Initial commit

Author: tessus

CHANGES

@@ -0,0 +1,39 @@
+db2-hash-routines 1.1
+
+ - renamed package to db2-hash-routines
+ - changed man pages
+
+db2-auth-routines 1.1
+
+ - renamed package to db2-auth-routines
+ - added man pages
+ - added stored procedures
+ - renamed several files (see README)
+ - changed makertn script to optionally compile with xlc on AIX
+ 
+db2-auth-udfs 1.3
+
+ - allow empty input parameters (empty strings)
+ - changed reg_udfs.ddl to register the functions as NOT FENCED
+
+db2-auth-udfs 1.2
+
+ - changed the code to use the APR library
+ - renamed the files
+ - changed makeudf.bat to compile with MS compiler
+ - added maketest[.bat] to compile test program
+
+db2-auth-udfs 1.1.1
+
+ - changed the makemod script to use it on AIX as well
+
+db2-auth-udfs 1.1
+
+ - added script for compiling the library on Windows
+ - rewrote the README file for better understanding
+
+db2-auth-udfs 1.0
+
+ - initial release
+
+http://mod-auth-ibmdb2.sourceforge.net/

README

@@ -0,0 +1,48 @@
+written by Helmut K. C. Tessarek
+
+Last Update: 2012-04-13
+
+http://mod-auth-ibmdb2.sourceforge.net/
+
+Contents:
+---------
+
+1) Description of the library
+2) File Description
+
+1) Description of the library
+-----------------------------
+
+This library delivers the following functions as UDFs and SPs:
+
+function in library          UDF / SP
+
+md5                          md5
+aprmd5                       apr_md5
+aprcrypt                     apr_crypt
+aprsha1                      apr_sha1
+validate                     validate_pw
+
+The md5 function is compatible to the PHP md5 function.
+The aprmd5, aprcrypt and aprsha1 functions are compatible to the Apache
+functions that are used in the htpasswd utility.
+The validate function validates a password against a hash.
+
+In win32 environments apr_crypt returns the output of apr_md5.
+
+2) File Description
+-------------------
+
+hash.c          the SQL API stuff
+hash.h          the c code for the functions
+register.ddl    script to register the UDFs and SPs
+drop.ddl        script to drop the UDFs and SPs
+makertn         bash script to compile the library (Linux/AIX)
+test_hash.c     test program for the functions
+hash.exp        function export file for AIX
+hash.def        definition file for Windows
+makertn.bat     script to compile the library (win32)
+maketest.bat    script to compile test program
+INSTALL         compiling and installing instructions
+CHANGES         change log
+README          this file

drop.ddl

@@ -0,0 +1,11 @@
+DROP FUNCTION md5;
+DROP FUNCTION apr_md5;
+DROP FUNCTION apr_crypt;
+DROP FUNCTION apr_sha1;
+DROP FUNCTION validate_pw;
+
+DROP PROCEDURE md5;
+DROP PROCEDURE apr_md5;
+DROP PROCEDURE apr_crypt;
+DROP PROCEDURE apr_sha1;
+DROP PROCEDURE validate_pw;

