Use '*" to disable shell login instead of '!' according to the Linux man page. Use getpwnam_r() instead of getpwnam(). Do not access the user environment directly. --- cpukit/libmisc/shell/login_check.c | 45 ++++++++++++++++++++++++-------------- testsuites/samples/fileio/init.c | 13 +++++++---- 2 files changed, 38 insertions(+), 20 deletions(-)
diff --git a/cpukit/libmisc/shell/login_check.c b/cpukit/libmisc/shell/login_check.c index 8be5be2..4b21aaf 100644 --- a/cpukit/libmisc/shell/login_check.c +++ b/cpukit/libmisc/shell/login_check.c @@ -5,7 +5,7 @@ */ /* - * Copyright (c) 2009 embedded brains GmbH and others. + * Copyright (c) 2009-2014 embedded brains GmbH and others. * * embedded brains GmbH * Obere Lagerstr. 30 @@ -30,34 +30,47 @@ #include <unistd.h> #include <pwd.h> #include <string.h> +#include <crypt.h> #include <rtems/shell.h> -#include <rtems/userenv.h> bool rtems_shell_login_check( const char *user, const char *passphrase ) { - struct passwd *pw = getpwnam( user); + char buf[256]; + struct passwd *pw_res; + struct passwd pw; + int eno; + + eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res); /* Valid user? */ - if (pw != NULL && strcmp( pw->pw_passwd, "!") != 0) { + if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) { rtems_shell_env_t *env = rtems_shell_get_current_env(); - setuid( pw->pw_uid); - setgid( pw->pw_gid); - rtems_current_user_env->euid = 0; - rtems_current_user_env->egid = 0; - if (env) - chown( env->devname, pw->pw_uid, 0); - rtems_current_user_env->euid = pw->pw_uid; - rtems_current_user_env->egid = pw->pw_gid; - if (strcmp( pw->pw_passwd, "*") == 0) { - /* TODO: /etc/shadow */ + + if (env != NULL) { + chown(env->devname, pw.pw_uid, 0); + } + + setuid(pw.pw_uid); + setgid(pw.pw_gid); + seteuid(pw.pw_uid); + setegid(pw.pw_gid); + + if (strcmp(pw.pw_passwd, "") == 0) { return true; + } else if (strcmp(pw.pw_passwd, "x") == 0) { + /* TODO: /etc/shadow */ + return false; } else { - /* TODO: crypt() */ - return true; + struct crypt_data data; + char *s; + + s = crypt_r(passphrase, pw.pw_passwd, &data); + + return strcmp(s, pw.pw_passwd) == 0; } } diff --git a/testsuites/samples/fileio/init.c b/testsuites/samples/fileio/init.c index 2b60922..735b588 100644 --- a/testsuites/samples/fileio/init.c +++ b/testsuites/samples/fileio/init.c @@ -13,6 +13,7 @@ #define CONFIGURE_INIT #include "system.h" +#include <crypt.h> #include <stdio.h> #include <string.h> #include <unistd.h> @@ -641,10 +642,11 @@ static void fileio_start_shell(void) writeFile( "/etc/passwd", 0644, - "root:7QR4o148UPtb.:0:0:root::/:/bin/sh\n" - "rtems:*:1:1:RTEMS Application::/:/bin/sh\n" - "test:8Yy.AaxynxbLI:2:2:test account::/:/bin/sh\n" - "tty:!:3:3:tty owner::/:/bin/false\n" + "root:$6$$FuPOhnllx6lhW2qqlnmWvZQLJ8Thr/09I7ESTdb9VbnTOn5.65" + "/Vh2Mqa6FoKXwT0nHS/O7F0KfrDc6Svb/sH.:0:0:root::/:/bin/sh\n" + "rtems::1:1:RTEMS Application::/:/bin/sh\n" + "test:$1$$oPu1Xt2Pw0ngIc7LyDHqu1:2:2:test account::/:/bin/sh\n" + "tty:*:3:3:tty owner::/:/bin/false\n" ); writeFile( "/etc/group", @@ -1225,6 +1227,9 @@ Init (rtems_task_argument ignored) TEST_BEGIN(); + crypt_add_format(&crypt_md5_format); + crypt_add_format(&crypt_sha512_format); + status = rtems_shell_wait_for_input( STDIN_FILENO, 20, -- 1.8.4.5 _______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel