head	1.3;
access;
symbols
	RELEASE_5_4_0:1.2
	RELEASE_4_11_0:1.2
	RELEASE_5_3_0:1.2
	RELEASE_4_10_0:1.2
	RELEASE_5_2_1:1.2
	RELEASE_5_2_0:1.2
	RELEASE_4_9_0:1.2
	RELEASE_5_1_0:1.2
	RELEASE_4_8_0:1.2
	RELEASE_5_0_0:1.2
	RELEASE_4_7_0:1.2
	RELEASE_4_6_2:1.2
	RELEASE_4_6_1:1.2
	RELEASE_4_6_0:1.2
	RELEASE_5_0_DP1:1.2
	RELEASE_4_5_0:1.1;
locks; strict;
comment	@# @;


1.3
date	2005.08.18.19.38.29;	author sem;	state dead;
branches;
next	1.2;

1.2
date	2002.02.05.02.10.07;	author mi;	state Exp;
branches;
next	1.1;

1.1
date	2002.01.09.19.55.47;	author mi;	state Exp;
branches;
next	;


desc
@@


1.3
log
@- Update to 0.6.1.
- Unbreak.

Approved by:	portmgr (krion)
@
text
@This patch replaces calls to mhash library with direct calls into -lmd,
greatly simplifying things...

--- pam_pgsql.c	Wed Apr 18 16:47:57 2001
+++ pam_pgsql.c	Wed Jan  9 14:46:01 2002
@@@@ -14,6 +14,7 @@@@
 #include <syslog.h>
 #include <ctype.h>
-#include <mhash.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <md5.h>
 #include <time.h>
 #include <libpq-fe.h>
-#include <crypt.h>
@@@@ -336,32 +336,7 @@@@
             s = strdup(crypt(pass, crypt_make_salt()));
             break;
-        case PW_MD5: {
-                char *buf;
-                int buf_size;
-                MHASH handle;
-                unsigned char *hash;
-
-                handle = mhash_init(MHASH_MD5);
-
-                if(handle == MHASH_FAILED) {
-                    SYSLOG("could not initialize mhash library!");
-                } else {
-                    int i; 
-
-                    mhash(handle, pass, strlen(pass));
-                    hash = mhash_end(handle);
-
-                    buf_size = (mhash_get_block_size(MHASH_MD5) * 2)+1;
-                    buf = (char *)malloc(buf_size);
-                    bzero(buf, buf_size);
-
-                    for(i = 0; i < mhash_get_block_size(MHASH_MD5); i++) {
-                        /* should be safe */
-                        sprintf(&buf[i * 2], "%.2x", hash[i]);
-                    }
-                    s = buf;
-                }
-            }
-            break;
+        case PW_MD5:
+	    s = MD5Data(pass, strlen(pass), NULL);
+	    break;
         case PW_CLEAR:
         default:
@@@@ -416,34 +391,15 @@@@
                 }
                 break;
-            case PW_MD5: {
-                char *buf;
-                int buf_size;
-                MHASH handle;
-                unsigned char *hash;
-
-                handle = mhash_init(MHASH_MD5);
-
-                if(handle == MHASH_FAILED) {
-                    SYSLOG("could not initialize mhash library!");
-                } else {
-                    int i; 
-
-                    mhash(handle, passwd, strlen(passwd));
-                    hash = mhash_end(handle);
-
-                    buf_size = (mhash_get_block_size(MHASH_MD5) * 2)+1;
-                    buf = (char *)malloc(buf_size);
-                    bzero(buf, buf_size);
-
-                    for(i = 0; i < mhash_get_block_size(MHASH_MD5); i++) {
-                        sprintf(&buf[i * 2], "%.2x", hash[i]);
-                    }
-
-                    if(strcmp(buf, stored_pw) == 0)
-                        rc = PAM_SUCCESS;
-                    free(buf);
-                }
-            }
-            break;
+            case PW_MD5:
+		if(strlen(stored_pw) != 32) {
+		    SYSLOG("stored password has invalid length.");
+		} else {
+                    char *hash;
+		    hash = MD5Data(passwd, strlen(passwd), NULL);
+                    if(strcmp(hash, stored_pw) == 0)
+			rc = PAM_SUCCESS;
+		    free(hash);
+		}
+		break;
         }
     }
@


1.2
log
@Fix the patch (a header and an empty line) and remove last mentions
of the shortlived pqescape.c.
@
text
@@


1.1
log
@Remove the dependency on security/mhash by calling MD5Data directly.
No REVISION bump, as the port remained FORBIDDEN ever since the last
upgrade.

While here, clarify the FORBIDDEN message a little.
@
text
@d6 1
a6 1
@@@@ -14,5 +14,7 @@@@
d15 1
d52 1
a52 1
@@@@ -416,35 +391,15 @@@@
a80 1
-
@

