diff options
author | Rob Landley <rob@landley.net> | 2014-09-26 18:49:44 -0500 |
---|---|---|
committer | Rob Landley <rob@landley.net> | 2014-09-26 18:49:44 -0500 |
commit | e0d8009d76b3a2451cb6c6ed2b241c7eff06ed60 (patch) | |
tree | f2904430b0cb86f7b7a2721ae2ddd60fcf727166 /lib/password.c | |
parent | e1fa787be8d0d66c9860c86dcb80fd6e096f74e0 (diff) | |
download | toybox-e0d8009d76b3a2451cb6c6ed2b241c7eff06ed60.tar.gz |
The only illegal characters in a username are ":" (field separator), "\n" (line separator), and "/" (filename separator).
Restricting usernames to the legacy posix character allowed set (for filenames,
so the $HOME directory is creatable on VFAT and similar) means you can't have
UTF-8 usernames. Linux allows any character but / and NUL in filenames.
Since root is creating these entries, we assume root knows what it's doing.
Diffstat (limited to 'lib/password.c')
-rw-r--r-- | lib/password.c | 32 |
1 files changed, 1 insertions, 31 deletions
diff --git a/lib/password.c b/lib/password.c index 2578dfe0..40cbead0 100644 --- a/lib/password.c +++ b/lib/password.c @@ -19,11 +19,7 @@ int get_salt(char *salt, char *algo) int len = al[i].len; char *s = salt; - if (al[i].id) { - *s++ = '$'; - *s++ = '0'+al[i].id; - *s++ = '$'; - } + if (al[i].id) s += sprintf(s, "$%c$", '0'+al[i].id); // Read appropriate number of random bytes for salt i = xopen("/dev/urandom", O_RDONLY); @@ -233,29 +229,3 @@ free_storage: free(filenamesfx); return ret; } - -void is_valid_username(const char *name) -{ - regex_t rp; - regmatch_t rm[1]; - int eval; - char *regex = "^[_.A-Za-z0-9][-_.A-Za-z0-9]*"; //User name REGEX - - xregcomp(&rp, regex, REG_NEWLINE); - - /* compare string against pattern -- remember that patterns - are anchored to the beginning of the line */ - eval = regexec(&rp, name, 1, rm, 0); - regfree(&rp); - if (!eval && !rm[0].rm_so) { - int len = strlen(name); - if ((rm[0].rm_eo == len) || - (rm[0].rm_eo == len - 1 && name[len - 1] == '$')) { - if (len >= LOGIN_NAME_MAX) error_exit("name is too long"); - else return; - } - } - error_exit("'%s', not valid %sname",name, - (((toys.which->name[3] == 'g') || - (toys.which->name[0] == 'g'))? "group" : "user")); -} |