NAME
Dicop::Security - routines for authentication, checks and security
SYNOPSIS
use Dicop::Security;
$ip = '1.2.3.4';
print "invalid ip $ip" unless Dicop::Security::valid_ip($ip);
REQUIRES
perl5.005, Exporter
EXPORTS
Exports nothing on default.
DESCRIPTION
This modules contains some routines to implement authentication, security checks etc. These are in a seperate module to make testing and auditing easier.
METHODS
valid_ip
Return true if the given IP is a valid (at this time IPv4) IP.
valid_net
Return true if the given net is a valid (at this time IPv4) net. Examples:
print "oups!\n" unless Dicop::Security::valid_net('1.2.3.4/32';
ip_is_in_net
Return true if the given IP is contained in the given net:
print "oups!\n" unless
Dicop::Security::ip_is_in_net('1.2.3.4','1.2.3.4/32';
ip_matches
Return true if the given IP matches the given second IP and net mask.
print "oups!\n" unless
Dicop::Security::ip_matches('1.2.3.5', '1.2.3.0','255.255.255.0');
A mask of 255.255.255.255
dictates that the IP must match exactly, a mask of 255.255.255.0
means that the first 3 parts must match, and a mask of 0.0.0.0
means that every IP would match (regardless of second IP).
ip_is_in_net_list
Take one IP and a list of networks, and check whether the IP is in any of the networks. Return 0 for IP is in one of the nets, 1 for IP is in none of the nets, and <0 for error.
hash_pwd
my $hash = hash_pwd($pwd);
Return MD5 hash of the given password.
valid_user
if (valid_user(\@users, $user, $pwd)
{
# okay
}
else
{
# user unknown or wrong password
}
Takes reference to a hash (containig user => pwdhash), a username and a password hash. Returns 0 if the user exists in the list of users and the password matches. Returns -1 if the user does not exist, and -2 if the user exists, but the password hash does not match.
BUGS
None known yet.
AUTHOR
(c) Bundesamt fuer Sicherheit in der Informationstechnik 1998-2006
DiCoP is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
See the file LICENSE or http://www.bsi.de/ for more information.