libmisc/shell/login_check.c

0001 /**
0002  * @file
0003  *
0004  * @brief Shell login check function.
0005  */
0006
0007 /*
0008  * Copyright (C) 2009, 2014 embedded brains GmbH & Co. KG
0009  *
0010  * Based on work from Chris Johns and Fernando Ruiz.
0011  *
0012  * Derived from file "cpukit/libmisc/shell/shell.c".
0013  *
0014  * The license and distribution terms for this file may be
0015  * found in the file LICENSE in this distribution or at
0016  * http://www.rtems.org/license/LICENSE.
0017  */
0018
0019 #ifdef HAVE_CONFIG_H
0020 #include "config.h"
0021 #endif
0022
0023 #include <sys/types.h>
0024 #include <unistd.h>
0025 #include <pwd.h>
0026 #include <string.h>
0027 #include <crypt.h>
0028
0029 #include <rtems/shell.h>
0030 #include <rtems/userenv.h>
0031
0032 bool rtems_shell_login_check(
0033   const char *user,
0034   const char *passphrase
0035 )
0036 {
0037   char buf[256];
0038   struct passwd *pw_res;
0039   struct passwd pw;
0040   int eno;
0041   bool ok;
0042
0043   eno = getpwnam_r(user, &pw, &buf[0], sizeof(buf), &pw_res);
0044
0045   /* Valid user? */
0046   if (eno == 0 && strcmp(pw.pw_passwd, "*") != 0) {
0047     if (strcmp(pw.pw_passwd, "") == 0) {
0048       ok = true;
0049     } else if (strcmp(pw.pw_passwd, "x") == 0) {
0050       /* TODO: /etc/shadow */
0051       ok = false;
0052     } else {
0053       struct crypt_data data;
0054       char *s;
0055
0056       s = crypt_r(passphrase, pw.pw_passwd, &data);
0057       ok = strcmp(s, pw.pw_passwd) == 0;
0058     }
0059   } else {
0060     ok = false;
0061   }
0062
0063   if (ok && strcmp(pw.pw_dir, "") != 0) {
0064     ok = chroot(pw.pw_dir) == 0;
0065   }
0066
0067   if (ok) {
0068     rtems_shell_env_t *env = rtems_shell_get_current_env();
0069
0070     if (env != NULL) {
0071       chown(env->devname, pw.pw_uid, 0);
0072     }
0073
0074     setuid(pw.pw_uid);
0075     setgid(pw.pw_gid);
0076     seteuid(pw.pw_uid);
0077     setegid(pw.pw_gid);
0078     rtems_current_user_env_getgroups();
0079   }
0080
0081   return ok;
0082 }