source: rtems/cpukit/telnetd/check_passwd.c @ 1fae7b43

4.104.115
Last change on this file since 1fae7b43 was 1fae7b43, checked in by Joel Sherrill <joel.sherrill@…>, on 10/15/08 at 17:37:16

2008-10-15 Joel Sherrill <joel.sherrill@…>

PR 1331/networking

  • libmisc/shell/shell.c, telnetd/check_passwd.c, telnetd/telnetd.c, telnetd/telnetd.h: Improve comments and explanation of options to rtems_telnetd_initialize. Add extra newline to login sequence from shell.
  • Property mode set to 100644
File size: 5.3 KB
Line 
1/* $Id$ */
2
3/* Read a password, encrypt it and compare to the encrypted
4 * password in the TELNETD_PASSWD environment variable.
5 * No password is required if TELNETD_PASSWD is unset
6 */
7
8/*
9 * Authorship
10 * ----------
11 * This software was created by
12 *     Till Straumann <strauman@slac.stanford.edu>, 2003-2007
13 *         Stanford Linear Accelerator Center, Stanford University.
14 *
15 * Acknowledgement of sponsorship
16 * ------------------------------
17 * This software was produced by
18 *     the Stanford Linear Accelerator Center, Stanford University,
19 *         under Contract DE-AC03-76SFO0515 with the Department of Energy.
20 *
21 * Government disclaimer of liability
22 * ----------------------------------
23 * Neither the United States nor the United States Department of Energy,
24 * nor any of their employees, makes any warranty, express or implied, or
25 * assumes any legal liability or responsibility for the accuracy,
26 * completeness, or usefulness of any data, apparatus, product, or process
27 * disclosed, or represents that its use would not infringe privately owned
28 * rights.
29 *
30 * Stanford disclaimer of liability
31 * --------------------------------
32 * Stanford University makes no representations or warranties, express or
33 * implied, nor assumes any liability for the use of this software.
34 *
35 * Stanford disclaimer of copyright
36 * --------------------------------
37 * Stanford University, owner of the copyright, hereby disclaims its
38 * copyright and all other rights in this software.  Hence, anyone may
39 * freely use it for any purpose without restriction. 
40 *
41 * Maintenance of notices
42 * ----------------------
43 * In the interest of clarity regarding the origin and status of this
44 * SLAC software, this and all the preceding Stanford University notices
45 * are to remain affixed to any copy or derivative of this software made
46 * or distributed by the recipient and are to be affixed to any copy of
47 * software made or distributed by the recipient that contains a copy or
48 * derivative of this software.
49 *
50 * ------------------ SLAC Software Notices, Set 4 OTT.002a, 2004 FEB 03
51 */
52
53#if !defined(INSIDE_TELNETD) && !defined(__rtems__)
54#include <crypt.h>
55#endif
56#include <termios.h>
57#include <errno.h>
58#include <stdio.h>
59#include <unistd.h>
60#include <stdlib.h>
61#include <string.h>
62#include <syslog.h>
63
64#include "passwd.h"
65
66/* rtems has global filedescriptors but per-thread stdio streams... */
67#define STDI_FD fileno(stdin)
68#define MAXPASSRETRY    3
69
70extern char *__des_crypt_r(char *, char*, char*, int);
71
72#if !defined(INSIDE_TELNETD)
73#define sockpeername(s,b,sz) (-1)
74#endif
75
76#if defined(INSIDE_TELNETD)
77static
78#endif
79int check_passwd(char *peername)
80{
81  char                  *pw;
82  int                   rval = -1, tmp, retries;
83  struct termios        t,told;
84  int                   restore_flags = 0;
85  char                  buf[30], cryptbuf[21];
86  char                  salt[3];
87
88  if ( !(pw=getenv("TELNETD_PASSWD")) || 0 == strlen(pw) )
89#ifdef TELNETD_DEFAULT_PASSWD
90    pw = TELNETD_DEFAULT_PASSWD;
91#else
92    return 0;
93#endif
94
95  if ( tcgetattr(STDI_FD, &t) ) {
96    perror("check_passwd(): tcgetattr");
97    goto done; 
98  }
99  told = t;
100  t.c_lflag &= ~ECHO;
101  t.c_lflag &= ~ICANON;
102  t.c_cc[VTIME] = 255;
103  t.c_cc[VMIN]  = 0;
104
105  strncpy(salt,pw,2);
106  salt[2]=0;
107
108  if ( tcsetattr(STDI_FD, TCSANOW, &t) ) {
109    perror("check_passwd(): tcsetattr");
110    goto done; 
111  }
112  restore_flags = 1;
113
114  /* Here we ask for the password... */
115  for ( retries = MAXPASSRETRY; retries > 0; retries-- ) {
116    fflush(stdin);
117    fprintf(stderr,"Password:");
118    fflush(stderr);
119    if ( 0 == fgets(buf,sizeof(buf),stdin) ) {
120      /* Here comes an ugly hack:
121       * The termios driver's 'read()' handler
122       * returns 0 to the c library's fgets if
123       * it times out. 'fgets' interprets this
124       * (correctly) as EOF, a condition we want
125       * to undo since it's not really true since
126       * we really have a read error (termios bug??)
127       *
128       * As a workaround we push something back and
129       * read it again. This should simply reset the
130       * EOF condition.
131       */
132      if (ungetc('?',stdin) >= 0)
133        fgetc(stdin);
134      goto done;
135    }
136    fputc('\n',stderr);
137    tmp = strlen(buf);
138    while ( tmp > 0 && ('\n' == buf[tmp-1] || '\r' == buf[tmp-1]) ) {
139      buf[--tmp]=0;
140    }
141    if ( !strcmp(__des_crypt_r(buf, salt, cryptbuf, sizeof(cryptbuf)), pw) ) {
142      rval = 0;
143      break;
144    }
145    fprintf(stderr,"Incorrect Password.\n");
146    sleep(2);
147  }
148
149  if ( 0 == retries ) {
150    syslog( LOG_AUTHPRIV | LOG_WARNING,
151      "telnetd: %i wrong passwords entered from %s",
152      MAXPASSRETRY,
153      peername ? peername : "<UNKNOWN>");
154  }
155
156done:
157  /* what to do if restoring the flags fails?? */
158  if (restore_flags)
159    tcsetattr(STDI_FD, TCSANOW, &told);
160 
161  if (rval) {
162    sleep(2);
163  }
164  return rval;
165}
166
167#if !defined(INSIDE_TELNETD) && !defined(__rtems__)
168int
169main(int argc, char **argv)
170{
171char *str, *enc=0;
172int   ch;
173
174while ( (ch=getopt(argc, argv, "g:")) > 0 ) {
175  switch (ch) {
176    default:
177      fprintf(stderr,"Unknown option\n");
178    return(1);
179
180    case 'g':
181      printf("Generated encrypted password: '%s'\n", (enc=crypt(optarg,"td")));
182    break;
183     
184  }
185}
186if (argc>optind && !enc) {
187  enc=argv[optind];
188}
189if (enc) {
190  str = malloc(strlen(enc) + 30);
191  sprintf(str,"TELNETD_PASSWD=%s",enc);
192  putenv(str);
193}
194if (check_passwd(-1)) {
195  fprintf(stderr,"check_passwd() failed\n");
196}
197return 0;
198}
199
200#endif
Note: See TracBrowser for help on using the repository browser.