mirror of
https://github.com/3proxy/3proxy.git
synced 2026-04-28 23:20:12 +08:00
Use hashtables for password lists
This commit is contained in:
Vladimir Dubrovin
parent
62be3c7b5b
commit
62ceb36157
50
src/auth.c
50
src/auth.c
@ -919,46 +919,24 @@ int dnsauth(struct clientparam * param){
|
|||||||
}
|
}
|
||||||
|
|
||||||
int strongauth(struct clientparam * param){
|
int strongauth(struct clientparam * param){
|
||||||
struct passwords * pwl;
|
static char dummy;
|
||||||
unsigned char buf[256];
|
unsigned char buf[256];
|
||||||
|
char cryptpw[65] = {0};
|
||||||
|
|
||||||
|
if (!param->username) return 4;
|
||||||
if(!param->username) return 4;
|
if (!param->pwtype && param->password) {
|
||||||
pthread_mutex_lock(&pwl_mutex);
|
if (pw_table.ihashtable && hashresolv(&pw_table, param, &dummy, NULL))
|
||||||
for(pwl = conf.pwl; pwl; pwl=pwl->next){
|
|
||||||
if(!strcmp((char *)pwl->user, (char *)param->username)) switch(pwl->pwtype) {
|
|
||||||
case CL:
|
|
||||||
if(!pwl->password || !*pwl->password){
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
else if (!param->pwtype && param->password && !strcmp((char *)param->password, (char *)pwl->password)){
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 6;
|
|
||||||
#ifndef NOCRYPT
|
|
||||||
case CR:
|
|
||||||
if(param->password && !param->pwtype && !strcmp((char *)pwl->password, (char *)mycrypt(param->password, pwl->password,buf))) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 7;
|
|
||||||
case NT:
|
|
||||||
if(param->password && !param->pwtype && !memcmp(pwl->password, ntpwdhash(buf,param->password, 1), 32)) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 8;
|
|
||||||
#endif
|
|
||||||
default:
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 999;
|
|
||||||
}
|
|
||||||
else continue;
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 0;
|
return 0;
|
||||||
|
if (pwnt_table.ihashtable && hashresolv(&pwnt_table, param, &dummy, NULL))
|
||||||
|
return 0;
|
||||||
|
#ifndef NOCRYPT
|
||||||
|
if (pwcr_table.ihashtable && hashresolv(&pwcr_table, param, cryptpw, NULL)) {
|
||||||
|
if (!strcmp(cryptpw, (char *)mycrypt(param->password, (unsigned char *)cryptpw, buf)))
|
||||||
|
return 0;
|
||||||
|
return 7;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
return 5;
|
return 5;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
65
src/conf.c
65
src/conf.c
@ -533,44 +533,43 @@ static int h_auth(int argc, unsigned char **argv){
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int h_users(int argc, unsigned char **argv){
|
static int h_users(int argc, unsigned char **argv){
|
||||||
|
static char dummy;
|
||||||
int j;
|
int j;
|
||||||
unsigned char *arg;
|
unsigned char *arg;
|
||||||
struct passwords *pwl = NULL;
|
char *pw[2];
|
||||||
|
|
||||||
for (j = 1; j<argc; j++) {
|
|
||||||
if(!(pwl = myalloc(sizeof(struct passwords)))) {
|
|
||||||
return(21);
|
|
||||||
}
|
|
||||||
memset(pwl, 0, sizeof(struct passwords));
|
|
||||||
|
|
||||||
|
for (j = 1; j < argc; j++) {
|
||||||
arg = (unsigned char *)strchr((char *)argv[j], ':');
|
arg = (unsigned char *)strchr((char *)argv[j], ':');
|
||||||
if(!arg||!arg[1]||!arg[2]||arg[3]!=':') {
|
if (!arg) continue;
|
||||||
pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
|
|
||||||
