[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] fix for: 1.4.2 rexecd doesn't handle shadow passwords
|
From: |
Andrew Klossner |
|
Subject: |
[bug-inetutils] fix for: 1.4.2 rexecd doesn't handle shadow passwords |
|
Date: |
Fri, 19 Mar 2004 16:11:28 -0800 |
rexecd.c only understands passwords from /etc/passwd, it doesn't know
about /etc/shadow. You could argue that anyone who cares about
shadowing passwords has no business using rexecd in the first place,
but it makes sense for a project I support. The enclosed patch
teaches rexecd about shadows.
*** inetutils-1.4.2/rexecd/old-rexecd.c Wed Dec 11 04:38:00 2002
--- inetutils-1.4.2/rexecd/rexecd.c Fri Mar 19 16:04:14 2004
***************
*** 79,84 ****
--- 79,88 ----
#include <varargs.h>
#endif
+ #ifdef HAVE_SHADOW_H
+ #include <shadow.h>
+ #endif
+
void error __P ((const char *fmt, ...));
/*
* remote execute server:
***************
*** 127,132 ****
--- 131,140 ----
char *cmdbuf, *cp, *namep;
char *user, *pass;
struct passwd *pwd;
+ #ifdef HAVE_SHADOW_H
+ struct spwd *spwd;
+ char *pw_field;
+ #endif
int s;
u_short port;
int pv[2], pid, cc;
***************
*** 186,191 ****
--- 194,217 ----
exit(1);
}
endpwent();
+
+ #ifdef HAVE_SHADOW_H
+ // Get encrypted password from /etc/shadow if possible,
+ // else from /etc/passwd.
+ spwd = getspnam(user);
+ if (spwd) {
+ pw_field = spwd->sp_pwdp;
+ } else {
+ pw_field = pwd->pw_passwd;
+ }
+ if (*pw_field != '\0') {
+ namep = CRYPT (pass, pw_field);
+ if (strcmp(namep, pw_field)) {
+ error("Password incorrect.\n");
+ exit(1);
+ }
+ }
+ #else
if (*pwd->pw_passwd != '\0') {
namep = CRYPT (pass, pwd->pw_passwd);
if (strcmp(namep, pwd->pw_passwd)) {
***************
*** 193,198 ****
--- 219,225 ----
exit(1);
}
}
+ #endif
write(STDERR_FILENO, "\0", 1);
if (port) {
pipe(pv);
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-inetutils] fix for: 1.4.2 rexecd doesn't handle shadow passwords,
Andrew Klossner <=