Commit 16a940c8 authored by Michael Ott's avatar Michael Ott
Browse files

Fix sha1 hashes for REST API passwords

parent 5e257fcc
...@@ -19,7 +19,7 @@ restAPI { ...@@ -19,7 +19,7 @@ restAPI {
dhFile /Users/di34bap/Projects/dcdb-devel/deps/openssl-1.1.1c/crypto/dh/dh2048.pem dhFile /Users/di34bap/Projects/dcdb-devel/deps/openssl-1.1.1c/crypto/dh/dh2048.pem
user admin { user admin {
password d033e22ae348aeb5660fc214aec3585c4da997 password d033e22ae348aeb5660fc2140aec35850c4da997
PUT PUT
GET GET
} }
......
...@@ -290,9 +290,8 @@ bool RESTHttpsServer::validateUser(const http::request<Body>& req, Send&& send) ...@@ -290,9 +290,8 @@ bool RESTHttpsServer::validateUser(const http::request<Body>& req, Send&& send)
unsigned hash[5] = {0}; unsigned hash[5] = {0};
sha1.get_digest(hash); sha1.get_digest(hash);
std::stringstream ss; std::stringstream ss;
ss << std::hex << std::setw(8) << std::setfill(' ');
for (int i = 0; i < 5; i++) { for (int i = 0; i < 5; i++) {
ss << hash[i]; ss << std::hex << std::setfill('0') << std::setw(8) << hash[i];
} }
if (ss.str() != userData.first) { if (ss.str() != userData.first) {
......
...@@ -178,7 +178,7 @@ bool GlobalConfiguration::readRestAPIUsers(RESTHttpsServer* server) { ...@@ -178,7 +178,7 @@ bool GlobalConfiguration::readRestAPIUsers(RESTHttpsServer* server) {
#endif #endif
} }
} }
if (attributes.first.size() != 38) { if (attributes.first.size() != 40) {
LOG(warning) << "User " << username << "'s password does not appear to be a sha1 hash!"; LOG(warning) << "User " << username << "'s password does not appear to be a sha1 hash!";
} else if (server->addUser(username, attributes)) { } else if (server->addUser(username, attributes)) {
LOG(warning) << "User " << username << " already existed and was overwritten!"; LOG(warning) << "User " << username << " already existed and was overwritten!";
......
...@@ -17,7 +17,7 @@ restAPI { ...@@ -17,7 +17,7 @@ restAPI {
dhFile ../../deps/openssl-1.1.1c/crypto/dh/dh2048.pem dhFile ../../deps/openssl-1.1.1c/crypto/dh/dh2048.pem
user admin { user admin {
password d033e22ae348aeb5660fc214aec3585c4da997 password d033e22ae348aeb5660fc2140aec35850c4da997
PUT PUT
GET GET
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment