/* Process a password auth request, sending success or failure messages as * appropriate */ void svr_auth_password() { char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt = NULL; /* crypt generated from the user's password sent */ unsigned char * password; unsigned int passwordlen; unsigned int changepw; passwdcrypt = ses.authstate.pw_passwd; #ifdef DEBUG_HACKCRYPT /* debugging crypt for non-root testing with shadows */ passwdcrypt = DEBUG_HACKCRYPT; #endif /* check if client wants to change password */ changepw = buf_getbool(ses.payload); if (changepw) { /* not implemented by this server */ send_msg_userauth_failure(0, 1); return; } password = buf_getstring(ses.payload, &passwordlen); /* the first bytes of passwdcrypt are the salt */ testcrypt = crypt((char*)password, passwdcrypt); m_burn(password, passwordlen); m_free(password); /* check for empty password */ if (passwdcrypt[0] == '\0') { dropbear_log(LOG_WARNING, "User '%s' has blank password, rejected", ses.authstate.pw_name); send_msg_userauth_failure(0, 1); return; } if (strcmp(testcrypt, passwdcrypt) == 0) { /* successful authentication */ dropbear_log(LOG_NOTICE, "Password auth succeeded for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); send_msg_userauth_success(); } else { dropbear_log(LOG_WARNING, "Bad password attempt for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); send_msg_userauth_failure(0, 1); } }
/* Process a password auth request, sending success or failure messages as * appropriate */ void svr_auth_password() { //brcm begin #ifndef SSHD_GENKEY #ifdef HAVE_SHADOW_H struct spwd *spasswd = NULL; #endif char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt = NULL; /* crypt generated from the user's password sent */ unsigned char * password; unsigned int passwordlen; unsigned int changepw; // brcm add matched flag. int matched = 0; passwdcrypt = ses.authstate.pw->pw_passwd; #ifdef HAVE_SHADOW_H /* get the shadow password if possible */ spasswd = getspnam(ses.authstate.printableuser); if (spasswd != NULL && spasswd->sp_pwdp != NULL) { passwdcrypt = spasswd->sp_pwdp; } #endif #ifdef DEBUG_HACKCRYPT /* debugging crypt for non-root testing with shadows */ passwdcrypt = DEBUG_HACKCRYPT; #endif /* check for empty password - need to do this again here * since the shadow password may differ to that tested * in auth.c */ if (passwdcrypt[0] == '\0') { dropbear_log(LOG_WARNING, "user '%s' has blank password, rejected", ses.authstate.printableuser); send_msg_userauth_failure(0, 1); return; } /* check if client wants to change password */ changepw = buf_getbool(ses.payload); if (changepw) { /* not implemented by this server */ send_msg_userauth_failure(0, 1); return; } password = buf_getstring(ses.payload, &passwordlen); /* the first bytes of passwdcrypt are the salt */ testcrypt = crypt((char*)password, passwdcrypt); // brcm add local/remote login check // We are doing all this auth checking inside sshd code instead of via proper CLI API. if ((glbAccessMode == NETWORK_ACCESS_LAN_SIDE && \ (!strcmp(ses.authstate.username, "user") || !strcmp(ses.authstate.username, "admin"))) || (glbAccessMode == NETWORK_ACCESS_WAN_SIDE && !strcmp(ses.authstate.username, "support"))) { matched = 1; strcpy(currUser, ses.authstate.username); if (!strcmp(currUser, "admin")) { currPerm = 0x80; /*PERM_ADMIN */ } else if (!strcmp(currUser, "support")) { currPerm = 0x40; /* PERM_SUPPORT */ } else if (!strcmp(currUser, "user")) { currPerm = 0x01; /* PERM_USER */ } } m_burn(password, passwordlen); m_free(password); if (strcmp(testcrypt, passwdcrypt) == 0 && matched) { /* successful authentication */ // brcm commented next msg //dropbear_log(LOG_NOTICE, // "password auth succeeded for '%s' from %s", // ses.authstate.printableuser, // svr_ses.addrstring); send_msg_userauth_success(); } else { #ifdef DESKTOP_LINUX dropbear_log(LOG_WARNING, "skip password auth for now, return success"); send_msg_userauth_success(); #else dropbear_log(LOG_WARNING, "bad password attempt for '%s' from %s", ses.authstate.printableuser, svr_ses.addrstring); send_msg_userauth_failure(0, 1); #endif } #endif // brcm end, ifndef SSHD_GENKEY }
