d9719e1d52b657fec9bf6676c85a4d2458fd7e89 galt Thu Apr 27 15:54:31 2017 -0700 Remove optional compile switch USE_SSL so that openssl is now an official kent repo dependency. Also using openssl sha1 in hgTracks multiregion. refs #17358. diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 34bb18e..71e1ae6 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -72,31 +72,30 @@ return cloneString(cfgOption(CFG_LOGIN_MAIL_SIGNATURE)); } char *mailReturnAddr() /* Return the return addr. to be used by outbound mail or NULL. Allocd here. * If set to "NOEMAIL" then no email will be sent and the account is activated right away. * */ { if isEmpty(cfgOption(CFG_LOGIN_MAIL_RETURN_ADDR)) return cloneString("NULL_mailReturnAddr"); else return cloneString(cfgOption(CFG_LOGIN_MAIL_RETURN_ADDR)); } /* ---- password functions depend on optionally installed openssl lib ---- */ -#ifdef USE_SSL #include void cryptWikiWay(char *password, char *salt, char* result) /* encrypt password in mediawiki format - ':B:'.$salt.':'. md5($salt.'-'.md5($password ) */ { int i; unsigned char result1[MD5_DIGEST_LENGTH]; unsigned char result2[MD5_DIGEST_LENGTH]; char firstMD5[MD5_DIGEST_LENGTH*2 + 1]; char secondMD5[MD5_DIGEST_LENGTH*2 + 1]; i = MD5_DIGEST_LENGTH; MD5((unsigned char *)password, strlen(password), result1); for(i = 0; i < MD5_DIGEST_LENGTH; i++) { @@ -147,55 +146,30 @@ char *generateTokenMD5(char *token) /* Generate an unsalted MD5 string from token. */ { unsigned char result[MD5_DIGEST_LENGTH]; char tokenMD5[MD5_DIGEST_LENGTH*2 + 1]; int i = MD5_DIGEST_LENGTH; MD5((unsigned char *) token, strlen(token), result); // Convert the tokenMD5 value to string for(i = 0; i < MD5_DIGEST_LENGTH; i++) { sprintf(&tokenMD5[i*2], "%02x", result[i]); } return cloneString(tokenMD5); } -#else // --------- no USE_SSL ==> errAbort with message that openssl is required -------------- - -#define NEED_OPENSSL "kent/src must be recompiled with openssl libs and USE_SSL=1 in order for this to work." - -void encryptPWD(char *password, char *salt, char *buf, int bufsize) -/* This is just a warning that appears in the absence of USE_SSL. Real implementation is above! */ -{ -errAbort(NEED_OPENSSL); -} - -void encryptNewPwd(char *password, char *buf, int bufsize) -/* This is just a warning that appears in the absence of USE_SSL. Real implementation is above! */ -{ -errAbort(NEED_OPENSSL); -} - -char *generateTokenMD5(char *token) -/* This is just a warning that appears in the absence of USE_SSL. Real implementation is above! */ -{ -errAbort(NEED_OPENSSL); -return NULL; // Compiler doesn't know that we never get here. -} - -#endif//ndef USE_SSL - void findSalt(char *encPassword, char *salt, int saltSize) /* find the salt part from the password field */ { char tempStr1[45]; char tempStr2[45]; int i; // Skip the ":B:" part for (i = 3; i <= strlen(encPassword); i++) tempStr1[i-3] = encPassword[i]; i = strcspn(tempStr1,":"); safencpy(tempStr2, sizeof(tempStr2), tempStr1, i); safecpy(salt, saltSize,tempStr2); } bool checkPwd(char *password, char *encPassword)