… | |
… | |
3 | # login handling |
3 | # login handling |
4 | |
4 | |
5 | use Fcntl; |
5 | use Fcntl; |
6 | use Coro::AIO; |
6 | use Coro::AIO; |
7 | |
7 | |
8 | our $MAX_DISCONNECT_TIME = $cf::CFG{max_disconnect_time} || 3600; |
8 | CONF MAX_DISCONNECT_TIME = 3600; |
9 | |
9 | |
10 | # paranoia function to overwrite a string-in-place |
10 | # paranoia function to overwrite a string-in-place |
11 | sub nuke_str { |
11 | sub nuke_str { |
12 | substr $_[0], 0, (length $_[0]), "x" x length $_[0] |
12 | substr $_[0], 0, (length $_[0]), "x" x length $_[0] |
13 | } |
13 | } |
… | |
… | |
140 | } |
140 | } |
141 | |
141 | |
142 | sub compare_password($$) { |
142 | sub compare_password($$) { |
143 | my ($pass, $token) = @_; |
143 | my ($pass, $token) = @_; |
144 | |
144 | |
145 | if ($token =~ /\!(.*)/) { |
145 | if ($token =~ /!!(.*)/) { |
|
|
146 | return +(substr $pass, 0, 8) eq pack "H*", $1; |
|
|
147 | } elsif ($token =~ /!(.*)/) { |
146 | return $pass eq pack "H*", $1; |
148 | return $pass eq pack "H*", $1; |
147 | } else { |
149 | } else { |
148 | return $token eq crypt $pass, $token; |
150 | return $token eq crypt $pass, $token; |
149 | } |
151 | } |
150 | } |
152 | } |