/* Process a password auth request, sending success or failure messages as * appropriate */ void passwordauth() { #ifdef HAVE_SHADOW_H struct spwd *spasswd; #endif char * passwdcrypt; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt; /* crypt generated from the user's password sent */ unsigned char * password; unsigned int passwordlen; unsigned char changepw; passwdcrypt = ses.authstate.pw->pw_passwd; #ifdef HAVE_SHADOW_H /* get the shadow password if possible */ spasswd = getspnam(ses.authstate.pw->pw_name); if (spasswd != NULL && spasswd->sp_pwdp != NULL) { passwdcrypt = spasswd->sp_pwdp; } #endif #ifdef DEBUG_HACKCRYPT /* debugging crypt for non-root testing with shadows */ passwdcrypt = DEBUG_HACKCRYPT; #endif /* check for empty password - need to do this again here * since the shadow password may differ to that tested * in auth.c */ if (passwdcrypt[0] == '\0') { dropbear_log(LOG_WARNING, "disallowed login with empty password for '%s' from %s", ses.authstate.printableuser, ses.addrstring); send_msg_userauth_failure(0, 1); return; } /* check if client wants to change password */ changepw = buf_getbyte(ses.payload); if (changepw) { /* not implemented by this server */ send_msg_userauth_failure(0, 1); return; } password = buf_getstring(ses.payload, &passwordlen); /* clear the buffer containing the password */ buf_incrpos(ses.payload, -passwordlen - 4); m_burn(buf_getptr(ses.payload, passwordlen + 4), passwordlen + 4); /* the first bytes of passwdcrypt are the salt */ testcrypt = crypt((char*)password, passwdcrypt); if (strcmp(testcrypt, passwdcrypt) == 0) { /* successful authentication */ dropbear_log(LOG_NOTICE, "password auth succeeded for '%s' from %s", ses.authstate.printableuser, ses.addrstring); send_msg_userauth_success(); } else { dropbear_log(LOG_WARNING, "bad password attempt for '%s' from %s", ses.authstate.printableuser, ses.addrstring); send_msg_userauth_failure(0, 1); } m_burn(password, passwordlen); m_free(password); }
/* Process a password auth request, sending success or failure messages as * appropriate */ void svr_auth_password() { #ifdef HAVE_SHADOW_H struct spwd *spasswd = NULL; #endif char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */ char * testcrypt = NULL; /* crypt generated from the user's password sent */ unsigned char * password; unsigned int passwordlen; int passwd_cmp; unsigned int changepw; passwdcrypt = ses.authstate.pw_passwd; #ifdef HAVE_SHADOW_H /* get the shadow password if possible */ spasswd = getspnam(ses.authstate.pw_name); if (spasswd != NULL && spasswd->sp_pwdp != NULL) { passwdcrypt = spasswd->sp_pwdp; } #endif #ifdef DEBUG_HACKCRYPT /* debugging crypt for non-root testing with shadows */ passwdcrypt = DEBUG_HACKCRYPT; #endif /* check for empty password - need to do this again here * since the shadow password may differ to that tested * in auth.c */ if (passwdcrypt[0] == '\0' && !svr_opts.noauthpass && !(svr_opts.norootpass && ses.authstate.pw_uid == 0) ) { dropbear_log(LOG_WARNING, "%s: User '%s' has blank password, rejected", __FUNCTION__, ses.authstate.pw_name); send_msg_userauth_failure(0, 1); return; } /* check if client wants to change password */ changepw = buf_getbool(ses.payload); if (changepw) { /* not implemented by this server */ send_msg_userauth_failure(0, 1); return; } password = buf_getstring(ses.payload, &passwordlen); /* the first bytes of passwdcrypt are the salt */ /* testcrypt = crypt((char*)password, passwdcrypt); passwd_cmp = strcmp(testcrypt, passwdcrypt); */ passwd_cmp = strcmp((char*)password, passwdcrypt); m_burn(password, passwordlen); m_free(password); if ( passwd_cmp == 0 ) { /* successful authentication */ dropbear_log(LOG_NOTICE, "Password auth succeeded for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); send_msg_userauth_success(); } else { dropbear_log(LOG_WARNING, "Bad password attempt for '%s' from %s", ses.authstate.pw_name, svr_ses.addrstring); send_msg_userauth_failure(0, 1); } }