login: ask passwords even for wrong usernames.

# size busybox_old busybox_unstripped
   text    data     bss     dec     hex filename
 680099    2704   15648  698451   aa853 busybox_old
 680110    2704   15648  698462   aa85e busybox_unstripped
This commit is contained in:
Denis Vlasenko 2007-06-08 15:27:06 +00:00
parent bdbbb7ec49
commit 65e14b4588
2 changed files with 11 additions and 7 deletions

View File

@ -31,9 +31,10 @@
#include "libbb.h" #include "libbb.h"
/* Ask the user for a password. /* Ask the user for a password.
Return 1 if the user gives the correct password for entry PW, * Return 1 if the user gives the correct password for entry PW,
0 if not. Return 1 without asking for a password if run by UID 0 * 0 if not. Return 1 without asking if PW has an empty password.
or if PW has an empty password. */ *
* NULL pw means "just fake it for login with bad username" */
int correct_password(const struct passwd *pw) int correct_password(const struct passwd *pw)
{ {
@ -46,6 +47,9 @@ int correct_password(const struct passwd *pw)
char buffer[256]; char buffer[256];
#endif #endif
correct = "aa"; /* fake salt. crypt() can choke otherwise */
if (!pw)
goto fake_it; /* "aa" will never match */
correct = pw->pw_passwd; correct = pw->pw_passwd;
#if ENABLE_FEATURE_SHADOWPASSWDS #if ENABLE_FEATURE_SHADOWPASSWDS
if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) { if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) {
@ -59,6 +63,7 @@ int correct_password(const struct passwd *pw)
if (!correct || correct[0] == '\0') if (!correct || correct[0] == '\0')
return 1; return 1;
fake_it:
unencrypted = bb_askpass(0, "Password: "); unencrypted = bb_askpass(0, "Password: ");
if (!unencrypted) { if (!unencrypted) {
return 0; return 0;

View File

@ -276,8 +276,8 @@ int login_main(int argc, char **argv)
pw = getpwnam(username); pw = getpwnam(username);
if (!pw) { if (!pw) {
safe_strncpy(username, "UNKNOWN", sizeof(username)); strcpy(username, "UNKNOWN");
goto auth_failed; goto fake_it;
} }
if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*')
@ -292,11 +292,10 @@ int login_main(int argc, char **argv)
/* Don't check the password if password entry is empty (!) */ /* Don't check the password if password entry is empty (!) */
if (!pw->pw_passwd[0]) if (!pw->pw_passwd[0])
break; break;
fake_it:
/* authorization takes place here */ /* authorization takes place here */
if (correct_password(pw)) if (correct_password(pw))
break; break;
auth_failed: auth_failed:
opt &= ~LOGIN_OPT_f; opt &= ~LOGIN_OPT_f;
bb_do_delay(FAIL_DELAY); bb_do_delay(FAIL_DELAY);