Mercurial > dropbear
comparison svr-authpasswd.c @ 58:5edf356295af
merge of 3b1edf7489e1de452e30aaaec37d647db44e4328
and 6cdb6b2c0e0e0a600eeb5975e499c9303fe2d4d4
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 09 Aug 2004 03:21:20 +0000 |
parents | a48ba599292a |
children | eee77ac31ccc |
comparison
equal
deleted
inserted
replaced
48:aecba0e16e9c | 58:5edf356295af |
---|---|
48 unsigned char changepw; | 48 unsigned char changepw; |
49 | 49 |
50 passwdcrypt = ses.authstate.pw->pw_passwd; | 50 passwdcrypt = ses.authstate.pw->pw_passwd; |
51 #ifdef HAVE_SHADOW_H | 51 #ifdef HAVE_SHADOW_H |
52 /* get the shadow password if possible */ | 52 /* get the shadow password if possible */ |
53 spasswd = getspnam(ses.authstate.pw->pw_name); | 53 spasswd = getspnam(ses.authstate.printableuser); |
54 if (spasswd != NULL && spasswd->sp_pwdp != NULL) { | 54 if (spasswd != NULL && spasswd->sp_pwdp != NULL) { |
55 passwdcrypt = spasswd->sp_pwdp; | 55 passwdcrypt = spasswd->sp_pwdp; |
56 } | 56 } |
57 #endif | 57 #endif |
58 | 58 |
85 buf_incrpos(ses.payload, -passwordlen - 4); | 85 buf_incrpos(ses.payload, -passwordlen - 4); |
86 m_burn(buf_getptr(ses.payload, passwordlen + 4), passwordlen + 4); | 86 m_burn(buf_getptr(ses.payload, passwordlen + 4), passwordlen + 4); |
87 | 87 |
88 /* the first bytes of passwdcrypt are the salt */ | 88 /* the first bytes of passwdcrypt are the salt */ |
89 testcrypt = crypt((char*)password, passwdcrypt); | 89 testcrypt = crypt((char*)password, passwdcrypt); |
90 m_burn(password, passwordlen); | |
91 m_free(password); | |
90 | 92 |
91 if (strcmp(testcrypt, passwdcrypt) == 0) { | 93 if (strcmp(testcrypt, passwdcrypt) == 0) { |
92 /* successful authentication */ | 94 /* successful authentication */ |
93 dropbear_log(LOG_NOTICE, | 95 dropbear_log(LOG_NOTICE, |
94 "password auth succeeded for '%s'", | 96 "password auth succeeded for '%s'", |
99 "bad password attempt for '%s'", | 101 "bad password attempt for '%s'", |
100 ses.authstate.printableuser); | 102 ses.authstate.printableuser); |
101 send_msg_userauth_failure(0, 1); | 103 send_msg_userauth_failure(0, 1); |
102 } | 104 } |
103 | 105 |
104 m_burn(password, passwordlen); | |
105 m_free(password); | |
106 } | 106 } |
107 | 107 |
108 #endif /* DROPBEAR_PASSWORD_AUTH */ | 108 #endif /* DROPBEAR_PASSWORD_AUTH */ |