| 1 | /*************************************************************************** |
| 2 | * Copyright (C) 2003-2006 Polytechnique.org * |
| 3 | * http://opensource.polytechnique.org/ * |
| 4 | * * |
| 5 | * This program is free software; you can redistribute it and/or modify * |
| 6 | * it under the terms of the GNU General Public License as published by * |
| 7 | * the Free Software Foundation; either version 2 of the License, or * |
| 8 | * (at your option) any later version. * |
| 9 | * * |
| 10 | * This program is distributed in the hope that it will be useful, * |
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
| 13 | * GNU General Public License for more details. * |
| 14 | * * |
| 15 | * You should have received a copy of the GNU General Public License * |
| 16 | * along with this program; if not, write to the Free Software * |
| 17 | * Foundation, Inc., * |
| 18 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
| 19 | ***************************************************************************/ |
| 20 | |
| 21 | document.write('<script language="javascript" src="javascript/secure_hash.js"></script>'); |
| 22 | |
| 23 | function readCookie(name) |
| 24 | { |
| 25 | var nameEQ = name + "="; |
| 26 | var ca = document.cookie.split(';'); |
| 27 | for(var i=0;i < ca.length;i++) |
| 28 | { |
| 29 | var c = ca[i]; |
| 30 | while (c.charAt(0)==' ') c = c.substring(1,c.length); |
| 31 | if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); |
| 32 | } |
| 33 | return null; |
| 34 | } |
| 35 | |
| 36 | |
| 37 | function doChallengeResponse() { |
| 38 | var new_pass = hash_encrypt(document.forms.login.password.value); |
| 39 | var old_pass = MD5(document.forms.login.password.value); |
| 40 | |
| 41 | str = readCookie('ORGuid') + ":" + |
| 42 | hash_encrypt(document.forms.login.password.value) + ":" + |
| 43 | document.forms.loginsub.challenge.value; |
| 44 | |
| 45 | document.forms.loginsub.response.value = hash_encrypt(str); |
| 46 | document.forms.loginsub.xorpass.value = hash_xor(new_pass, old_pass); |
| 47 | document.forms.loginsub.remember.value = document.forms.login.remember.checked; |
| 48 | document.forms.login.password.value = ""; |
| 49 | document.forms.loginsub.submit(); |
| 50 | } |