• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* -*- c -*- ------------------------------------------------------------- *
2  *
3  *   Copyright 2004-2005 Murali Krishnan Ganapathy - All Rights Reserved
4  *
5  *   This program is free software; you can redistribute it and/or modify
6  *   it under the terms of the GNU General Public License as published by
7  *   the Free Software Foundation, Inc., 53 Temple Place Ste 330,
8  *   Bostom MA 02111-1307, USA; either version 2 of the License, or
9  *   (at your option) any later version; incorporated herein by reference.
10  *
11  * ----------------------------------------------------------------------- */
12 
13 #include "passwords.h"
14 #include "des.h"
15 #include "string.h"
16 #include <stdlib.h>
17 #include <stdio.h>
18 #include "tui.h"
19 
20 #define MAX_LINE 512
21 // Max line length in a pwdfile
22 p_pwdentry userdb[MAX_USERS];	// Array of pointers
23 int numusers;			// Actual number of users
24 
25 // returns true or false, i.e. 1 or 0
authenticate_user(const char * username,const char * pwd)26 char authenticate_user(const char *username, const char *pwd)
27 {
28     char salt[12];
29     int i;
30 
31     for (i = 0; i < numusers; i++) {
32 	if (userdb[i] == NULL)
33 	    continue;
34 	if (strcmp(username, userdb[i]->username) == 0) {
35 	    strcpy(salt, userdb[i]->pwdhash);
36 	    salt[2] = '\0';
37 	    if (strcmp(userdb[i]->pwdhash, crypt(pwd, salt)) == 0)
38 		return 1;
39 	}
40     }
41     return 0;
42 }
43 
44 // Does user USERNAME  have permission PERM
isallowed(const char * username,const char * perm)45 char isallowed(const char *username, const char *perm)
46 {
47     int i;
48     char *dperm;
49     char *tmp;
50 
51     // If no users, then everybody is allowed to do everything
52     if (numusers == 0)
53 	return 1;
54     if (strcmp(username, GUEST_USER) == 0)
55 	return 0;
56     dperm = (char *)malloc(strlen(perm) + 3);
57     strcpy(dperm + 1, perm);
58     dperm[0] = ':';
59     dperm[strlen(perm) + 1] = ':';
60     dperm[strlen(perm) + 2] = 0;
61     // Now dperm = ":perm:"
62     for (i = 0; i < numusers; i++) {
63 	if (strcmp(userdb[i]->username, username) == 0)	// Found the user
64 	{
65 	    if (userdb[i]->perms == NULL)
66 		return 0;	// No permission
67 	    tmp = strstr(userdb[i]->perms, dperm);	// Search for permission
68 	    free(dperm);	// Release memory
69 	    if (tmp == NULL)
70 		return 0;
71 	    else
72 		return 1;
73 	}
74     }
75     // User not found return 0
76     free(dperm);
77     return 0;
78 }
79 
80 // Initialise the list of of user passwords permissions from file
init_passwords(const char * filename)81 void init_passwords(const char *filename)
82 {
83     int i;
84     char line[MAX_LINE], *p, *user, *pwdhash, *perms;
85     FILE *f;
86 
87     for (i = 0; i < MAX_USERS; i++)
88 	userdb[i] = NULL;
89     numusers = 0;
90 
91     if (!filename)
92 	return;			// No filename specified
93 
94     f = fopen(filename, "r");
95     if (!f)
96 	return;			// File does not exist
97 
98     // Process each line
99     while (fgets(line, sizeof line, f)) {
100 	// Replace EOLN with \0
101 	p = strchr(line, '\r');
102 	if (p)
103 	    *p = '\0';
104 	p = strchr(line, '\n');
105 	if (p)
106 	    *p = '\0';
107 
108 	// If comment line or empty ignore line
109 	p = line;
110 	while (*p == ' ')
111 	    p++;		// skip initial spaces
112 	if ((*p == '#') || (*p == '\0'))
113 	    continue;		// Skip comment lines
114 
115 	user = p;		// This is where username starts
116 	p = strchr(user, ':');
117 	if (p == NULL)
118 	    continue;		// Malformed line skip
119 	*p = '\0';
120 	pwdhash = p + 1;
121 	if (*pwdhash == 0)
122 	    continue;		// Malformed line (no password specified)
123 	p = strchr(pwdhash, ':');
124 	if (p == NULL) {	// No perms specified
125 	    perms = NULL;
126 	} else {
127 	    *p = '\0';
128 	    perms = p + 1;
129 	    if (*perms == 0)
130 		perms = NULL;
131 	}
132 	// At this point we have user,pwdhash and perms setup
133 	userdb[numusers] = (p_pwdentry) malloc(sizeof(pwdentry));
134 	strcpy(userdb[numusers]->username, user);
135 	strcpy(userdb[numusers]->pwdhash, pwdhash);
136 	if (perms == NULL)
137 	    userdb[numusers]->perms = NULL;
138 	else {
139 	    userdb[numusers]->perms = (char *)malloc(strlen(perms) + 3);
140 	    (userdb[numusers]->perms)[0] = ':';
141 	    strcpy(userdb[numusers]->perms + 1, perms);
142 	    (userdb[numusers]->perms)[strlen(perms) + 1] = ':';
143 	    (userdb[numusers]->perms)[strlen(perms) + 2] = 0;
144 	    // Now perms field points to ":perms:"
145 	}
146 	numusers++;
147     }
148     fclose(f);
149 }
150 
close_passwords(void)151 void close_passwords(void)
152 {
153     int i;
154 
155     for (i = 0; i < numusers; i++)
156 	if (userdb[i] != NULL)
157 	    free(userdb[i]);
158     numusers = 0;
159 }
160