suzanne.soy/racket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added plaintext password option

Browse Source 
svn: r1823
This commit is contained in:
Eli Barzilay 2006-01-13 12:38:47 +00:00
parent 55da91c556
commit c311a402bc
2 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
collects/handin-server/doc.txt
View File

@ -313,12 +313,12 @@ sub-directories:
matches your 'extra-fields specification. For example, given this matches your 'extra-fields specification. For example, given this
system file: system file:
foo:wRzN1u5q2SqRD:1203:1203:Foo Moo:/home/foo:/bin/tcsh foo:wRzN1u5q2SqRD:1203:1203:L.E. Foo:/home/foo:/bin/tcsh
bar:$1$dKlU0OkJ$t63NU/eTzKz:1205:1205:Bar Z. Lie:/home/bar:/bin/bash bar:$1$dKlU0OkJ$t63NU/eTzKz:1205:1205:Bar Z. Lie:/home/bar:/bin/bash
you can create a "users.ss" file as you can create this "users.ss" file:
((foo ((unix "wRzN1u5q2SqRD") "Foo Moo" "?")) ((foo ((unix "wRzN1u5q2SqRD") "L.E. Foo" "?"))
(bar ((unix "$1$dKlU0OkJ$t63NU/eTzKz") "Bar Z. Lie" "?"))) (bar ((unix "$1$dKlU0OkJ$t63NU/eTzKz") "Bar Z. Lie" "?")))
which can be combined with this setting for 'extra-fields in your which can be combined with this setting for 'extra-fields in your
@ -333,6 +333,10 @@ sub-directories:
and password, and use the "Manage ..." dialog to properly set and password, and use the "Manage ..." dialog to properly set
their TA name. their TA name.
Finally, a password value can be a list that begins with a
'plaintext symbol, which will be used without encryption. This
may be useful for manually resetting a forgotten passwords.
* "active/" --- sub-directory for active assignments. A list of * "active/" --- sub-directory for active assignments. A list of
active assignments is sent to a client tool when a student clicks active assignments is sent to a client tool when a student clicks
"Handin", based on the contents of this directory. The student "Handin", based on the contents of this directory. The student

21
collects/handin-server/handin-server.ss
View File

@ -459,16 +459,21 @@
(lambda () (bytes->string/utf-8 (c passwd salt))))))) (lambda () (bytes->string/utf-8 (c passwd salt)))))))
(define (has-password? raw md5 passwords) (define (has-password? raw md5 passwords)
(define (good? passwd) (define (good? passwd)
(define (bad-password msg)
(LOG "ERROR: ~a -- ~s" log-args passwd)
(error 'handin "bad password in user database"))
(cond [(string? passwd) (equal? md5 passwd)] (cond [(string? passwd) (equal? md5 passwd)]
[(and (list? passwd) (= 2 (length passwd)) [(and (list? passwd) (= 2 (length passwd))
(eq? 'unix (car passwd)) (string? (cadr passwd)) (symbol? (car passwd)) (string? (cadr passwd)))
;; find the salt part (case (car passwd)
(regexp-match #rx"^([$][^$]+[$][^$]+[$]|..)" (cadr passwd))) [(plaintext) (equal? raw (cadr passwd))]
=> (lambda (m) [(unix)
(equal? (crypt raw (car m)) (cadr passwd)))] (let ([salt (regexp-match #rx"^([$][^$]+[$][^$]+[$]|..)"
[else (LOG "ERROR: bad password in user database: ~s" passwd) (cadr passwd))])
;; do not show the bad password... (unless salt (bad-password "badly formatted unix password"))
(error 'handin "bad password in user database")])) (equal? (crypt raw (car salt)) (cadr passwd)))]
[else (bad-password "bad password type in user database")])]
[else (bad-password "bad password value in user database")]))
(or (member md5 passwords) ; very cheap search first (or (member md5 passwords) ; very cheap search first
(ormap good? passwords))) (ormap good? passwords)))