| /* -*- c -*- ------------------------------------------------------------- * |
| * |
| * Copyright 2004-2005 Murali Krishnan Ganapathy - All Rights Reserved |
| * |
| * This program is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License as published by |
| * the Free Software Foundation, Inc., 53 Temple Place Ste 330, |
| * Bostom MA 02111-1307, USA; either version 2 of the License, or |
| * (at your option) any later version; incorporated herein by reference. |
| * |
| * ----------------------------------------------------------------------- */ |
| |
| #include "passwords.h" |
| #include "des.h" |
| #include "string.h" |
| #include <stdlib.h> |
| #include <stdio.h> |
| #include "tui.h" |
| |
| #define MAX_LINE 512 |
| // Max line length in a pwdfile |
| p_pwdentry userdb[MAX_USERS]; // Array of pointers |
| int numusers; // Actual number of users |
| |
| // returns true or false, i.e. 1 or 0 |
| char authenticate_user(const char *username, const char *pwd) |
| { |
| char salt[12]; |
| int i; |
| |
| for (i = 0; i < numusers; i++) { |
| if (userdb[i] == NULL) |
| continue; |
| if (strcmp(username, userdb[i]->username) == 0) { |
| strcpy(salt, userdb[i]->pwdhash); |
| salt[2] = '\0'; |
| if (strcmp(userdb[i]->pwdhash, crypt(pwd, salt)) == 0) |
| return 1; |
| } |
| } |
| return 0; |
| } |
| |
| // Does user USERNAME have permission PERM |
| char isallowed(const char *username, const char *perm) |
| { |
| int i; |
| char *dperm; |
| char *tmp; |
| |
| // If no users, then everybody is allowed to do everything |
| if (numusers == 0) |
| return 1; |
| if (strcmp(username, GUEST_USER) == 0) |
| return 0; |
| dperm = (char *)malloc(strlen(perm) + 3); |
| strcpy(dperm + 1, perm); |
| dperm[0] = ':'; |
| dperm[strlen(perm) + 1] = ':'; |
| dperm[strlen(perm) + 2] = 0; |
| // Now dperm = ":perm:" |
| for (i = 0; i < numusers; i++) { |
| if (strcmp(userdb[i]->username, username) == 0) // Found the user |
| { |
| if (userdb[i]->perms == NULL) |
| return 0; // No permission |
| tmp = strstr(userdb[i]->perms, dperm); // Search for permission |
| free(dperm); // Release memory |
| if (tmp == NULL) |
| return 0; |
| else |
| return 1; |
| } |
| } |
| // User not found return 0 |
| free(dperm); |
| return 0; |
| } |
| |
| // Initialise the list of of user passwords permissions from file |
| void init_passwords(const char *filename) |
| { |
| int i; |
| char line[MAX_LINE], *p, *user, *pwdhash, *perms; |
| FILE *f; |
| |
| for (i = 0; i < MAX_USERS; i++) |
| userdb[i] = NULL; |
| numusers = 0; |
| |
| if (!filename) |
| return; // No filename specified |
| |
| f = fopen(filename, "r"); |
| if (!f) |
| return; // File does not exist |
| |
| // Process each line |
| while (fgets(line, sizeof line, f)) { |
| // Replace EOLN with \0 |
| p = strchr(line, '\r'); |
| if (p) |
| *p = '\0'; |
| p = strchr(line, '\n'); |
| if (p) |
| *p = '\0'; |
| |
| // If comment line or empty ignore line |
| p = line; |
| while (*p == ' ') |
| p++; // skip initial spaces |
| if ((*p == '#') || (*p == '\0')) |
| continue; // Skip comment lines |
| |
| user = p; // This is where username starts |
| p = strchr(user, ':'); |
| if (p == NULL) |
| continue; // Malformed line skip |
| *p = '\0'; |
| pwdhash = p + 1; |
| if (*pwdhash == 0) |
| continue; // Malformed line (no password specified) |
| p = strchr(pwdhash, ':'); |
| if (p == NULL) { // No perms specified |
| perms = NULL; |
| } else { |
| *p = '\0'; |
| perms = p + 1; |
| if (*perms == 0) |
| perms = NULL; |
| } |
| // At this point we have user,pwdhash and perms setup |
| userdb[numusers] = (p_pwdentry) malloc(sizeof(pwdentry)); |
| strcpy(userdb[numusers]->username, user); |
| strcpy(userdb[numusers]->pwdhash, pwdhash); |
| if (perms == NULL) |
| userdb[numusers]->perms = NULL; |
| else { |
| userdb[numusers]->perms = (char *)malloc(strlen(perms) + 3); |
| (userdb[numusers]->perms)[0] = ':'; |
| strcpy(userdb[numusers]->perms + 1, perms); |
| (userdb[numusers]->perms)[strlen(perms) + 1] = ':'; |
| (userdb[numusers]->perms)[strlen(perms) + 2] = 0; |
| // Now perms field points to ":perms:" |
| } |
| numusers++; |
| } |
| fclose(f); |
| } |
| |
| void close_passwords(void) |
| { |
| int i; |
| |
| for (i = 0; i < numusers; i++) |
| if (userdb[i] != NULL) |
| free(userdb[i]); |
| numusers = 0; |
| } |