diff options
| author | Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> | 2007-06-09 09:07:17 +0000 |
|---|---|---|
| committer | Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> | 2007-06-09 09:07:17 +0000 |
| commit | d08b43f8a572613815b30bf39a44e8ee580150aa (patch) | |
| tree | b8d52412ad84d91671de025880e621ed212db4a0 | |
| parent | 37e977b80e12d1adf9d2feac996839fce999ccf0 (diff) | |
| download | busybox-w32-d08b43f8a572613815b30bf39a44e8ee580150aa.tar.gz busybox-w32-d08b43f8a572613815b30bf39a44e8ee580150aa.tar.bz2 busybox-w32-d08b43f8a572613815b30bf39a44e8ee580150aa.zip | |
- pull fix for bug#1383 from trunk (r18782)
| -rw-r--r-- | libbb/correct_password.c | 11 | ||||
| -rw-r--r-- | loginutils/login.c | 7 |
2 files changed, 11 insertions, 7 deletions
diff --git a/libbb/correct_password.c b/libbb/correct_password.c index c515b26af..af6ff076d 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c | |||
| @@ -31,9 +31,10 @@ | |||
| 31 | #include "libbb.h" | 31 | #include "libbb.h" |
| 32 | 32 | ||
| 33 | /* Ask the user for a password. | 33 | /* Ask the user for a password. |
| 34 | Return 1 if the user gives the correct password for entry PW, | 34 | * Return 1 if the user gives the correct password for entry PW, |
| 35 | 0 if not. Return 1 without asking for a password if run by UID 0 | 35 | * 0 if not. Return 1 without asking if PW has an empty password. |
| 36 | or if PW has an empty password. */ | 36 | * |
| 37 | * NULL pw means "just fake it for login with bad username" */ | ||
| 37 | 38 | ||
| 38 | int correct_password(const struct passwd *pw) | 39 | int correct_password(const struct passwd *pw) |
| 39 | { | 40 | { |
| @@ -46,6 +47,9 @@ int correct_password(const struct passwd *pw) | |||
| 46 | char buffer[256]; | 47 | char buffer[256]; |
| 47 | #endif | 48 | #endif |
| 48 | 49 | ||
| 50 | correct = "aa"; /* fake salt. crypt() can choke otherwise */ | ||
| 51 | if (!pw) | ||
| 52 | goto fake_it; /* "aa" will never match */ | ||
| 49 | correct = pw->pw_passwd; | 53 | correct = pw->pw_passwd; |
| 50 | #if ENABLE_FEATURE_SHADOWPASSWDS | 54 | #if ENABLE_FEATURE_SHADOWPASSWDS |
| 51 | if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) { | 55 | if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) { |
| @@ -59,6 +63,7 @@ int correct_password(const struct passwd *pw) | |||
| 59 | if (!correct || correct[0] == '\0') | 63 | if (!correct || correct[0] == '\0') |
| 60 | return 1; | 64 | return 1; |
| 61 | 65 | ||
| 66 | fake_it: | ||
| 62 | unencrypted = bb_askpass(0, "Password: "); | 67 | unencrypted = bb_askpass(0, "Password: "); |
| 63 | if (!unencrypted) { | 68 | if (!unencrypted) { |
| 64 | return 0; | 69 | return 0; |
diff --git a/loginutils/login.c b/loginutils/login.c index 142695008..b6924b641 100644 --- a/loginutils/login.c +++ b/loginutils/login.c | |||
| @@ -276,8 +276,8 @@ int login_main(int argc, char **argv) | |||
| 276 | 276 | ||
| 277 | pw = getpwnam(username); | 277 | pw = getpwnam(username); |
| 278 | if (!pw) { | 278 | if (!pw) { |
| 279 | safe_strncpy(username, "UNKNOWN", sizeof(username)); | 279 | strcpy(username, "UNKNOWN"); |
| 280 | goto auth_failed; | 280 | goto fake_it; |
| 281 | } | 281 | } |
| 282 | 282 | ||
| 283 | if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') | 283 | if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') |
| @@ -292,11 +292,10 @@ int login_main(int argc, char **argv) | |||
| 292 | /* Don't check the password if password entry is empty (!) */ | 292 | /* Don't check the password if password entry is empty (!) */ |
| 293 | if (!pw->pw_passwd[0]) | 293 | if (!pw->pw_passwd[0]) |
| 294 | break; | 294 | break; |
| 295 | 295 | fake_it: | |
| 296 | /* authorization takes place here */ | 296 | /* authorization takes place here */ |
| 297 | if (correct_password(pw)) | 297 | if (correct_password(pw)) |
| 298 | break; | 298 | break; |
| 299 | |||
| 300 | auth_failed: | 299 | auth_failed: |
| 301 | opt &= ~LOGIN_OPT_f; | 300 | opt &= ~LOGIN_OPT_f; |
| 302 | bb_do_delay(FAIL_DELAY); | 301 | bb_do_delay(FAIL_DELAY); |