Fix sha1 hashes for REST API passwords

16a940c8 · Michael Ott · 5e257fcc · 16a940c8 · 16a940c8 · 16a940c8
Commit 16a940c8 authored May 28, 2020 by Michael Ott
4 changed files
--- a/collectagent/config/collectagent.conf
+++ b/collectagent/config/collectagent.conf
@@ -19,7 +19,7 @@ restAPI {
    dhFile      /Users/di34bap/Projects/dcdb-devel/deps/openssl-1.1.1c/crypto/dh/dh2048.pem

    user admin {
-        password  d033e22ae348aeb5660fc214aec3585c4da997
+        password d033e22ae348aeb5660fc2140aec35850c4da997
        PUT
        GET
    }

--- a/common/src/RESTHttpsServer.cpp
+++ b/common/src/RESTHttpsServer.cpp
@@ -290,9 +290,8 @@ bool RESTHttpsServer::validateUser(const http::request<Body>& req, Send&& send)
 	unsigned hash[5] = {0};
 	sha1.get_digest(hash);
 	std::stringstream ss;
-	ss << std::hex << std::setw(8) << std::setfill(' ');
 	for (int i = 0; i < 5; i++)	{
-		ss << hash[i];
+		ss << std::hex << std::setfill('0') << std::setw(8) << hash[i];
 	}
 	
    if (ss.str() != userData.first) {

--- a/common/src/globalconfiguration.cpp
+++ b/common/src/globalconfiguration.cpp
@@ -178,7 +178,7 @@ bool GlobalConfiguration::readRestAPIUsers(RESTHttpsServer* server) {
 #endif
                }
            }
-	    if (attributes.first.size() != 38) {
+	    if (attributes.first.size() != 40) {
 		LOG(warning) << "User " << username << "'s password does not appear to be a sha1 hash!";
 	    } else if (server->addUser(username, attributes)) {
                LOG(warning) << "User " << username << " already existed and was overwritten!";

--- a/dcdbpusher/config/dcdbpusher.conf
+++ b/dcdbpusher/config/dcdbpusher.conf
@@ -17,7 +17,7 @@ restAPI {
    dhFile      ../../deps/openssl-1.1.1c/crypto/dh/dh2048.pem

    user admin {
-        password  d033e22ae348aeb5660fc214aec3585c4da997
+	password d033e22ae348aeb5660fc2140aec35850c4da997
        PUT
        GET
    }