github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
master
fixes
release/2.0
release/1.6
dynamic-bridge
release/1.5
debian
debian-mosquitto
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v1.6.15
v2.0.10
v2.0.9
v1.6.14
v1.5.11
v2.0.8
v2.0.7
v1.6.13
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.10
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.5.9
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.15
v1.4.14
v1.4.13
v1.4.12
v1.4.11
v1.4.10
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.3.2-not-blessed
v1.3.3-not-blessed
v1.3.4-not-blessed
v1.3.5-not-blessed
v1.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c862ffec8b'
${ noResults }
mosquitto/plugins/dynamic-security/auth.c

89 lines
2.2 KiB
C
Raw Blame History

/*
Copyright (c) 2020 Roger Light <roger@atchoo.org>
All rights reserved. This program and the accompanying materials
are made available under the terms of the Eclipse Public License 2.0
and Eclipse Distribution License v1.0 which accompany this distribution.
The Eclipse Public License is available at
https://www.eclipse.org/legal/epl-2.0/
and the Eclipse Distribution License is available at
http://www.eclipse.org/org/documents/edl-v10.php.
SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
Contributors:
Roger Light - initial implementation and documentation.
*/
#include "config.h"
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include "dynamic_security.h"
#include "mosquitto.h"
#include "mosquitto_broker.h"
/* ################################################################
* #
* # Username/password check
* #
* ################################################################ */
static int memcmp_const(const void *a, const void *b, size_t len)
{
size_t i;
int rc = 0;
if(!a || !b) return 1;
for(i=0; i<len; i++){
if( ((char *)a)[i] != ((char *)b)[i] ){
rc = 1;
}
}
return rc;
}
int dynsec_auth__basic_auth_callback(int event, void *event_data, void *userdata)
{
struct mosquitto_evt_basic_auth *ed = event_data;
struct dynsec__client *client;
unsigned char password_hash[64]; /* For SHA512 */
const char *clientid;
UNUSED(event);
UNUSED(userdata);
if(ed->username == NULL || ed->password == NULL) return MOSQ_ERR_PLUGIN_DEFER;
client = dynsec_clients__find(ed->username);
if(client){
if(client->disabled){
return MOSQ_ERR_AUTH;
}
if(client->clientid){
clientid = mosquitto_client_id(ed->client);
if(clientid == NULL || strcmp(client->clientid, clientid)){
return MOSQ_ERR_AUTH;
}
}
if(client->pw.valid && dynsec_auth__pw_hash(client, ed->password, password_hash, sizeof(password_hash), false) == MOSQ_ERR_SUCCESS){
if(memcmp_const(client->pw.password_hash, password_hash, sizeof(password_hash)) == 0){
return MOSQ_ERR_SUCCESS;
}else{
return MOSQ_ERR_AUTH;
}
}else{
return MOSQ_ERR_PLUGIN_DEFER;
}
}else{
return MOSQ_ERR_PLUGIN_DEFER;
}
}
Reference in New Issue View Git Blame Copy Permalink