2 files changed, 68 insertions, 29 deletions
diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src
index 62680bd52..0a9e803d7 100644
--- a/libbb/Kbuild.src
+++ b/libbb/Kbuild.src
@@ -150,6 +150,7 @@ lib-$(CONFIG_VLOCK) += pw_encrypt.o correct_password.o
 lib-$(CONFIG_SU) += pw_encrypt.o correct_password.o
 lib-$(CONFIG_LOGIN) += pw_encrypt.o correct_password.o
 lib-$(CONFIG_FEATURE_HTTPD_AUTH_MD5) += pw_encrypt.o
+lib-$(CONFIG_FEATURE_FTP_AUTHENTICATION) += pw_encrypt.o
 lib-$(CONFIG_DF) += find_mount_point.o
 lib-$(CONFIG_MKFS_MINIX) += find_mount_point.o
diff --git a/libbb/correct_password.c b/libbb/correct_password.c
index acadf3914..513c93028 100644
--- a/libbb/correct_password.c
+++ b/libbb/correct_password.c
@@ -30,6 +30,63 @@
 #include "libbb.h"
+#define SHADOW_BUFSIZE 256
+/* Retrieve encrypted password string for pw.
+ * If pw == NULL, return a string which fails password check against any
+ * password.
+ */
+#if !ENABLE_FEATURE_SHADOWPASSWDS
+#define get_passwd(pw, buffer) get_passwd(pw)
+#endif
+static const char *get_passwd(const struct passwd *pw, char buffer[SHADOW_BUFSIZE])
+{
+        const char *pass;
+        if (!pw)
+                return "aa"; /* "aa" will never match */
+        pass = pw->pw_passwd;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+        /* Using _r function to avoid pulling in static buffers */
+        if ((pass[0] == 'x' || pass[0] == '*') && !pass[1]) {
+                struct spwd spw;
+                int r;
+                /* getspnam_r may return 0 yet set result to NULL.
+                 * At least glibc 2.4 does this. Be extra paranoid here. */
+                struct spwd *result = NULL;
+                r = getspnam_r(pw->pw_name, &spw, buffer, SHADOW_BUFSIZE, &result);
+                pass = (r || !result) ? "aa" : result->sp_pwdp;
+        }
+#endif
+        return pass;
+}
+/*
+ * Return 1 if PW has an empty password.
+ * Return 1 if the user gives the correct password for entry PW,
+ * 0 if not.
+ * NULL pw means "just fake it for login with bad username"
+ */
+int FAST_FUNC check_password(const struct passwd *pw, const char *plaintext)
+{
+        IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
+        char *encrypted;
+        const char *pw_pass;
+        int r;
+        pw_pass = get_passwd(pw, buffer);
+        if (!pw_pass[0]) { /* empty password field? */
+                return 1;
+        }
+        encrypted = pw_encrypt(plaintext, /*salt:*/ pw_pass, 1);
+        r = (strcmp(encrypted, pw_pass) == 0);
+        free(encrypted);
+        return r;
+}
 /* Ask the user for a password.
 * Return 1 without asking if PW has an empty password.
 * Return -1 on EOF, error while reading input, or timeout.
@@ -41,42 +98,23 @@
 int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
                int timeout, const char *prompt)
 {
-        char *unencrypted, *encrypted;
+        IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
-        const char *correct;
+        char *plaintext;
+        const char *pw_pass;
        int r;
-        /* fake salt. crypt() can choke otherwise. */
-        correct = "aa";
-        if (!pw) {
-                /* "aa" will never match */
-                goto fake_it;
-        }
-        correct = pw->pw_passwd;
-#if ENABLE_FEATURE_SHADOWPASSWDS
-        /* Using _r function to avoid pulling in static buffers */
-        if ((correct[0] == 'x' || correct[0] == '*') && !correct[1]) {
-                struct spwd spw;
-                char buffer[256];
-                /* getspnam_r may return 0 yet set result to NULL.
-                 * At least glibc 2.4 does this. Be extra paranoid here. */
-                struct spwd *result = NULL;
-                r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result);
-                correct = (r || !result) ? "aa" : result->sp_pwdp;
-        }
-#endif
-        if (!correct[0]) /* empty password field? */
+        pw_pass = get_passwd(pw, buffer);
+        if (!pw_pass[0]) /* empty password field? */
                return 1;
- fake_it:
+        plaintext = bb_ask(STDIN_FILENO, timeout, prompt);
-        unencrypted = bb_ask(STDIN_FILENO, timeout, prompt);
+        if (!plaintext) {
-        if (!unencrypted) {
                /* EOF (such as ^D) or error (such as ^C) or timeout */
                return -1;
        }
-        encrypted = pw_encrypt(unencrypted, correct, 1);
-        r = (strcmp(encrypted, correct) == 0);
+        r = check_password(pw, plaintext);
-        free(encrypted);
+        nuke_str(plaintext);
-        nuke_str(unencrypted);
        return r;
 }

diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src index 62680bd52..0a9e803d7 100644 --- a/libbb/Kbuild.src +++ b/libbb/Kbuild.src
@@ -150,6 +150,7 @@ lib-$(CONFIG_VLOCK) += pw_encrypt.o correct_password.o
150	lib-$(CONFIG_SU) += pw_encrypt.o correct_password.o	150	lib-$(CONFIG_SU) += pw_encrypt.o correct_password.o
151	lib-$(CONFIG_LOGIN) += pw_encrypt.o correct_password.o	151	lib-$(CONFIG_LOGIN) += pw_encrypt.o correct_password.o
152	lib-$(CONFIG_FEATURE_HTTPD_AUTH_MD5) += pw_encrypt.o	152	lib-$(CONFIG_FEATURE_HTTPD_AUTH_MD5) += pw_encrypt.o
		153	lib-$(CONFIG_FEATURE_FTP_AUTHENTICATION) += pw_encrypt.o
153		154
154	lib-$(CONFIG_DF) += find_mount_point.o	155	lib-$(CONFIG_DF) += find_mount_point.o
155	lib-$(CONFIG_MKFS_MINIX) += find_mount_point.o	156	lib-$(CONFIG_MKFS_MINIX) += find_mount_point.o


diff --git a/libbb/correct_password.c b/libbb/correct_password.c index acadf3914..513c93028 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c
@@ -30,6 +30,63 @@
30		30
31	#include "libbb.h"	31	#include "libbb.h"
32		32
		33	#define SHADOW_BUFSIZE 256
		34
		35	/* Retrieve encrypted password string for pw.
