See ChangeLog

Monotone-Parent: baa6f9af328e12270813b11beac4250ab90005b0 Monotone-Revision: 659def76b8868bdc540986987d61b39410737054 Monotone-Author: ludovic@Sophos.ca Monotone-Date: 2011-02-02T01:58:56 Monotone-Branch: ca.inverse.sogo
2026-05-22 11:55:24 +00:00 · 2011-02-02 01:58:56 +00:00
parent 7f90b060a7
commit f3e23ff651
4 changed files with 9 additions and 4 deletions
@@ -1,3 +1,8 @@
+2011-02-01  Ludovic Marcotte  <lmarcotte@inverse.ca>
+
+	* SoObjects/SOGo/NSString+Utilities.h,m: Fixed
+	the salt for crypt-based encoding
+
 2011-02-01  Francis Lachapelle  <flachapelle@inverse.ca>

 	* UI/WebServerResources/scriptaculous/dragdrop.js (-updateDrag:):
@@ -68,7 +68,7 @@

 - (id) objectFromJSONString;

- (NSString *) asCryptString;
+- (NSString *) asCryptStringUsingSalt: (NSString *) theSalt;
 - (NSString *) asMD5String;
 - (NSString *) asSHA1String;

@@ -545,13 +545,13 @@ static NSMutableCharacterSet *safeLDIFStartChars = nil;
  return object;
 }

- (NSString *) asCryptString
+- (NSString *) asCryptStringUsingSalt: (NSString *) theSalt
 {
  char *buf;
  
  // The salt is weak here, but who cares anyway, crypt should not
  // be used anymore
-  buf = (char *)crypt([self UTF8String], [self UTF8String]);
+  buf = (char *)crypt([self UTF8String], [theSalt UTF8String]);
  return [NSString stringWithUTF8String: buf];
 }

@@ -139,7 +139,7 @@
    }
  else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"crypt"] == NSOrderedSame)
    {
-      return [[plainPassword asCryptString] isEqualToString: encryptedPassword];
+      return [[plainPassword asCryptStringUsingSalt: encryptedPassword] isEqualToString: encryptedPassword];
    }
  else if ([_userPasswordAlgorithm caseInsensitiveCompare: @"md5"] == NSOrderedSame)
    {