Commit 16a940c8 authored by Michael Ott's avatar Michael Ott

Fix sha1 hashes for REST API passwords

parent 5e257fcc
......@@ -19,7 +19,7 @@ restAPI {
dhFile /Users/di34bap/Projects/dcdb-devel/deps/openssl-1.1.1c/crypto/dh/dh2048.pem
user admin {
password d033e22ae348aeb5660fc214aec3585c4da997
password d033e22ae348aeb5660fc2140aec35850c4da997
PUT
GET
}
......
......@@ -290,9 +290,8 @@ bool RESTHttpsServer::validateUser(const http::request<Body>& req, Send&& send)
unsigned hash[5] = {0};
sha1.get_digest(hash);
std::stringstream ss;
ss << std::hex << std::setw(8) << std::setfill(' ');
for (int i = 0; i < 5; i++) {
ss << hash[i];
ss << std::hex << std::setfill('0') << std::setw(8) << hash[i];
}
if (ss.str() != userData.first) {
......
......@@ -178,7 +178,7 @@ bool GlobalConfiguration::readRestAPIUsers(RESTHttpsServer* server) {
#endif
}
}
if (attributes.first.size() != 38) {
if (attributes.first.size() != 40) {
LOG(warning) << "User " << username << "'s password does not appear to be a sha1 hash!";
} else if (server->addUser(username, attributes)) {
LOG(warning) << "User " << username << " already existed and was overwritten!";
......
......@@ -17,7 +17,7 @@ restAPI {
dhFile ../../deps/openssl-1.1.1c/crypto/dh/dh2048.pem
user admin {
password d033e22ae348aeb5660fc214aec3585c4da997
password d033e22ae348aeb5660fc2140aec35850c4da997
PUT
GET
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment