mirror of
https://github.com/3proxy/3proxy.git
synced 2026-04-28 15:10:12 +08:00
Use hashtables for password lists
This commit is contained in:
Vladimir Dubrovin
parent
62be3c7b5b
commit
62ceb36157
48
src/auth.c
48
src/auth.c
@ -919,46 +919,24 @@ int dnsauth(struct clientparam * param){
|
||||
}
|
||||
|
||||
int strongauth(struct clientparam * param){
|
||||
struct passwords * pwl;
|
||||
static char dummy;
|
||||
unsigned char buf[256];
|
||||
|
||||
char cryptpw[65] = {0};
|
||||
|
||||
if (!param->username) return 4;
|
||||
pthread_mutex_lock(&pwl_mutex);
|
||||
for(pwl = conf.pwl; pwl; pwl=pwl->next){
|
||||
if(!strcmp((char *)pwl->user, (char *)param->username)) switch(pwl->pwtype) {
|
||||
case CL:
|
||||
if(!pwl->password || !*pwl->password){
|
||||
break;
|
||||
}
|
||||
else if (!param->pwtype && param->password && !strcmp((char *)param->password, (char *)pwl->password)){
|
||||
break;
|
||||
}
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 6;
|
||||
#ifndef NOCRYPT
|
||||
case CR:
|
||||
if(param->password && !param->pwtype && !strcmp((char *)pwl->password, (char *)mycrypt(param->password, pwl->password,buf))) {
|
||||
break;
|
||||
}
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 7;
|
||||
case NT:
|
||||
if(param->password && !param->pwtype && !memcmp(pwl->password, ntpwdhash(buf,param->password, 1), 32)) {
|
||||
break;
|
||||
}
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 8;
|
||||
#endif
|
||||
default:
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 999;
|
||||
}
|
||||
else continue;
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
if (!param->pwtype && param->password) {
|
||||
if (pw_table.ihashtable && hashresolv(&pw_table, param, &dummy, NULL))
|
||||
return 0;
|
||||
if (pwnt_table.ihashtable && hashresolv(&pwnt_table, param, &dummy, NULL))
|
||||
return 0;
|
||||
#ifndef NOCRYPT
|
||||
if (pwcr_table.ihashtable && hashresolv(&pwcr_table, param, cryptpw, NULL)) {
|
||||
if (!strcmp(cryptpw, (char *)mycrypt(param->password, (unsigned char *)cryptpw, buf)))
|
||||
return 0;
|
||||
return 7;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
return 5;
|
||||
}
|
||||
|
||||
|
||||
63
src/conf.c
63
src/conf.c
@ -533,44 +533,43 @@ static int h_auth(int argc, unsigned char **argv){
|
||||
}
|
||||
|
||||
static int h_users(int argc, unsigned char **argv){
|
||||
static char dummy;
|
||||
int j;
|
||||
unsigned char *arg;
|
||||
struct passwords *pwl = NULL;
|
||||
char *pw[2];
|
||||
|
||||
for (j = 1; j < argc; j++) {
|
||||
if(!(pwl = myalloc(sizeof(struct passwords)))) {
|
||||
return(21);
|
||||
}
|
||||
memset(pwl, 0, sizeof(struct passwords));
|
||||
|
||||
arg = (unsigned char *)strchr((char *)argv[j], ':');
|
||||
if(!arg||!arg[1]||!arg[2]||arg[3]!=':') {
|
||||
pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
|
||||
pwl->pwtype = SYS;
|
||||
}
|
||||
else {
|
||||
if (!arg) continue;
|
||||
*arg = 0;
|
||||
pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
|
||||
pw[0] = (char *)argv[j];
|
||||
|
||||
if((arg[1] == 'C' && arg[2] == 'L' && (pwl->pwtype = CL)) ||
|
||||
(arg[1] == 'C' && arg[2] == 'R' && (pwl->pwtype = CR)) ||
|
||||
(arg[1] == 'N' && arg[2] == 'T' && (pwl->pwtype = NT)) ||
|
||||
(arg[1] == 'L' && arg[2] == 'M' && (pwl->pwtype = LM))){
|
||||
pwl->password = (unsigned char *)mystrdup((char *)arg+4);
|
||||
if (arg[1] && arg[2] && arg[3] == ':') {
|
||||
pw[1] = (char *)(arg + 4);
|
||||
if (arg[1] == 'N' && arg[2] == 'T') {
|
||||
if (!pwnt_table.ihashtable && inithashtable(&pwnt_table, 16, 32, 1048576))
|
||||
return 3;
|
||||
hashadd(&pwnt_table, pw, &dummy, MAX_COUNTER_TIME);
|
||||
continue;
|
||||
}
|
||||
else {
|
||||
pwl->password = (unsigned char *) mystrdup((char *)arg + 1);
|
||||
pwl->pwtype = UN;
|
||||
if (arg[1] == 'C' && arg[2] == 'R') {
|
||||
if (!pwcr_table.ihashtable && inithashtable(&pwcr_table, 16, 32, 1048576))
|
||||
return 3;
|
||||
hashadd(&pwcr_table, pw[0], pw[1], MAX_COUNTER_TIME);
|
||||
