[PATCH 9/9] shell: Use crypt_r() in rtems_shell_login_check()

Joel Sherrill joel.sherrill at oarcorp.com
Fri Nov 14 14:54:23 UTC 2014


Where are crypt.h and the methods coming from?

I don't see them in newlib and
On 11/14/2014 7:46 AM, Sebastian Huber wrote:
> Use '*" to disable shell login instead of '!' according to the Linux man
> page.  Use getpwnam_r() instead of getpwnam().  Do not access the user
> environment directly.
> ---
>  cpukit/libmisc/shell/login_check.c | 45 ++++++++++++++++++++++++--------------
>  testsuites/samples/fileio/init.c   | 13 +++++++----
>  2 files changed, 38 insertions(+), 20 deletions(-)
>
> diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c
> index 8be5be2..4b21aaf 100644
> --- a/cpukit/libmisc/shell/login_check.c
> +++ b/cpukit/libmisc/shell/login_check.c
> @@ -5,7 +5,7 @@
>   */
>  
>  /*
> - * Copyright (c) 2009 embedded brains GmbH and others.
> + * Copyright (c) 2009-2014 embedded brains GmbH and others.
>   *
>   * embedded brains GmbH
>   * Obere Lagerstr. 30
> @@ -30,34 +30,47 @@
>  #include <unistd.h>
>  #include <pwd.h>
>  #include <string.h>
> +#include <crypt.h>
>  
>  #include <rtems/shell.h>
> -#include <rtems/userenv.h>
>  
>  bool rtems_shell_login_check(
>    const char *user,
>    const char *passphrase
>  )
>  {
> -  struct passwd *pw = getpwnam( user);
> +  char buf[256];
> +  struct passwd *pw_res;
> +  struct passwd pw;
> +  int eno;
> +
> +  eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res);
>  
>    /* Valid user? */
> -  if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) {
> +  if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) {
>      rtems_shell_env_t *env = rtems_shell_get_current_env();
> -    setuid( pw->pw_uid);
> -    setgid( pw->pw_gid);
> -    rtems_current_user_env->euid = 0;
> -    rtems_current_user_env->egid = 0;
> -    if (env)
> -      chown( env->devname, pw->pw_uid, 0);
> -    rtems_current_user_env->euid = pw->pw_uid;
> -    rtems_current_user_env->egid = pw->pw_gid;
> -    if (strcmp( pw->pw_passwd, "*") == 0) {
> -      /* TODO: /etc/shadow */
> +
> +    if (env != NULL) {
> +      chown(env->devname, pw.pw_uid, 0);
> +    }
> +
> +    setuid(pw.pw_uid);
> +    setgid(pw.pw_gid);
> +    seteuid(pw.pw_uid);
> +    setegid(pw.pw_gid);
> +
> +    if (strcmp(pw.pw_passwd, "") == 0) {
>        return true;
> +    } else if (strcmp(pw.pw_passwd, "x") == 0) {
> +      /* TODO: /etc/shadow */
> +      return false;
>      } else {
> -      /* TODO: crypt() */
> -      return true;
> +      struct crypt_data data;
> +      char *s;
> +
> +      s = crypt_r(passphrase, pw.pw_passwd, &data);
> +
> +      return strcmp(s, pw.pw_passwd) == 0;
>      }
>    }
>  
> diff --git a/testsuites/samples/fileio/init.c b/testsuites/samples/fileio/init.c
> index 2b60922..735b588 100644
> --- a/testsuites/samples/fileio/init.c
> +++ b/testsuites/samples/fileio/init.c
> @@ -13,6 +13,7 @@
>  
>  #define CONFIGURE_INIT
>  #include "system.h"
> +#include <crypt.h>
>  #include <stdio.h>
>  #include <string.h>
>  #include <unistd.h>
> @@ -641,10 +642,11 @@ static void fileio_start_shell(void)
>    writeFile(
>      "/etc/passwd",
>      0644,
> -    "root:7QR4o148UPtb.:0:0:root::/:/bin/sh\n"
> -    "rtems:*:1:1:RTEMS Application::/:/bin/sh\n"
> -    "test:8Yy.AaxynxbLI:2:2:test account::/:/bin/sh\n"
> -    "tty:!:3:3:tty owner::/:/bin/false\n"
> +    "root:$6$$FuPOhnllx6lhW2qqlnmWvZQLJ8Thr/09I7ESTdb9VbnTOn5.65"
> +      "/Vh2Mqa6FoKXwT0nHS/O7F0KfrDc6Svb/sH.:0:0:root::/:/bin/sh\n"
> +    "rtems::1:1:RTEMS Application::/:/bin/sh\n"
> +    "test:$1$$oPu1Xt2Pw0ngIc7LyDHqu1:2:2:test account::/:/bin/sh\n"
> +    "tty:*:3:3:tty owner::/:/bin/false\n"
>    );
>    writeFile(
>      "/etc/group",
> @@ -1225,6 +1227,9 @@ Init (rtems_task_argument ignored)
>  
>    TEST_BEGIN();
>  
> +  crypt_add_format(&crypt_md5_format);
> +  crypt_add_format(&crypt_sha512_format);
> +
>    status = rtems_shell_wait_for_input(
>      STDIN_FILENO,
>      20,

-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel.sherrill at OARcorp.com        On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
Support Available                (256) 722-9985



More information about the devel mailing list