[PATCH 9/9] shell: Use crypt_r() in rtems_shell_login_check()
Joel Sherrill
joel.sherrill at oarcorp.com
Fri Nov 14 14:54:23 UTC 2014
Where are crypt.h and the methods coming from?
I don't see them in newlib and
On 11/14/2014 7:46 AM, Sebastian Huber wrote:
> Use '*" to disable shell login instead of '!' according to the Linux man
> page. Use getpwnam_r() instead of getpwnam(). Do not access the user
> environment directly.
> ---
> cpukit/libmisc/shell/login_check.c | 45 ++++++++++++++++++++++++--------------
> testsuites/samples/fileio/init.c | 13 +++++++----
> 2 files changed, 38 insertions(+), 20 deletions(-)
>
> diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c
> index 8be5be2..4b21aaf 100644
> --- a/cpukit/libmisc/shell/login_check.c
> +++ b/cpukit/libmisc/shell/login_check.c
> @@ -5,7 +5,7 @@
> */
>
> /*
> - * Copyright (c) 2009 embedded brains GmbH and others.
> + * Copyright (c) 2009-2014 embedded brains GmbH and others.
> *
> * embedded brains GmbH
> * Obere Lagerstr. 30
> @@ -30,34 +30,47 @@
> #include <unistd.h>
> #include <pwd.h>
> #include <string.h>
> +#include <crypt.h>
>
> #include <rtems/shell.h>
> -#include <rtems/userenv.h>
>
> bool rtems_shell_login_check(
> const char *user,
> const char *passphrase
> )
> {
> - struct passwd *pw = getpwnam( user);
> + char buf[256];
> + struct passwd *pw_res;
> + struct passwd pw;
> + int eno;
> +
> + eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res);
>
> /* Valid user? */
> - if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) {
> + if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) {
> rtems_shell_env_t *env = rtems_shell_get_current_env();
> - setuid( pw->pw_uid);
> - setgid( pw->pw_gid);
> - rtems_current_user_env->euid = 0;
> - rtems_current_user_env->egid = 0;
> - if (env)
> - chown( env->devname, pw->pw_uid, 0);
> - rtems_current_user_env->euid = pw->pw_uid;
> - rtems_current_user_env->egid = pw->pw_gid;
> - if (strcmp( pw->pw_passwd, "*") == 0) {
> - /* TODO: /etc/shadow */
> +
> + if (env != NULL) {
> + chown(env->devname, pw.pw_uid, 0);
> + }
> +
> + setuid(pw.pw_uid);
> + setgid(pw.pw_gid);
> + seteuid(pw.pw_uid);
> + setegid(pw.pw_gid);
> +
> + if (strcmp(pw.pw_passwd, "") == 0) {
> return true;
> + } else if (strcmp(pw.pw_passwd, "x") == 0) {
> + /* TODO: /etc/shadow */
> + return false;
> } else {
> - /* TODO: crypt() */
> - return true;
> + struct crypt_data data;
> + char *s;
> +
> + s = crypt_r(passphrase, pw.pw_passwd, &data);
> +
> + return strcmp(s, pw.pw_passwd) == 0;
> }
> }
>
> diff --git a/testsuites/samples/fileio/init.c b/testsuites/samples/fileio/init.c
> index 2b60922..735b588 100644
> --- a/testsuites/samples/fileio/init.c
> +++ b/testsuites/samples/fileio/init.c
> @@ -13,6 +13,7 @@
>
> #define CONFIGURE_INIT
> #include "system.h"
> +#include <crypt.h>
> #include <stdio.h>
> #include <string.h>
> #include <unistd.h>
> @@ -641,10 +642,11 @@ static void fileio_start_shell(void)
> writeFile(
> "/etc/passwd",
> 0644,
> - "root:7QR4o148UPtb.:0:0:root::/:/bin/sh\n"
> - "rtems:*:1:1:RTEMS Application::/:/bin/sh\n"
> - "test:8Yy.AaxynxbLI:2:2:test account::/:/bin/sh\n"
> - "tty:!:3:3:tty owner::/:/bin/false\n"
> + "root:$6$$FuPOhnllx6lhW2qqlnmWvZQLJ8Thr/09I7ESTdb9VbnTOn5.65"
> + "/Vh2Mqa6FoKXwT0nHS/O7F0KfrDc6Svb/sH.:0:0:root::/:/bin/sh\n"
> + "rtems::1:1:RTEMS Application::/:/bin/sh\n"
> + "test:$1$$oPu1Xt2Pw0ngIc7LyDHqu1:2:2:test account::/:/bin/sh\n"
> + "tty:*:3:3:tty owner::/:/bin/false\n"
> );
> writeFile(
> "/etc/group",
> @@ -1225,6 +1227,9 @@ Init (rtems_task_argument ignored)
>
> TEST_BEGIN();
>
> + crypt_add_format(&crypt_md5_format);
> + crypt_add_format(&crypt_sha512_format);
> +
> status = rtems_shell_wait_for_input(
> STDIN_FILENO,
> 20,
--
Joel Sherrill, Ph.D. Director of Research & Development
joel.sherrill at OARcorp.com On-Line Applications Research
Ask me about RTEMS: a free RTOS Huntsville AL 35805
Support Available (256) 722-9985
More information about the devel
mailing list