continue;
|
||||
}
|
||||
if(!pwl->password) return 3;
|
||||
if (arg[1] == 'C' && arg[2] == 'L') {
|
||||
/* fall through to CL handling below */
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
} else {
|
||||
pw[1] = (char *)(arg + 1);
|
||||
}
|
||||
if(!pwl->user) return 21;
|
||||
pthread_mutex_lock(&pwl_mutex);
|
||||
pwl->next = conf.pwl;
|
||||
conf.pwl = pwl;
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
|
||||
|
||||
if (!pw_table.ihashtable && inithashtable(&pw_table, 16, 32, 1048576))
|
||||
return 3;
|
||||
hashadd(&pw_table, pw, &dummy, MAX_COUNTER_TIME);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@ -1852,7 +1851,6 @@ void freeconf(struct extparam *confp){
|
||||
struct bandlim * blout;
|
||||
struct connlim * cl;
|
||||
struct trafcount * tc;
|
||||
struct passwords *pw;
|
||||
struct ace *acl;
|
||||
struct filemon *fm;
|
||||
int counterd, archiverc;
|
||||
@ -1886,11 +1884,9 @@ void freeconf(struct extparam *confp){
|
||||
confp->connlimiter = NULL;
|
||||
pthread_mutex_unlock(&connlim_mutex);
|
||||
|
||||
pthread_mutex_lock(&pwl_mutex);
|
||||
pw = confp->pwl;
|
||||
confp->pwl = NULL;
|
||||
pthread_mutex_unlock(&pwl_mutex);
|
||||
|
||||
destroyhashtable(&pw_table);
|
||||
destroyhashtable(&pwnt_table);
|
||||
destroyhashtable(&pwcr_table);
|
||||
|
||||
confp->logfunc = lognone;
|
||||
logformat = confp->logformat;
|
||||
@ -1935,7 +1931,6 @@ void freeconf(struct extparam *confp){
|
||||
|
||||
|
||||
freeacl(acl);
|
||||
freepwl(pw);
|
||||
for(; bl; bl = (struct bandlim *) itfree(bl, bl->next)) freeacl(bl->ace);
|
||||
for(; blout; blout = (struct bandlim *) itfree(blout, blout->next))freeacl(blout->ace);
|
||||
for(; cl; cl = (struct connlim *) itfree(cl, cl->next)) freeacl(cl->ace);
|
||||
|
||||
16
src/hash.c
16
src/hash.c
@ -24,11 +24,12 @@ void destroyhashtable(struct hashtable *ht){
|
||||
ht->hashvalues = NULL;
|
||||
}
|
||||
if(ht->hashhashvalues){
|
||||
myfree(ht->hashvalues);
|
||||
ht->hashvalues = NULL;
|
||||
myfree(ht->hashhashvalues);
|
||||
ht->hashhashvalues = NULL;
|
||||
}
|
||||
ht->poolsize = 0;
|
||||
ht->tablesize = 0;
|
||||
ht->ihashempty = 0;
|
||||
pthread_mutex_unlock(&hash_mutex);
|
||||
}
|
||||
|
||||
@ -62,8 +63,8 @@ int inithashtable(struct hashtable *ht, unsigned tablesize, unsigned poolsize, u
|
||||
ht->hashvalues = NULL;
|
||||
}
|
||||
if(ht->hashhashvalues){
|
||||
myfree(ht->hashvalues);
|
||||
ht->hashvalues = NULL;
|
||||
myfree(ht->hashhashvalues);
|
||||
ht->hashhashvalues = NULL;
|
||||
}
|
||||
ht->poolsize = 0;
|
||||
ht->tablesize = 0;
|
||||
@ -315,9 +316,14 @@ void param2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
|
||||
|
||||
|
||||
|
||||
static void user2hash_search(const struct hashtable *ht, void *index, uint8_t *hash){
|
||||
struct clientparam *param = (struct clientparam *)index;
|
||||
blake2b(hash, ht->hash_size, param->username, strlen((const char *)param->username), NULL, 0);
|
||||
}
|
||||
|
||||
struct hashtable dns_table = {char_index2hash, char_index2hash, 4, 12};
|
||||
struct hashtable dns6_table = {char_index2hash, char_index2hash, 16, 12};
|
||||
struct hashtable auth_table = {param2hash_add, param2hash_search, sizeof(struct authcache), 12};
|
||||
struct hashtable pw_table = {pw2hash_add, pw2hash_search, 0, 12};
|
||||
struct hashtable pwnt_table = {pwnt2hash_add, pwnt2hash_search, 0, 12};
|
||||
struct hashtable pwcr_table = {char_index2hash, char_index2hash, 64, 12};
|
||||
struct hashtable pwcr_table = {char_index2hash, user2hash_search, 64, 12};
|
||||
|
||||
@ -779,6 +779,9 @@ struct hashtable {
|
||||
extern struct hashtable dns_table;
|
||||
extern struct hashtable dns6_table;
|
||||
extern struct hashtable auth_table;
|
||||
extern struct hashtable pw_table;
|
||||
extern struct hashtable pwnt_table;
|
||||
extern struct hashtable pwcr_table;
|
||||
|
||||
struct authcache {
|
||||
unsigned char username[64];
|
||||
|
||||
Loading…
Reference in New Issue
Block a user