diff options
-rw-r--r-- | libbb/correct_password.c | 11 | ||||
-rw-r--r-- | loginutils/login.c | 7 |
2 files changed, 11 insertions, 7 deletions
diff --git a/libbb/correct_password.c b/libbb/correct_password.c index c515b26af..af6ff076d 100644 --- a/libbb/correct_password.c +++ b/libbb/correct_password.c @@ -31,9 +31,10 @@ #include "libbb.h" /* Ask the user for a password. - Return 1 if the user gives the correct password for entry PW, - 0 if not. Return 1 without asking for a password if run by UID 0 - or if PW has an empty password. */ + * Return 1 if the user gives the correct password for entry PW, + * 0 if not. Return 1 without asking if PW has an empty password. + * + * NULL pw means "just fake it for login with bad username" */ int correct_password(const struct passwd *pw) { @@ -46,6 +47,9 @@ int correct_password(const struct passwd *pw) char buffer[256]; #endif + correct = "aa"; /* fake salt. crypt() can choke otherwise */ + if (!pw) + goto fake_it; /* "aa" will never match */ correct = pw->pw_passwd; #if ENABLE_FEATURE_SHADOWPASSWDS if (LONE_CHAR(pw->pw_passwd, 'x') || LONE_CHAR(pw->pw_passwd, '*')) { @@ -59,6 +63,7 @@ int correct_password(const struct passwd *pw) if (!correct || correct[0] == '\0') return 1; + fake_it: unencrypted = bb_askpass(0, "Password: "); if (!unencrypted) { return 0; diff --git a/loginutils/login.c b/loginutils/login.c index 142695008..b6924b641 100644 --- a/loginutils/login.c +++ b/loginutils/login.c @@ -276,8 +276,8 @@ int login_main(int argc, char **argv) pw = getpwnam(username); if (!pw) { - safe_strncpy(username, "UNKNOWN", sizeof(username)); - goto auth_failed; + strcpy(username, "UNKNOWN"); + goto fake_it; } if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') @@ -292,11 +292,10 @@ int login_main(int argc, char **argv) /* Don't check the password if password entry is empty (!) */ if (!pw->pw_passwd[0]) break; - + fake_it: /* authorization takes place here */ if (correct_password(pw)) break; - auth_failed: opt &= ~LOGIN_OPT_f; bb_do_delay(FAIL_DELAY); |