--- /dev/null
+/*
+ * cmd_pas2 - MD5 APOP style auth keyed off of the hash of the password
+ * plus a nonce displayed at the login banner.
+ */
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <time.h>
+#include <ctype.h>
+#include <string.h>
+#include <errno.h>
+#include "sysdep_decls.h"
+#include "citadel.h"
+#include "server.h"
+#include "citserver.h"
+#include "support.h"
+#include "dynloader.h"
+#include "user_ops.h"
+#include "md5.h"
+#include "tools.h"
+
+
+void cmd_pas2(char *argbuf)
+{
+ char pw[256];
+ char hexstring[MD5_HEXSTRING_SIZE];
+
+
+ if (!strcmp(CC->curr_user, NLI))
+ {
+ cprintf("%d You must enter a user with the USER command first.\n", ERROR);
+ return;
+ }
+
+ if (CC->logged_in)
+ {
+ cprintf("%d Already logged in.\n", ERROR);
+ return;
+ }
+
+ extract(pw, argbuf, 0);
+
+ if (getuser(&CC->usersupp, CC->curr_user))
+ {
+ cprintf("%d Unable to find user record for %s.\n", ERROR, CC->curr_user);
+ return;
+ }
+
+ strproc(pw);
+ strproc(CC->usersupp.password);
+
+ if (strlen(pw) != (MD5_HEXSTRING_SIZE-1))
+ {
+ cprintf("%d Auth string of length %d is the wrong length (should be %d).\n", ERROR, strlen(pw), MD5_HEXSTRING_SIZE-1);
+ return;
+ }
+
+ make_apop_string(CC->usersupp.password, CC->cs_nonce, hexstring);
+
+ if (!strcmp(hexstring, pw))
+ {
+ do_login();
+ return;
+ }
+ else
+ {
+ cprintf("%d Wrong password.\n", ERROR);
+ return;
+ }
+}
+
+
+
+
+
+char *Dynamic_Module_Init(void)
+{
+ CtdlRegisterProtoHook(cmd_pas2, "PAS2", "APOP-based login");
+ return "$(RCSID)";
+}