[PATCH 9/9] shell: Use crypt_r() in rtems_shell_login_check()
Sebastian Huber
sebastian.huber at embedded-brains.de
Fri Nov 14 13:46:35 UTC 2014
Use '*" to disable shell login instead of '!' according to the Linux man
page. Use getpwnam_r() instead of getpwnam(). Do not access the user
environment directly.
---
cpukit/libmisc/shell/login_check.c | 45 ++++++++++++++++++++++++--------------
testsuites/samples/fileio/init.c | 13 +++++++----
2 files changed, 38 insertions(+), 20 deletions(-)
diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c
index 8be5be2..4b21aaf 100644
--- a/cpukit/libmisc/shell/login_check.c
+++ b/cpukit/libmisc/shell/login_check.c
@@ -5,7 +5,7 @@
*/
/*
- * Copyright (c) 2009 embedded brains GmbH and others.
+ * Copyright (c) 2009-2014 embedded brains GmbH and others.
*
* embedded brains GmbH
* Obere Lagerstr. 30
@@ -30,34 +30,47 @@
#include <unistd.h>
#include <pwd.h>
#include <string.h>
+#include <crypt.h>
#include <rtems/shell.h>
-#include <rtems/userenv.h>
bool rtems_shell_login_check(
const char *user,
const char *passphrase
)
{
- struct passwd *pw = getpwnam( user);
+ char buf[256];
+ struct passwd *pw_res;
+ struct passwd pw;
+ int eno;
+
+ eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res);
/* Valid user? */
- if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) {
+ if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) {
rtems_shell_env_t *env = rtems_shell_get_current_env();
- setuid( pw->pw_uid);
- setgid( pw->pw_gid);
- rtems_current_user_env->euid = 0;
- rtems_current_user_env->egid = 0;
- if (env)
- chown( env->devname, pw->pw_uid, 0);
- rtems_current_user_env->euid = pw->pw_uid;
- rtems_current_user_env->egid = pw->pw_gid;
- if (strcmp( pw->pw_passwd, "*") == 0) {
- /* TODO: /etc/shadow */
+
+ if (env != NULL) {
+ chown(env->devname, pw.pw_uid, 0);
+ }
+
+ setuid(pw.pw_uid);
+ setgid(pw.pw_gid);
+ seteuid(pw.pw_uid);
+ setegid(pw.pw_gid);
+
+ if (strcmp(pw.pw_passwd, "") == 0) {
return true;
+ } else if (strcmp(pw.pw_passwd, "x") == 0) {
+ /* TODO: /etc/shadow */
+ return false;
} else {
- /* TODO: crypt() */
- return true;
+ struct crypt_data data;
+ char *s;
+
+ s = crypt_r(passphrase, pw.pw_passwd, &data);
+
+ return strcmp(s, pw.pw_passwd) == 0;
}
}
diff --git a/testsuites/samples/fileio/init.c b/testsuites/samples/fileio/init.c
index 2b60922..735b588 100644
--- a/testsuites/samples/fileio/init.c
+++ b/testsuites/samples/fileio/init.c
@@ -13,6 +13,7 @@
#define CONFIGURE_INIT
#include "system.h"
+#include <crypt.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
@@ -641,10 +642,11 @@ static void fileio_start_shell(void)
writeFile(
"/etc/passwd",
0644,
- "root:7QR4o148UPtb.:0:0:root::/:/bin/sh\n"
- "rtems:*:1:1:RTEMS Application::/:/bin/sh\n"
- "test:8Yy.AaxynxbLI:2:2:test account::/:/bin/sh\n"
- "tty:!:3:3:tty owner::/:/bin/false\n"
+ "root:$6$$FuPOhnllx6lhW2qqlnmWvZQLJ8Thr/09I7ESTdb9VbnTOn5.65"
+ "/Vh2Mqa6FoKXwT0nHS/O7F0KfrDc6Svb/sH.:0:0:root::/:/bin/sh\n"
+ "rtems::1:1:RTEMS Application::/:/bin/sh\n"
+ "test:$1$$oPu1Xt2Pw0ngIc7LyDHqu1:2:2:test account::/:/bin/sh\n"
+ "tty:*:3:3:tty owner::/:/bin/false\n"
);
writeFile(
"/etc/group",
@@ -1225,6 +1227,9 @@ Init (rtems_task_argument ignored)
TEST_BEGIN();
+ crypt_add_format(&crypt_md5_format);
+ crypt_add_format(&crypt_sha512_format);
+
status = rtems_shell_wait_for_input(
STDIN_FILENO,
20,
--
1.8.4.5
More information about the devel
mailing list