salter[ tr_cryptoRandInt( salter_len ) ];
|
||||
salt[11] = '\0';
|
||||
|
||||
return tr_strdup( DES_crypt( plaintext, salt ) );
|
||||
}
|
||||
|
|
|
|||
|
|
@ -95,4 +95,7 @@ int tr_cryptoWeakRandInt( int n );
|
|||
void tr_cryptoRandBuf( unsigned char *buf,
|
||||
size_t len );
|
||||
|
||||
char* tr_crypt( const void * plaintext );
|
||||
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@
|
|||
|
||||
#include "transmission.h"
|
||||
#include "bencode.h"
|
||||
#include "crypto.h"
|
||||
#include "list.h"
|
||||
#include "platform.h"
|
||||
#include "rpcimpl.h"
|
||||
|
|
@ -313,7 +314,7 @@ serve_file( struct evhttp_request * req,
|
|||
|
||||
if( errno )
|
||||
{
|
||||
send_simple_response( req, HTTP_NOTFOUND, NULL );
|
||||
send_simple_response( req, HTTP_NOTFOUND, filename );
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -464,6 +465,7 @@ handle_request( struct evhttp_request * req,
|
|||
{
|
||||
user = p;
|
||||
*pass++ = '\0';
|
||||
pass = tr_crypt( pass );
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -506,9 +508,10 @@ handle_request( struct evhttp_request * req,
|
|||
}
|
||||
else
|
||||
{
|
||||
send_simple_response( req, HTTP_NOTFOUND, NULL );
|
||||
send_simple_response( req, HTTP_NOTFOUND, req->uri );
|
||||
}
|
||||
|
||||
tr_free( pass );
|
||||
tr_free( user );
|
||||
}
|
||||
}
|
||||
|
|
@ -668,7 +671,7 @@ tr_rpcSetPassword( tr_rpc_server * server,
|
|||
const char * password )
|
||||
{
|
||||
tr_free( server->password );
|
||||
server->password = tr_strdup( password );
|
||||
server->password = tr_crypt( password );
|
||||
dbgmsg( "setting our Password to [%s]", server->password );
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -297,7 +297,6 @@ tr_sessionGetSettings( tr_session * s, struct tr_benc * d )
|
|||
tr_bencDictAddInt( d, TR_PREFS_KEY_RATIO_ENABLED, s->isRatioLimited );
|
||||
tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_AUTH_REQUIRED, tr_sessionIsRPCPasswordEnabled( s ) );
|
||||
tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_ENABLED, tr_sessionIsRPCEnabled( s ) );
|
||||
tr_bencDictAddStr( d, TR_PREFS_KEY_RPC_PASSWORD, freeme[n++] = tr_sessionGetRPCPassword( s ) );
|
||||
tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_PORT, tr_sessionGetRPCPort( s ) );
|
||||
tr_bencDictAddStr( d, TR_PREFS_KEY_RPC_USERNAME, freeme[n++] = tr_sessionGetRPCUsername( s ) );
|
||||
tr_bencDictAddStr( d, TR_PREFS_KEY_RPC_WHITELIST, freeme[n++] = tr_sessionGetRPCWhitelist( s ) );
|
||||
|
|
@ -1454,14 +1453,6 @@ tr_sessionSetRPCPassword( tr_session * session,
|
|||
tr_rpcSetPassword( session->rpcServer, password );
|
||||
}
|
||||
|
||||
char*
|
||||
tr_sessionGetRPCPassword( const tr_session * session )
|
||||
{
|
||||
assert( tr_isSession( session ) );
|
||||
|
||||
return tr_rpcGetPassword( session->rpcServer );
|
||||
}
|
||||
|
||||
void
|
||||
tr_sessionSetRPCUsername( tr_session * session,
|
||||
const char * username )
|
||||
|
|
|
|||
|
|
@ -370,12 +370,6 @@ void tr_sessionSetRPCPassword( tr_session * session,
|
|||
void tr_sessionSetRPCUsername( tr_session * session,
|
||||
const char * username );
|
||||
|
||||
/** @brief get the password used to restrict RPC requests.
|
||||
@return the password string. tr_free() when done.
|
||||
@see tr_sessionInit()
|
||||
@see tr_sessionSetRPCPassword() */
|
||||
char* tr_sessionGetRPCPassword( const tr_session * session );
|
||||
|
||||
char* tr_sessionGetRPCUsername( const tr_session * session );
|
||||
|
||||
void tr_sessionSetRPCPasswordEnabled( tr_session * session,
|
||||
|
|
|
|||
Loading…
Reference in New Issue