Startsida Utforska Hjälp
Logga in
OWEALs
/
busybox
spegling av http://git.busybox.net/busybox/
3
0
Fork 0
Filer Ärenden 0 Wiki
Träd: de15bb931a
Grenar Taggar
busybox
/
libbb
/
correct_password.c

correct_password.c 2.7 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. /* vi: set sw=4 ts=4: */
    2. 

  2. /*
    3. 

  3.  * Copyright 1989 - 1991, Julianne Frances Haugh <jockgrrl@austin.rr.com>
    4. 

  4.  * All rights reserved.
    5. 

  5.  *
    6. 

  6.  * Redistribution and use in source and binary forms, with or without
    7. 

  7.  * modification, are permitted provided that the following conditions
    8. 

  8.  * are met:
    9. 

  9.  * 1. Redistributions of source code must retain the above copyright
    10. 

  10.  *    notice, this list of conditions and the following disclaimer.
    11. 

  11.  * 2. Redistributions in binary form must reproduce the above copyright
    12. 

  12.  *    notice, this list of conditions and the following disclaimer in the
    13. 

  13.  *    documentation and/or other materials provided with the distribution.
    14. 

  14.  * 3. Neither the name of Julianne F. Haugh nor the names of its contributors
    15. 

  15.  *    may be used to endorse or promote products derived from this software
    16. 

  16.  *    without specific prior written permission.
    17. 

  17.  *
    18. 

  18.  * THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
    19. 

  19.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    20. 

  20.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    21. 

  21.  * ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
    22. 

  22.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    23. 

  23.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    24. 

  24.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    25. 

  25.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    26. 

  26.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    27. 

  27.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    28. 

  28.  * SUCH DAMAGE.
    29. 

  29.  */
    30. 

  30. 

  31. #include "libbb.h"
    32. 

  32. 

  33. /* Ask the user for a password.
    34. 

  34.  * Return 1 if the user gives the correct password for entry PW,
    35. 

  35.  * 0 if not.  Return 1 without asking if PW has an empty password.
    36. 

  36.  *
    37. 

  37.  * NULL pw means "just fake it for login with bad username" */
    38. 

  38. 

  39. int correct_password(const struct passwd *pw)
    40. 

  40. {
    41. 

  41. 	char *unencrypted, *encrypted;
    42. 

  42. 	const char *correct;
    43. 

  43. 

  44. 	/* fake salt. crypt() can choke otherwise. */
    45. 

  45. 	correct = "aa";
    46. 

  46. 	if (!pw) {
    47. 

  47. 		/* "aa" will never match */
    48. 

  48. 		goto fake_it;
    49. 

  49. 	}
    50. 

  50. 	correct = pw->pw_passwd;
    51. 

  51. #if ENABLE_FEATURE_SHADOWPASSWDS
    52. 

  52. 	if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
    53. 

  53. 		/* Using _r function to avoid pulling in static buffers */
    54. 

  54. 		struct spwd spw;
    55. 

  55. 		struct spwd *result;
    56. 

  56. 		char buffer[256];
    57. 

  57. 		correct = (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) ? "aa" : spw.sp_pwdp;
    58. 

  58. 	}
    59. 

  59. #endif
    60. 

  60. 

  61. 	if (!correct[0]) /* empty password field? */
    62. 

  62. 		return 1;
    63. 

  63. 

  64.  fake_it:
    65. 

  65. 	unencrypted = bb_askpass(0, "Password: ");
    66. 

  66. 	if (!unencrypted) {
    67. 

  67. 		return 0;
    68. 

  68. 	}
    69. 

  69. 	encrypted = crypt(unencrypted, correct);
    70. 

  70. 	memset(unencrypted, 0, strlen(unencrypted));
    71. 

  71. 	return strcmp(encrypted, correct) == 0;
    72. 

  72. }
    73.