From 12083d49e57b33e3cdb455d386b058bc0f2bdae0 Mon Sep 17 00:00:00 2001 From: sin Date: Mon, 9 Jun 2014 10:55:41 +0100 Subject: [PATCH] Port su(1) to use pw_check() --- su.c | 51 +++++---------------------------------------------- 1 file changed, 5 insertions(+), 46 deletions(-) diff --git a/su.c b/su.c index 20adfad..1c69ce3 100644 --- a/su.c +++ b/su.c @@ -4,10 +4,10 @@ #include #include #include -#include #include #include #include +#include "passwd.h" #include "config.h" #include "util.h" @@ -27,9 +27,8 @@ static int pflag = 0; int main(int argc, char *argv[]) { - char *usr = "root", *pass, *cryptpass; + char *usr = "root", *pass; char *shell; - struct spwd *spw; struct passwd *pw; char *newargv[2]; uid_t uid; @@ -59,55 +58,15 @@ main(int argc, char *argv[]) else if (!pw) eprintf("who are you?\n"); - switch (pw->pw_passwd[0]) { - case '!': - case '*': - eprintf("denied\n"); - } - - /* Empty password? Su now */ - if (pw->pw_passwd[0] == '\0') - goto dosu; - uid = getuid(); if (uid) { - pass = getpass("Password: "); - putchar('\n'); + pass = getpass("Password: "); putchar('\n'); if (!pass) eprintf("getpass:"); + if (pw_check(pw, pass) == 0) + eprintf("incorrect password\n"); } - if (pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0') { - errno = 0; - spw = getspnam(usr); - if (errno) - eprintf("getspnam: %s:", usr); - else if (!spw) - eprintf("who are you?\n"); - - switch (spw->sp_pwdp[0]) { - case '!': - case '*': - eprintf("denied\n"); - } - if (uid) { - cryptpass = crypt(pass, spw->sp_pwdp); - if (!cryptpass) - eprintf("crypt:"); - if (strcmp(cryptpass, spw->sp_pwdp) != 0) - eprintf("incorrect password\n"); - } - } else { - if (uid) { - cryptpass = crypt(pass, pw->pw_passwd); - if (!cryptpass) - eprintf("crypt:"); - if (strcmp(cryptpass, pw->pw_passwd) != 0) - eprintf("login failed\n"); - } - } - -dosu: if (initgroups(usr, pw->pw_gid) < 0) eprintf("initgroups:"); if (setgid(pw->pw_gid) < 0)