diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-11-14 14:31:54 +0100 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-11-20 10:30:22 +0100 |
| commit | acf9a8dd54d1b1cb01e361784146a062a29e1487 (patch) | |
| tree | c3f16482ba4bbbf827b137186086b7f21eafb451 /cpukit | |
| parent | libcsupport: Minimal /etc/passwd and /etc/group (diff) | |
| download | rtems-acf9a8dd54d1b1cb01e361784146a062a29e1487.tar.bz2 | |
shell: Use crypt_r() in rtems_shell_login_check()
Use '*" to disable shell login instead of '!' according to the Linux man
page. Use getpwnam_r() instead of getpwnam(). Do not access the user
environment directly. Update the user environment only after a
successful login check.
Diffstat (limited to 'cpukit')
| -rw-r--r-- | cpukit/libmisc/shell/login_check.c | 55 |
1 files changed, 36 insertions, 19 deletions
diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c index 8be5be2c1a..372d059631 100644 --- a/cpukit/libmisc/shell/login_check.c +++ b/cpukit/libmisc/shell/login_check.c @@ -5,10 +5,10 @@ */ /* - * Copyright (c) 2009 embedded brains GmbH and others. + * Copyright (c) 2009-2014 embedded brains GmbH and others. * * embedded brains GmbH - * Obere Lagerstr. 30 + * Dornierstr. 4 * D-82178 Puchheim * Germany * <rtems@embedded-brains.de> @@ -30,36 +30,53 @@ #include <unistd.h> #include <pwd.h> #include <string.h> +#include <crypt.h> #include <rtems/shell.h> -#include <rtems/userenv.h> bool rtems_shell_login_check( const char *user, const char *passphrase ) { - struct passwd *pw = getpwnam( user); + char buf[256]; + struct passwd *pw_res; + struct passwd pw; + int eno; + bool ok; + + eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res); /* Valid user? */ - if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) { - rtems_shell_env_t *env = rtems_shell_get_current_env(); - setuid( pw->pw_uid); - setgid( pw->pw_gid); - rtems_current_user_env->euid = 0; - rtems_current_user_env->egid = 0; - if (env) - chown( env->devname, pw->pw_uid, 0); - rtems_current_user_env->euid = pw->pw_uid; - rtems_current_user_env->egid = pw->pw_gid; - if (strcmp( pw->pw_passwd, "*") == 0) { + if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) { + if (strcmp(pw.pw_passwd, "") == 0) { + ok = true; + } else if (strcmp(pw.pw_passwd, "x") == 0) { /* TODO: /etc/shadow */ - return true; + ok = false; } else { - /* TODO: crypt() */ - return true; + struct crypt_data data; + char *s; + + s = crypt_r(passphrase, pw.pw_passwd, &data); + ok = strcmp(s, pw.pw_passwd) == 0; } + } else { + ok = false; + } + + if (ok) { + rtems_shell_env_t *env = rtems_shell_get_current_env(); + + if (env != NULL) { + chown(env->devname, pw.pw_uid, 0); + } + + setuid(pw.pw_uid); + setgid(pw.pw_gid); + seteuid(pw.pw_uid); + setegid(pw.pw_gid); } - return false; + return ok; } |