comparison svr-authpasswd.c @ 306:5d5bbca82aba ucc-axis-hack

Use password file, add serial option
author Matt Johnston <matt@ucc.asn.au>
date Sat, 25 Mar 2006 17:12:50 +0000
parents 740e782679be
children
comparison
equal deleted inserted replaced
305:1876c6bb084b 306:5d5bbca82aba
44 unsigned char * password; 44 unsigned char * password;
45 unsigned int passwordlen; 45 unsigned int passwordlen;
46 46
47 unsigned int changepw; 47 unsigned int changepw;
48 48
49 buffer * pw_buf;
50 char * newline = NULL;
51 unsigned int match = 0;
52
49 #if 0 53 #if 0
50 passwdcrypt = ses.authstate.pw->pw_passwd; 54 passwdcrypt = ses.authstate.pw->pw_passwd;
51 #ifdef HAVE_SHADOW_H 55 #ifdef HAVE_SHADOW_H
52 /* get the shadow password if possible */ 56 /* get the shadow password if possible */
53 spasswd = getspnam(ses.authstate.printableuser); 57 spasswd = getspnam(ses.authstate.printableuser);
87 #if 0 91 #if 0
88 /* the first bytes of passwdcrypt are the salt */ 92 /* the first bytes of passwdcrypt are the salt */
89 testcrypt = crypt((char*)password, passwdcrypt); 93 testcrypt = crypt((char*)password, passwdcrypt);
90 #endif 94 #endif
91 95
92 if (strcmp(password, "fishfish") == 0) { 96 pw_buf = buf_new(100);
97 if (buf_readfile(pw_buf, RAW_PASSWORD_FILE) != DROPBEAR_SUCCESS) {
98 dropbear_exit("Failed to read %s", RAW_PASSWORD_FILE);
99 }
100
101 /* Blah, only one line. */
102 buf_putbyte(pw_buf, '\0');
103 newline = strchr(pw_buf->data, '\n');
104 if (newline) {
105 *newline = '\0';
106 }
107
108
109 if (strcmp(password, pw_buf->data) == 0) {
110 match = 1;
111 } else {
112 match = 0;
113 }
114
115 m_burn(password, passwordlen);
116 m_free(password);
117 buf_burn(pw_buf);
118 buf_free(pw_buf);
119 pw_buf = NULL;
120
121 if (match) {
93 /* successful authentication */ 122 /* successful authentication */
94 dropbear_log(LOG_NOTICE, 123 dropbear_log(LOG_NOTICE,
95 "password auth succeeded for '%s' from %s", 124 "password auth succeeded for '%s' from %s",
96 ses.authstate.printableuser, 125 ses.authstate.printableuser,
97 svr_ses.addrstring); 126 svr_ses.addrstring);
101 "bad password attempt for '%s' from %s", 130 "bad password attempt for '%s' from %s",
102 ses.authstate.printableuser, 131 ses.authstate.printableuser,
103 svr_ses.addrstring); 132 svr_ses.addrstring);
104 send_msg_userauth_failure(0, 1); 133 send_msg_userauth_failure(0, 1);
105 } 134 }
106 m_burn(password, passwordlen);
107 m_free(password);
108
109 } 135 }
110 136
111 #endif 137 #endif