3
0

correct_password.c 4.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124
  1. /* vi: set sw=4 ts=4: */
  2. /*
  3. * Copyright 1989 - 1991, Julianne Frances Haugh <jockgrrl@austin.rr.com>
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without
  7. * modification, are permitted provided that the following conditions
  8. * are met:
  9. * 1. Redistributions of source code must retain the above copyright
  10. * notice, this list of conditions and the following disclaimer.
  11. * 2. Redistributions in binary form must reproduce the above copyright
  12. * notice, this list of conditions and the following disclaimer in the
  13. * documentation and/or other materials provided with the distribution.
  14. * 3. Neither the name of Julianne F. Haugh nor the names of its contributors
  15. * may be used to endorse or promote products derived from this software
  16. * without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
  19. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  20. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  21. * ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
  22. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  23. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  24. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  25. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  26. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  27. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  28. * SUCH DAMAGE.
  29. */
  30. #include "libbb.h"
  31. #define SHADOW_BUFSIZE 256
  32. /* Retrieve encrypted password string for pw.
  33. * If pw == NULL, return a string which fails password check against any
  34. * password.
  35. */
  36. #if !ENABLE_FEATURE_SHADOWPASSWDS
  37. #define get_passwd(pw, buffer) get_passwd(pw)
  38. #endif
  39. static const char *get_passwd(const struct passwd *pw, char buffer[SHADOW_BUFSIZE])
  40. {
  41. const char *pass;
  42. if (!pw)
  43. return "aa"; /* "aa" will never match */
  44. pass = pw->pw_passwd;
  45. #if ENABLE_FEATURE_SHADOWPASSWDS
  46. /* Using _r function to avoid pulling in static buffers */
  47. if ((pass[0] == 'x' || pass[0] == '*') && !pass[1]) {
  48. struct spwd spw;
  49. int r;
  50. /* getspnam_r may return 0 yet set result to NULL.
  51. * At least glibc 2.4 does this. Be extra paranoid here. */
  52. struct spwd *result = NULL;
  53. r = getspnam_r(pw->pw_name, &spw, buffer, SHADOW_BUFSIZE, &result);
  54. pass = (r || !result) ? "aa" : result->sp_pwdp;
  55. }
  56. #endif
  57. return pass;
  58. }
  59. /*
  60. * Return 1 if PW has an empty password.
  61. * Return 1 if the user gives the correct password for entry PW,
  62. * 0 if not.
  63. * NULL pw means "just fake it for login with bad username"
  64. */
  65. int FAST_FUNC check_password(const struct passwd *pw, const char *plaintext)
  66. {
  67. IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
  68. char *encrypted;
  69. const char *pw_pass;
  70. int r;
  71. pw_pass = get_passwd(pw, buffer);
  72. if (!pw_pass[0]) { /* empty password field? */
  73. return 1;
  74. }
  75. encrypted = pw_encrypt(plaintext, /*salt:*/ pw_pass, 1);
  76. r = (strcmp(encrypted, pw_pass) == 0);
  77. free(encrypted);
  78. return r;
  79. }
  80. /* Ask the user for a password.
  81. * Return 1 without asking if PW has an empty password.
  82. * Return -1 on EOF, error while reading input, or timeout.
  83. * Return 1 if the user gives the correct password for entry PW,
  84. * 0 if not.
  85. *
  86. * NULL pw means "just fake it for login with bad username"
  87. */
  88. int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
  89. int timeout, const char *prompt)
  90. {
  91. IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
  92. char *plaintext;
  93. const char *pw_pass;
  94. int r;
  95. pw_pass = get_passwd(pw, buffer);
  96. if (!pw_pass[0]) /* empty password field? */
  97. return 1;
  98. plaintext = bb_ask(STDIN_FILENO, timeout, prompt);
  99. if (!plaintext) {
  100. /* EOF (such as ^D) or error (such as ^C) or timeout */
  101. return -1;
  102. }
  103. r = check_password(pw, plaintext);
  104. nuke_str(plaintext);
  105. return r;
  106. }
  107. int FAST_FUNC ask_and_check_password(const struct passwd *pw)
  108. {
  109. return ask_and_check_password_extended(pw, 0, "Password: ");
  110. }