> -----Original Message-----
> From: Justin Erenkrantz [mailto:[EMAIL PROTECTED]
> Sent: Sunday, September 23, 2001 12:51 AM
> To: Mladen Turk
> Cc: APR Dev List
> Subject: Re: [PATCH] apr_password_validate with LIBEAY des_fcrypt support
> > Here is a patch that uses dso to load a libeay32.dll from
> openssl an enables
> > apr to validate a password using des_fcrypt.
>
> What happens if this dll is not available? I don't think we're
> enforcing users to have OpenSSL.
Nothing happens!
It falls back to the original behavior if the dll coudn't be loaded at
runtime.
> > It would be much easier to implent that enhancement if
> apr_password_validate
> > function will has the apr_pool_t as a parameter.
> If it is needed, now is the time to do it before we freeze the API.
Well, I'm creating right now an extra static pool when the apr_password get
called for the first time.
The solution is to use either the pool that could come from function call or
to use the global pool from apr_initialize.
I was thinking to load the libeay32.dll inside the apr_initialize function.
Using that approach an extra pool will not be needed.
Here is the solution that doesn't require API changes. It's much more
simpler but requires apr_initialize patch.
Index: start.c
===================================================================
RCS file: /home/cvspublic/apr/misc/unix/start.c,v
retrieving revision 1.53
diff -u -r1.53 start.c
--- start.c 2001/08/31 06:07:34 1.53
+++ start.c 2001/09/23 08:03:35
@@ -60,11 +60,16 @@
#include "misc.h" /* for WSAHighByte / WSALowByte */
#include "locks.h" /* for apr_unix_setup_lock() */
#include "internal_time.h"
+#include "dso.h"
-
static int initialized = 0;
static apr_pool_t *global_apr_pool;
+typedef char* (*fp_des_fcrypt)(const char *,const char *, char *);
+static apr_dso_handle_t *libeay;
+fp_des_fcrypt des_fcrypt = NULL;
+#define LIBEAY_DSO_NAME "libeay32"
+
APR_DECLARE(apr_status_t) apr_initialize(void)
{
apr_status_t status;
@@ -100,6 +105,12 @@
if ((status = apr_pool_alloc_init(global_apr_pool)) != APR_SUCCESS)
return status;
+
+#if defined(WIN32) || defined(BEOS) || defined(NETWARE)
+ if (apr_dso_load(&libeay, LIBEAY_DSO_NAME, global_apr_pool) ==
APR_SUCCESS)
+ if (apr_dso_sym((void **)&des_fcrypt, libeay, "des_fcrypt") !=
APR_SUCCESS)
+ des_fcrypt = NULL;
+#endif
apr_signal_init(global_apr_pool);
Index: apr_md5.c
===================================================================
RCS file: /home/cvspublic/apr/passwd/apr_md5.c,v
retrieving revision 1.15
diff -u -r1.15 apr_md5.c
--- apr_md5.c 2001/08/06 15:46:04 1.15
+++ apr_md5.c 2001/09/23 08:04:21
@@ -101,6 +101,7 @@
#include "apr_strings.h"
#include "apr_md5.h"
#include "apr_lib.h"
+#include "apr_dso.h"
#if APR_HAVE_STRING_H
#include <string.h>
@@ -669,6 +670,10 @@
return APR_SUCCESS;
}
+#if defined(WIN32) || defined(BEOS) || defined(NETWARE)
+typedef char* (*fp_des_fcrypt)(const char *,const char *, char *);
+extern fp_des_fcrypt des_fcrypt;
+#endif
/*
* Validate a plaintext password against a smashed one. Use either
* crypt() (if available) or apr_md5_encode(), depending upon the format
@@ -694,7 +699,10 @@
* It's not our algorithm, so feed it to crypt() if possible.
*/
#if defined(WIN32) || defined(BEOS) || defined(NETWARE)
- apr_cpystrn(sample, passwd, sizeof(sample) - 1);
+ if (des_fcrypt)
+ apr_cpystrn(sample, (des_fcrypt)(passwd, hash, sample),
sizeof(sample) - 1);
+ else
+ apr_cpystrn(sample, passwd, sizeof(sample) - 1);
#else
crypt_pw = crypt(passwd, hash);
apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1);
MT.