pwl->pwtype = SYS;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
*arg = 0;
|
*arg = 0;
|
||||||
pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
|
pw[0] = (char *)argv[j];
|
||||||
|
|
||||||
if((arg[1] == 'C' && arg[2] == 'L' && (pwl->pwtype = CL)) ||
|
if (arg[1] && arg[2] && arg[3] == ':') {
|
||||||
(arg[1] == 'C' && arg[2] == 'R' && (pwl->pwtype = CR)) ||
|
pw[1] = (char *)(arg + 4);
|
||||||
(arg[1] == 'N' && arg[2] == 'T' && (pwl->pwtype = NT)) ||
|
if (arg[1] == 'N' && arg[2] == 'T') {
|
||||||
(arg[1] == 'L' && arg[2] == 'M' && (pwl->pwtype = LM))){
|
if (!pwnt_table.ihashtable && inithashtable(&pwnt_table, 16, 32, 1048576))
|
||||||
pwl->password = (unsigned char *)mystrdup((char *)arg+4);
|
return 3;
|
||||||
|
hashadd(&pwnt_table, pw, &dummy, MAX_COUNTER_TIME);
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
else {
|
if (arg[1] == 'C' && arg[2] == 'R') {
|
||||||
pwl->password = (unsigned char *) mystrdup((char *)arg + 1);
|
if (!pwcr_table.ihashtable && inithashtable(&pwcr_table, 16, 32, 1048576))
|
||||||
pwl->pwtype = UN;
|
return 3;
|
||||||
|
hashadd(&pwcr_table, pw[0], pw[1], MAX_COUNTER_TIME);
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
if(!pwl->password) return 3;
|
if (arg[1] == 'C' && arg[2] == 'L') {
|
||||||
|
/* fall through to CL handling below */
|
||||||
|
} else {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
pw[1] = (char *)(arg + 1);
|
||||||
}
|
}
|
||||||
if(!pwl->user) return 21;
|
|
||||||
pthread_mutex_lock(&pwl_mutex);
|
|
||||||
pwl->next = conf.pwl;
|
|
||||||
conf.pwl = pwl;
|
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
|
|
||||||
|
|
||||||
|
if (!pw_table.ihashtable && inithashtable(&pw_table, 16, 32, 1048576))
|
||||||
|
return 3;
|
||||||
|
hashadd(&pw_table, pw, &dummy, MAX_COUNTER_TIME);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1852,7 +1851,6 @@ void freeconf(struct extparam *confp){
|
|||||||
struct bandlim * blout;
|
struct bandlim * blout;
|
||||||
struct connlim * cl;
|
struct connlim * cl;
|
||||||
struct trafcount * tc;
|
struct trafcount * tc;
|
||||||
struct passwords *pw;
|
|
||||||
struct ace *acl;
|
struct ace *acl;
|
||||||
struct filemon *fm;
|
struct filemon *fm;
|
||||||
int counterd, archiverc;
|
int counterd, archiverc;
|
||||||
@ -1886,11 +1884,9 @@ void freeconf(struct extparam *confp){
|
|||||||
confp->connlimiter = NULL;
|
confp->connlimiter = NULL;
|
||||||
pthread_mutex_unlock(&connlim_mutex);
|
pthread_mutex_unlock(&connlim_mutex);
|
||||||
|
|
||||||
pthread_mutex_lock(&pwl_mutex);
|
destroyhashtable(&pw_table);
|
||||||
pw = confp->pwl;
|
destroyhashtable(&pwnt_table);
|
||||||
confp->pwl = NULL;
|
destroyhashtable(&pwcr_table);
|
||||||
pthread_mutex_unlock(&pwl_mutex);
|
|
||||||
|
|
||||||
|
|
||||||
confp->logfunc = lognone;
|
confp->logfunc = lognone;
|
||||||
logformat = confp->logformat;
|
logformat = confp->logformat;
|
||||||
@ -1935,7 +1931,6 @@ void freeconf(struct extparam *confp){
|
|||||||
|
|
||||||
|
|
||||||
freeacl(acl);
|
freeacl(acl);
|
||||||
freepwl(pw);
|
|
||||||
for(; bl; bl = (struct bandlim *) itfree(bl, bl->next)) freeacl(bl->ace);
|
for(; bl; bl = (struct bandlim *) itfree(bl, bl->next)) freeacl(bl->ace);
|
||||||
for(; blout; blout = (struct bandlim *) itfree(blout, blout->next))freeacl(blout->ace);
|
