X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/45c49b52a488882bbbd5366420389abbbeede7c9..d051056f921f465c487a85f9fa29a2324332bc4b:/authenticate.c diff --git a/authenticate.c b/authenticate.c index 55ed2693..7b5ecc2a 100644 --- a/authenticate.c +++ b/authenticate.c @@ -21,21 +21,18 @@ #include "rsync.h" extern char *password_file; -extern int am_root; /*************************************************************************** encode a buffer using base64 - simple and slow algorithm. null terminates the result. ***************************************************************************/ -void base64_encode(char *buf, int len, char *out) +void base64_encode(char *buf, int len, char *out, int pad) { char *b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; int bit_offset, byte_offset, idx, i; unsigned char *d = (unsigned char *)buf; int bytes = (len*8 + 5)/6; - memset(out, 0, bytes+1); - for (i = 0; i < bytes; i++) { byte_offset = (i*6)/8; bit_offset = (i*6)%8; @@ -49,6 +46,11 @@ void base64_encode(char *buf, int len, char *out) } out[i] = b64[idx]; } + + while (pad && (i % 4)) + out[i++] = '='; + + out[i] = '\0'; } /* Generate a challenge buffer and return it base64-encoded. */ @@ -70,7 +72,7 @@ static void gen_challenge(char *addr, char *challenge) sum_update(input, sizeof input); sum_end(md4_out); - base64_encode(md4_out, MD4_SUM_LENGTH, challenge); + base64_encode(md4_out, MD4_SUM_LENGTH, challenge, 0); } @@ -96,7 +98,7 @@ static int get_secret(int module, char *user, char *secret, int len) if ((st.st_mode & 06) != 0) { rprintf(FLOG, "secrets file must not be other-accessible (see strict modes option)\n"); ok = 0; - } else if (am_root && (st.st_uid != 0)) { + } else if (MY_UID() == 0 && st.st_uid != 0) { rprintf(FLOG, "secrets file must be owned by root when running as root (see strict modes)\n"); ok = 0; } @@ -172,7 +174,7 @@ static char *getpassf(char *filename) } else if ((st.st_mode & 06) != 0) { rprintf(FERROR,"password file must not be other-accessible\n"); ok = 0; - } else if (am_root && st.st_uid != 0) { + } else if (MY_UID() == 0 && st.st_uid != 0) { rprintf(FERROR,"password file must be owned by root when running as root\n"); ok = 0; } @@ -209,7 +211,7 @@ static void generate_hash(char *in, char *challenge, char *out) sum_update(challenge, strlen(challenge)); sum_end(buf); - base64_encode(buf, MD4_SUM_LENGTH, out); + base64_encode(buf, MD4_SUM_LENGTH, out, 0); } /* Possibly negotiate authentication with the client. Use "leader" to