Ignore:
Timestamp:
Nov 4, 2007, 3:16:40 AM (17 years ago)
Author:
Bruno Cornec
Message:

Update to busybox 1.7.2

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/2.2.5/mindi-busybox/libbb/correct_password.c

    r821 r1765  
    2929 */
    3030
    31 #include <stdio.h>
    32 #include <errno.h>
    33 #include <unistd.h>
    34 #include <string.h>
    35 #include <stdlib.h>
    36 #include <syslog.h>
    37 #include <ctype.h>
    38 #include <crypt.h>
    39 
    4031#include "libbb.h"
    4132
     33/* Ask the user for a password.
     34 * Return 1 if the user gives the correct password for entry PW,
     35 * 0 if not.  Return 1 without asking if PW has an empty password.
     36 *
     37 * NULL pw means "just fake it for login with bad username" */
    4238
     39int correct_password(const struct passwd *pw)
     40{
     41    char *unencrypted, *encrypted;
     42    const char *correct;
    4343
    44 /* Ask the user for a password.
    45    Return 1 if the user gives the correct password for entry PW,
    46    0 if not.  Return 1 without asking for a password if run by UID 0
    47    or if PW has an empty password.  */
     44    /* fake salt. crypt() can choke otherwise. */
     45    correct = "aa";
     46    if (!pw) {
     47        /* "aa" will never match */
     48        goto fake_it;
     49    }
     50    correct = pw->pw_passwd;
     51#if ENABLE_FEATURE_SHADOWPASSWDS
     52    if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
     53        /* Using _r function to avoid pulling in static buffers */
     54        struct spwd spw;
     55        struct spwd *result;
     56        char buffer[256];
     57        correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp;
     58    }
     59#endif
    4860
    49 int correct_password ( const struct passwd *pw )
    50 {
    51     char *unencrypted, *encrypted, *correct;
    52 
    53 #ifdef CONFIG_FEATURE_SHADOWPASSWDS
    54     if (( strcmp ( pw-> pw_passwd, "x" ) == 0 ) || ( strcmp ( pw-> pw_passwd, "*" ) == 0 )) {
    55         struct spwd *sp = getspnam ( pw-> pw_name );
    56 
    57         if ( !sp )
    58             bb_error_msg_and_die ( "\nno valid shadow password" );
    59 
    60         correct = sp-> sp_pwdp;
    61     }
    62     else
    63 #endif
    64         correct = pw-> pw_passwd;
    65 
    66     if ( correct == 0 || correct[0] == '\0' )
     61    if (!correct[0]) /* empty password field? */
    6762        return 1;
    6863
    69     unencrypted = bb_askpass ( 0, "Password: " );
    70     if ( !unencrypted )
    71     {
     64 fake_it:
     65    unencrypted = bb_askpass(0, "Password: ");
     66    if (!unencrypted) {
    7267        return 0;
    7368    }
    74     encrypted = crypt ( unencrypted, correct );
    75     memset ( unencrypted, 0, strlen ( unencrypted ));
    76     return ( strcmp ( encrypted, correct ) == 0 ) ? 1 : 0;
     69    encrypted = crypt(unencrypted, correct);
     70    memset(unencrypted, 0, strlen(unencrypted));
     71    return strcmp(encrypted, correct) == 0;
    7772}
Note: See TracChangeset for help on using the changeset viewer.