* Given a username and site passphrase hash from the session, determine * whether the site passphrase is valid for this session. * * If the site passphrase is NULL, or if the sent_hash is NULL, this * function returns DECLINED. * * If the site passphrase hash does not match the sent hash, this function * returns AUTH_USER_NOT_FOUND. * * On success, returns OK. */
| 731 | * On success, returns OK. |
| 732 | */ |
| 733 | static int check_site(request_rec * r, const char *site, const char *sent_user, const char *sent_hash) |
| 734 | { |
| 735 | |
| 736 | if (site && sent_user && sent_hash) { |
| 737 | const char *hash = ap_md5(r->pool, |
| 738 | (unsigned char *) apr_pstrcat(r->pool, sent_user, ":", site, NULL)); |
| 739 | |
| 740 | if (!strcmp(sent_hash, hash)) { |
| 741 | return OK; |
| 742 | } |
| 743 | else { |
| 744 | return AUTH_USER_NOT_FOUND; |
| 745 | } |
| 746 | } |
| 747 | |
| 748 | return DECLINED; |
| 749 | |
| 750 | } |
| 751 | |
| 752 | /** |
| 753 | * Given a username and password (extracted externally from a cookie), run |
no test coverage detected