for(; blout; blout = (struct bandlim *) itfree(blout, blout->next))freeacl(blout->ace);
|
||||||
for(; cl; cl = (struct connlim *) itfree(cl, cl->next)) freeacl(cl->ace);
|
for(; cl; cl = (struct connlim *) itfree(cl, cl->next)) freeacl(cl->ace);
|
||||||
|
|||||||
16
src/hash.c
16
src/hash.c
@ -24,11 +24,12 @@ void destroyhashtable(struct hashtable *ht){
|
|||||||
ht->hashvalues = NULL;
|
ht->hashvalues = NULL;
|
||||||
}
|
}
|
||||||
if(ht->hashhashvalues){
|
if(ht->hashhashvalues){
|
||||||
myfree(ht->hashvalues);
|
myfree(ht->hashhashvalues);
|
||||||
ht->hashvalues = NULL;
|
ht->hashhashvalues = NULL;
|
||||||
}
|
}
|
||||||
ht->poolsize = 0;
|
ht->poolsize = 0;
|
||||||
ht->tablesize = 0;
|
ht->tablesize = 0;
|
||||||
|
ht->ihashempty = 0;
|
||||||
pthread_mutex_unlock(&hash_mutex);
|
pthread_mutex_unlock(&hash_mutex);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -62,8 +63,8 @@ int inithashtable(struct hashtable *ht, unsigned tablesize, unsigned poolsize, u
|
|||||||
ht->hashvalues = NULL;
|
ht->hashvalues = NULL;
|
||||||
}
|
}
|
||||||
if(ht->hashhashvalues){
|
if(ht->hashhashvalues){
|
||||||
myfree(ht->hashvalues);
|
myfree(ht->hashhashvalues);
|
||||||
ht->hashvalues = NULL;
|
ht->hashhashvalues = NULL;
|
||||||
}
|
}
|
||||||
ht->poolsize = 0;
|
ht->poolsize = 0;
|
||||||
ht->tablesize = 0;
|
ht->tablesize = 0;
|
||||||
@ -315,9 +316,14 @@ void param2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
static void user2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
|
||||||
|
struct clientparam *param = (struct clientparam *)index;
|
||||||
|
blake2b(hash, ht->hash_size, param->username, strlen((const char *)param->username), NULL, 0);
|
||||||
|
}
|
||||||
|
|
||||||
struct hashtable dns_table = {char_index2hash, char_index2hash, 4, 12};
|
struct hashtable dns_table = {char_index2hash, char_index2hash, 4, 12};
|
||||||
struct hashtable dns6_table = {char_index2hash, char_index2hash, 16, 12};
|
struct hashtable dns6_table = {char_index2hash, char_index2hash, 16, 12};
|
||||||
struct hashtable auth_table = {param2hash_add, param2hash_search, sizeof(struct authcache), 12};
|
struct hashtable auth_table = {param2hash_add, param2hash_search, sizeof(struct authcache), 12};
|
||||||
struct hashtable pw_table = {pw2hash_add, pw2hash_search, 0, 12};
|
struct hashtable pw_table = {pw2hash_add, pw2hash_search, 0, 12};
|
||||||
struct hashtable pwnt_table = {pwnt2hash_add, pwnt2hash_search, 0, 12};
|
struct hashtable pwnt_table = {pwnt2hash_add, pwnt2hash_search, 0, 12};
|
||||||
struct hashtable pwcr_table = {char_index2hash, char_index2hash, 64, 12};
|
struct hashtable pwcr_table = {char_index2hash, user2hash_search, 64, 12};
|
||||||
|
|||||||
@ -779,6 +779,9 @@ struct hashtable {
|
|||||||
extern struct hashtable dns_table;
|
extern struct hashtable dns_table;
|
||||||
extern struct hashtable dns6_table;
|
extern struct hashtable dns6_table;
|
||||||
extern struct hashtable auth_table;
|
extern struct hashtable auth_table;
|
||||||
|
extern struct hashtable pw_table;
|
||||||
|
extern struct hashtable pwnt_table;
|
||||||
|
extern struct hashtable pwcr_table;
|
||||||
|
|
||||||
struct authcache {
|
struct authcache {
|
||||||
unsigned char username[64];
|
unsigned char username[64];
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user