Changeset acf9a8d in rtems


Ignore:
Timestamp:
Nov 14, 2014, 1:31:54 PM (5 years ago)
Author:
Sebastian Huber <sebastian.huber@…>
Branches:
4.11, master
Children:
395e5d4
Parents:
002f351
git-author:
Sebastian Huber <sebastian.huber@…> (11/14/14 13:31:54)
git-committer:
Sebastian Huber <sebastian.huber@…> (11/20/14 09:30:22)
Message:

shell: Use crypt_r() in rtems_shell_login_check()

Use '*" to disable shell login instead of '!' according to the Linux man
page. Use getpwnam_r() instead of getpwnam(). Do not access the user
environment directly. Update the user environment only after a
successful login check.

Files:
4 added
4 edited

Legend:

Unmodified
Added
Removed
  • cpukit/libmisc/shell/login_check.c

    r002f351 racf9a8d  
    66
    77/*
    8  * Copyright (c) 2009 embedded brains GmbH and others.
     8 * Copyright (c) 2009-2014 embedded brains GmbH and others.
    99 *
    1010 * embedded brains GmbH
    11  * Obere Lagerstr. 30
     11 * Dornierstr. 4
    1212 * D-82178 Puchheim
    1313 * Germany
     
    3131#include <pwd.h>
    3232#include <string.h>
     33#include <crypt.h>
    3334
    3435#include <rtems/shell.h>
    35 #include <rtems/userenv.h>
    3636
    3737bool rtems_shell_login_check(
     
    4040)
    4141{
    42   struct passwd *pw = getpwnam( user);
     42  char buf[256];
     43  struct passwd *pw_res;
     44  struct passwd pw;
     45  int eno;
     46  bool ok;
     47
     48  eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res);
    4349
    4450  /* Valid user? */
    45   if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) {
    46     rtems_shell_env_t *env = rtems_shell_get_current_env();
    47     setuid( pw->pw_uid);
    48     setgid( pw->pw_gid);
    49     rtems_current_user_env->euid = 0;
    50     rtems_current_user_env->egid = 0;
    51     if (env)
    52       chown( env->devname, pw->pw_uid, 0);
    53     rtems_current_user_env->euid = pw->pw_uid;
    54     rtems_current_user_env->egid = pw->pw_gid;
    55     if (strcmp( pw->pw_passwd, "*") == 0) {
     51  if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) {
     52    if (strcmp(pw.pw_passwd, "") == 0) {
     53      ok = true;
     54    } else if (strcmp(pw.pw_passwd, "x") == 0) {
    5655      /* TODO: /etc/shadow */
    57       return true;
     56      ok = false;
    5857    } else {
    59       /* TODO: crypt() */
    60       return true;
     58      struct crypt_data data;
     59      char *s;
     60
     61      s = crypt_r(passphrase, pw.pw_passwd, &data);
     62      ok = strcmp(s, pw.pw_passwd) == 0;
    6163    }
     64  } else {
     65    ok = false;
    6266  }
    6367
    64   return false;
     68  if (ok) {
     69    rtems_shell_env_t *env = rtems_shell_get_current_env();
     70
     71    if (env != NULL) {
     72      chown(env->devname, pw.pw_uid, 0);
     73    }
     74
     75    setuid(pw.pw_uid);
     76    setgid(pw.pw_gid);
     77    seteuid(pw.pw_uid);
     78    setegid(pw.pw_gid);
     79  }
     80
     81  return ok;
    6582}
  • testsuites/libtests/Makefile.am

    r002f351 racf9a8d  
    22
    33_SUBDIRS = POSIX
     4_SUBDIRS += shell01
    45_SUBDIRS += pwdgrp01
    56_SUBDIRS += crypt01
  • testsuites/libtests/configure.ac

    r002f351 racf9a8d  
    6767# Explicitly list all Makefiles here
    6868AC_CONFIG_FILES([Makefile
     69shell01/Makefile
    6970pwdgrp01/Makefile
    7071crypt01/Makefile
  • testsuites/samples/fileio/init.c

    r002f351 racf9a8d  
    1414#define CONFIGURE_INIT
    1515#include "system.h"
     16#include <crypt.h>
    1617#include <stdio.h>
    1718#include <string.h>
     
    642643    "/etc/passwd",
    643644    0644,
    644     "root:7QR4o148UPtb.:0:0:root::/:/bin/sh\n"
    645     "rtems:*:1:1:RTEMS Application::/:/bin/sh\n"
    646     "test:8Yy.AaxynxbLI:2:2:test account::/:/bin/sh\n"
    647     "tty:!:3:3:tty owner::/:/bin/false\n"
     645    "root:$6$$FuPOhnllx6lhW2qqlnmWvZQLJ8Thr/09I7ESTdb9VbnTOn5.65"
     646      "/Vh2Mqa6FoKXwT0nHS/O7F0KfrDc6Svb/sH.:0:0:root::/:/bin/sh\n"
     647    "rtems::1:1:RTEMS Application::/:/bin/sh\n"
     648    "test:$1$$oPu1Xt2Pw0ngIc7LyDHqu1:2:2:test account::/:/bin/sh\n"
     649    "tty:*:3:3:tty owner::/:/bin/false\n"
    648650  );
    649651  writeFile(
     
    12261228  TEST_BEGIN();
    12271229
     1230  crypt_add_format(&crypt_md5_format);
     1231  crypt_add_format(&crypt_sha512_format);
     1232
    12281233  status = rtems_shell_wait_for_input(
    12291234    STDIN_FILENO,
Note: See TracChangeset for help on using the changeset viewer.