hash.c

@@ -0,0 +1,243 @@
+/*
+  +----------------------------------------------------------------------+
+  | hash: hashing library for IBM DB2                                    |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2007-2012 Helmut K. C. Tessarek                        |
+  +----------------------------------------------------------------------+
+  | Licensed under the Apache License, Version 2.0 (the "License"); you  |
+  | may not use this file except in compliance with the License. You may |
+  | obtain a copy of the License at                                      |
+  | http://www.apache.org/licenses/LICENSE-2.0                           |
+  |                                                                      |
+  | Unless required by applicable law or agreed to in writing, software  |
+  | distributed under the License is distributed on an "AS IS" BASIS,    |
+  | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or      |
+  | implied. See the License for the specific language governing         |
+  | permissions and limitations under the License.                       |
+  +----------------------------------------------------------------------+
+  | Author: Helmut K. C. Tessarek                                        |
+  +----------------------------------------------------------------------+
+  | Website: http://mod-auth-ibmdb2.sourceforge.net                      |
+  +----------------------------------------------------------------------+
+*/
+
+/* $Id: hash.c,v 1.2 2012/11/25 07:59:12 tessus Exp $ */
+
+#include <stdio.h>
+#include <sqludf.h>
+#include <sqlca.h>
+#include <sqlda.h>
+#include "hash.h"
+
+/*--------------------------------------------------*/
+/* function md5: MD5 Hashing                        */
+/*                                                  */
+/*        input : varchar                           */
+/*        output: varchar                           */
+/*--------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+void SQL_API_FN md5(	SQLUDF_CHAR      *in,
+						SQLUDF_CHAR      out[33],
+						SQLUDF_SMALLINT  *innull,
+						SQLUDF_SMALLINT  *outnull,
+						SQLUDF_TRAIL_ARGS) 
+{
+	char *t;
+	
+	if( *innull != 0 )
+	{
+		*outnull = -1;
+		return;
+	}
+
+	t = mk_hash( in, ALG_MD5 );
+	strcpy( out, t );
+	free( t );
+
+	*outnull = 0;
+	return;
+}
+
+/*--------------------------------------------------*/
+/* function apr_md5: MD5 Hashing as in the htpasswd */
+/*                   program from Apache            */
+/*                                                  */
+/*        input : varchar                           */
+/*        output: varchar                           */
+/*--------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+void SQL_API_FN aprmd5(	SQLUDF_CHAR      *in,
+						SQLUDF_CHAR      out[38],
+						SQLUDF_SMALLINT  *innull,
+						SQLUDF_SMALLINT  *outnull,
+						SQLUDF_TRAIL_ARGS) 
+{
+	char *t;
+
+	if( *innull != 0 )
+	{
+		*outnull = -1;
+		return;
+	}
+
+	t = mk_hash( in, ALG_APMD5 );
+	strcpy( out, t );
+	free( t );
+
+	*outnull = 0;
+	return;
+}
+
+/*--------------------------------------------------*/
+/* function apr_crypt: Crypt fuction as in the      */
+/*                     htpasswd program from Apache */
+/*                                                  */
+/*        input : varchar                           */
+/*        output: varchar                           */
+/*--------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+void SQL_API_FN aprcrypt(	SQLUDF_CHAR      *in,
+							SQLUDF_CHAR      out[14],
+							SQLUDF_SMALLINT  *innull,
+							SQLUDF_SMALLINT  *outnull,
+							SQLUDF_TRAIL_ARGS) 
+{
+	char *t;
+
+	if( *innull != 0 )
+	{
+		*outnull = -1;
+		return;
+	}
+
+	t = mk_hash( in, ALG_CRYPT );
+	strcpy( out, t );
+	free( t );
+
+	*outnull = 0;
+	return;
+}
+
+/*--------------------------------------------------*/
+/* function apr_sha1: SHA1 fuction as in the        */
+/*                    htpasswd program from Apache  */
+/*                                                  */
+/*        input : varchar                           */
+/*        output: varchar                           */
+/*--------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+void SQL_API_FN aprsha1(	SQLUDF_CHAR      *in,
+							SQLUDF_CHAR      out[34],
+							SQLUDF_SMALLINT  *innull,
+							SQLUDF_SMALLINT  *outnull,
+							SQLUDF_TRAIL_ARGS) 
+{
+	char *t;
+
+	if( *innull != 0 )
+	{
+		*outnull = -1;
+		return;
+	}
+
+	t = mk_hash( in, ALG_APSHA );
+	strcpy( out, t );
+	free( t );
+
+	*outnull = 0;
+	return;
+}
+   
+/*--------------------------------------------------*/
+/* function validate : validates the hash           */
+/*                                                  */
+/*        input1: varchar                           */
+/*        input2: varchar                           */
+/*        output: integer                           */
+/*--------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+SQL_API_RC SQL_API_FN validate(	SQLUDF_CHAR      *password,
+								SQLUDF_CHAR      *hash,
+								SQLUDF_INTEGER	 *out,
+								SQLUDF_SMALLINT  *passwordNullInd,
+								SQLUDF_SMALLINT  *hashNullInd,
+								SQLUDF_SMALLINT  *outNullInd,
+								SQLUDF_TRAIL_ARGS) 
+{
+	apr_status_t status;
+	char *md5, *result;
+	
+	*out = -1;
+	*outNullInd = -1;
+	
+	if( *passwordNullInd != 0 || *hashNullInd != 0 )
+	{
+		*outNullInd = -1;
+		return(0);
+	}
+
+	if( strlen(hash) == 0 )
+	{
+		strcpy(SQLUDF_STATE, "39701");
+		strcpy(SQLUDF_MSGTX, "The second parameter (hash) must not be empty.");
+		*outNullInd = 0;
+		return(0);
+	}
+
+	if( strlen(hash) == 32 )
+	{
+		md5 = mk_hash( password, ALG_MD5 );
+		
+		if( apr_strnatcmp( hash, md5 ) == 0 )
+		{
+			*out = 1;
+		}
+		else
+		{
+			*out = 0;
+		}
+		
+		free(md5);
+		
+		*outNullInd = 0;
+		return(0);
+	}
+
+	status = apr_password_validate( password, hash );
+
+	if( status == APR_SUCCESS )
+	{
+		*out = 1;
+	}
+	else
+	{
+		// maybe a different encrypted password (glibc2 crypt)?
+		result = crypt( password, hash );
+		if( strcmp( hash, result ) == 0 )
+		{
+			*out = 1;
+		}
+		else
+		{
+			*out = 0;
+		}
+	}
+	
+	*outNullInd = 0;
+	return(0);
+}

hash.def

@@ -0,0 +1,7 @@
+LIBRARY HASH
+EXPORTS
+md5
+aprmd5
+aprcrypt
+aprsha1
+validate

hash.exp

@@ -0,0 +1,5 @@
+md5
+aprmd5
+aprcrypt
+aprsha1
+validate