Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-11-30 17:20:32 +01:00
Code Issues Projects Releases Wiki Activity

2021-04-27 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Changed the 'RDAIRPLAY_EXIT_PASSWORD' field from 'varchar(41)'
	to 'varchar(48)'.
	* Incremented the database version to 349.
	* Renamed the 'RDSha1Hash()' function to 'RDSha1HashFile()'.
	* Added 'RDSha1HashPassword()' function in 'lib/rdhash.[cpp|h]'.
	* Added 'RDSha1HashCheckPassword()' function in 'lib/rdhash.[cpp|h]'.
	* Changed the hashing algorithm used for the Exit Password for
	rdairplay(1) to salted SHA1.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason
2021-04-27 16:52:26 -04:00
parent 05c35a208c
commit 9a65658267
17 changed files with 164 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
lib/rdairplay_conf.cpp
View File

@@ -20,10 +20,11 @@
#include <QObject>
#include "rdairplay_conf.h"
#include "rddb.h"
#include "rdconf.h"
#include "rdairplay_conf.h"
#include "rdescape_string.h"
#include "rdhash.h"
RDAirPlayConf::RDAirPlayConf(const QString &station,const QString &tablename)
{
@@ -662,34 +663,40 @@ bool RDAirPlayConf::exitPasswordValid(const QString &passwd) const
{
QString sql;
RDSqlQuery *q;
sql=QString("select `EXIT_PASSWORD` from `")+air_tablename+"` where "+
"STATION='"+RDEscapeString(air_station)+"' && "+
"((`EXIT_PASSWORD`=PASSWORD('"+RDEscapeString(passwd)+"'))";
if(passwd.isEmpty()) {
sql+="||(`EXIT_PASSWORD` is null)";
}
sql+=")";
bool ret=false;
sql=QString("select ")+
"`EXIT_PASSWORD` "+ // 00
"from `"+air_tablename+"` where "+
"`STATION`='"+RDEscapeString(air_station)+"'";
q=new RDSqlQuery(sql);
if(q->size()>0) {
delete q;
return true;
if(q->first()) {
if(passwd.isEmpty()) {
ret=q->value(0).isNull();
}
else {
ret=RDSha1HashCheckPassword(passwd,q->value(0).toString());
}
}
delete q;
return false;
return ret;
}
void RDAirPlayConf::setExitPassword(const QString &passwd) const
{
QString sql;
RDSqlQuery *q;
sql=QString("update `")+air_tablename+"` set "+
"`EXIT_PASSWORD`=PASSWORD('"+RDEscapeString(passwd)+"') where "+
"`STATION`='"+RDEscapeString(air_station)+"'";
q=new RDSqlQuery(sql);
delete q;
if(passwd.isEmpty()) {
sql=QString("update `")+air_tablename+"` set "+
"`EXIT_PASSWORD`=null where "+
"`STATION`='"+RDEscapeString(air_station)+"'";
}
else {
sql=QString("update `")+air_tablename+"` set "+
"`EXIT_PASSWORD`='"+RDEscapeString(RDSha1HashPassword(passwd))+"' where "+
"`STATION`='"+RDEscapeString(air_station)+"'";
}
RDSqlQuery::apply(sql);
}