		36	* If pw == NULL, return a string which fails password check against any
		37	* password.
		38	*/
		39	#if !ENABLE_FEATURE_SHADOWPASSWDS
		40	#define get_passwd(pw, buffer) get_passwd(pw)
		41	#endif
		42	static const char get_passwd(const struct passwd pw, char buffer[SHADOW_BUFSIZE])
		43	{
		44	const char *pass;
		45
		46	if (!pw)
		47	return "aa"; /* "aa" will never match */
		48
		49	pass = pw->pw_passwd;
		50	#if ENABLE_FEATURE_SHADOWPASSWDS
		51	/* Using _r function to avoid pulling in static buffers */
		52	if ((pass[0] == 'x' \|\| pass[0] == '*') && !pass[1]) {
		53	struct spwd spw;
		54	int r;
		55	/* getspnam_r may return 0 yet set result to NULL.
		56	* At least glibc 2.4 does this. Be extra paranoid here. */
		57	struct spwd *result = NULL;
		58	r = getspnam_r(pw->pw_name, &spw, buffer, SHADOW_BUFSIZE, &result);
		59	pass = (r \|\| !result) ? "aa" : result->sp_pwdp;
		60	}
		61	#endif
		62	return pass;
		63	}
		64
		65	/*
		66	* Return 1 if PW has an empty password.
		67	* Return 1 if the user gives the correct password for entry PW,
		68	* 0 if not.
		69	* NULL pw means "just fake it for login with bad username"
		70	*/
		71	int FAST_FUNC check_password(const struct passwd pw, const char plaintext)
		72	{
		73	IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
		74	char *encrypted;
		75	const char *pw_pass;
		76	int r;
		77
		78	pw_pass = get_passwd(pw, buffer);
		79	if (!pw_pass[0]) { /* empty password field? */
		80	return 1;
		81	}
		82
		83	encrypted = pw_encrypt(plaintext, /salt:/ pw_pass, 1);
		84	r = (strcmp(encrypted, pw_pass) == 0);
		85	free(encrypted);
		86	return r;
		87	}
		88
		89
33	/* Ask the user for a password.	90	/* Ask the user for a password.
34	* Return 1 without asking if PW has an empty password.	91	* Return 1 without asking if PW has an empty password.
35	* Return -1 on EOF, error while reading input, or timeout.	92	* Return -1 on EOF, error while reading input, or timeout.
@@ -41,42 +98,23 @@
41	int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,	98	int FAST_FUNC ask_and_check_password_extended(const struct passwd *pw,
42	int timeout, const char *prompt)	99	int timeout, const char *prompt)
43	{	100	{
44	char unencrypted, encrypted;	101	IF_FEATURE_SHADOWPASSWDS(char buffer[SHADOW_BUFSIZE];)
45	const char *correct;	102	char *plaintext;
		103	const char *pw_pass;
46	int r;	104	int r;
47	/* fake salt. crypt() can choke otherwise. */
48	correct = "aa";
49	if (!pw) {
50	/* "aa" will never match */
51	goto fake_it;
52	}
53	correct = pw->pw_passwd;
54	#if ENABLE_FEATURE_SHADOWPASSWDS
55	/* Using _r function to avoid pulling in static buffers */
56	if ((correct[0] == 'x' \|\| correct[0] == '*') && !correct[1]) {
57	struct spwd spw;
58	char buffer[256];
59	/* getspnam_r may return 0 yet set result to NULL.
60	* At least glibc 2.4 does this. Be extra paranoid here. */
61	struct spwd *result = NULL;
62	r = getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result);
63	correct = (r \|\| !result) ? "aa" : result->sp_pwdp;
64	}
65	#endif
66		105
67	if (!correct[0]) /* empty password field? */	106	pw_pass = get_passwd(pw, buffer);
		107	if (!pw_pass[0]) /* empty password field? */
68	return 1;	108	return 1;
69		109
70	fake_it:	110	plaintext = bb_ask(STDIN_FILENO, timeout, prompt);
71	unencrypted = bb_ask(STDIN_FILENO, timeout, prompt);	111	if (!plaintext) {
72	if (!unencrypted) {
73	/* EOF (such as ^D) or error (such as ^C) or timeout */	112	/* EOF (such as ^D) or error (such as ^C) or timeout */
74	return -1;	113	return -1;
75	}	114	}
76	encrypted = pw_encrypt(unencrypted, correct, 1);	115
77	r = (strcmp(encrypted, correct) == 0);	116	r = check_password(pw, plaintext);
78	free(encrypted);	117	nuke_str(plaintext);
79	nuke_str(unencrypted);
80	return r;	118	return r;
81	}	119	}
82		120