578
@verb #7407:"authorise" this none this rxdo #7407
@program #7407:"authorise" this none this
"Copied from Generic Connectable Object (#24):authorize by Slacker (#55)Sep 11 17:46:34 1999"
"This verb is called by $login with the passwd typed from the login screen as argument."
"If you mess with this verb and you don't have EHW access, you risk locking yourself out!"
"Begin generic security check (authorise)"
if (verb == "authorise" && caller != $perm_utils)
  raise(E_PERM, "Calls to authorise must be made through $perm_utils:authorise_user.")
  return E_PERM
endif
"End generic security check (authorise)"
if (!$perm_utils:can_hack())
  raise(E_PERM)
endif
invisP = this.invis_password
trueP = this.password
if (!trueP)
  return 1
endif
ipwstart = index(invisP, ":") + 1
pwstart = index(trueP, ":") + 1
givenP = $string_utils:lowercase(args[1])
if (pwstart == 1 && string_hash(givenP) == trueP)
  "Salt it!"
  try
    this.password = tostr(salt = random(), ":", string_hash(tostr(salt, ":", givenP)))
  except (ANY)
    this.password = trueP
  endtry
  return 1
elseif (trueP[pwstart..$] == string_hash(tostr(trueP[1..pwstart - 2], ":", givenP)))
  return 1
elseif (invisP[ipwstart..$] == string_hash(tostr(invisP[1..ipwstart - 2], ":", givenP)))
  return 1
else
  return 0
  "DENIED!"
endif
"Last modified by Dax (#789) on Thu May  5 15:44:39 2005 MDT."
.

0