com32/cmenu/libmenu/passwords.c - platform/external/syslinux - Git at Google

 /* -*- c -*- ------------------------------------------------------------- *
  *
  *   Copyright 2004-2005 Murali Krishnan Ganapathy - All Rights Reserved
  *
  *   This program is free software; you can redistribute it and/or modify
  *   it under the terms of the GNU General Public License as published by
  *   the Free Software Foundation, Inc., 53 Temple Place Ste 330,
  *   Bostom MA 02111-1307, USA; either version 2 of the License, or
  *   (at your option) any later version; incorporated herein by reference.
  *
  * ----------------------------------------------------------------------- */

 #include "passwords.h"
 #include "des.h"
 #include "string.h"
 #include <stdlib.h>
 #include <stdio.h>
 #include "tui.h"

 #define MAX_LINE 512
 // Max line length in a pwdfile
 p_pwdentry userdb[MAX_USERS];	// Array of pointers
 int numusers;			// Actual number of users

 // returns true or false, i.e. 1 or 0
 char authenticate_user(const char *username, const char *pwd)
 {
     char salt[12];
     int i;

     for (i = 0; i < numusers; i++) {
 	if (userdb[i] == NULL)
 	    continue;
 	if (strcmp(username, userdb[i]->username) == 0) {
 	    strcpy(salt, userdb[i]->pwdhash);
 	    salt[2] = '\0';
 	    if (strcmp(userdb[i]->pwdhash, crypt(pwd, salt)) == 0)
 		return 1;
 	}
     }
     return 0;
 }

 // Does user USERNAME  have permission PERM
 char isallowed(const char *username, const char *perm)
 {
     int i;
     char *dperm;
     char *tmp;

     // If no users, then everybody is allowed to do everything
     if (numusers == 0)
 	return 1;
     if (strcmp(username, GUEST_USER) == 0)
 	return 0;
     dperm = (char *)malloc(strlen(perm) + 3);
     strcpy(dperm + 1, perm);
     dperm[0] = ':';
     dperm[strlen(perm) + 1] = ':';
     dperm[strlen(perm) + 2] = 0;
     // Now dperm = ":perm:"
     for (i = 0; i < numusers; i++) {
 	if (strcmp(userdb[i]->username, username) == 0)	// Found the user
 	{
 	    if (userdb[i]->perms == NULL)
 		return 0;	// No permission
 	    tmp = strstr(userdb[i]->perms, dperm);	// Search for permission
 	    free(dperm);	// Release memory
 	    if (tmp == NULL)
 		return 0;
 	    else
 		return 1;
 	}
     }
     // User not found return 0
     free(dperm);
     return 0;
 }

 // Initialise the list of of user passwords permissions from file
 void init_passwords(const char *filename)
 {
     int i;
     char line[MAX_LINE], *p, *user, *pwdhash, *perms;
     FILE *f;

     for (i = 0; i < MAX_USERS; i++)
 	userdb[i] = NULL;
     numusers = 0;

     if (!filename)
 	return;			// No filename specified

     f = fopen(filename, "r");
     if (!f)
 	return;			// File does not exist

     // Process each line
     while (fgets(line, sizeof line, f)) {
 	// Replace EOLN with \0
 	p = strchr(line, '\r');
 	if (p)
 	    *p = '\0';
 	p = strchr(line, '\n');
 	if (p)
 	    *p = '\0';

 	// If comment line or empty ignore line
 	p = line;
 	while (*p == ' ')
 	    p++;		// skip initial spaces
 	if ((*p == '#') || (*p == '\0'))
 	    continue;		// Skip comment lines

 	user = p;		// This is where username starts
 	p = strchr(user, ':');
 	if (p == NULL)
 	    continue;		// Malformed line skip
 	*p = '\0';
 	pwdhash = p + 1;
 	if (*pwdhash == 0)
 	    continue;		// Malformed line (no password specified)
 	p = strchr(pwdhash, ':');
 	if (p == NULL) {	// No perms specified
 	    perms = NULL;
 	} else {
 	    *p = '\0';
 	    perms = p + 1;
 	    if (*perms == 0)
 		perms = NULL;
 	}
 	// At this point we have user,pwdhash and perms setup
 	userdb[numusers] = (p_pwdentry) malloc(sizeof(pwdentry));
 	strcpy(userdb[numusers]->username, user);
 	strcpy(userdb[numusers]->pwdhash, pwdhash);
 	if (perms == NULL)
 	    userdb[numusers]->perms = NULL;
 	else {
 	    userdb[numusers]->perms = (char *)malloc(strlen(perms) + 3);
 	    (userdb[numusers]->perms)[0] = ':';
 	    strcpy(userdb[numusers]->perms + 1, perms);
 	    (userdb[numusers]->perms)[strlen(perms) + 1] = ':';
 	    (userdb[numusers]->perms)[strlen(perms) + 2] = 0;
 	    // Now perms field points to ":perms:"
 	}
 	numusers++;
     }
     fclose(f);
 }

 void close_passwords(void)
 {
     int i;

     for (i = 0; i < numusers; i++)
 	if (userdb[i] != NULL)
 	    free(userdb[i]);
     numusers = 0;
 }
	/* -- c -- ------------------------------------------------------------- *
	*
	* Copyright 2004-2005 Murali Krishnan Ganapathy - All Rights Reserved
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of the GNU General Public License as published by
	* the Free Software Foundation, Inc., 53 Temple Place Ste 330,
	* Bostom MA 02111-1307, USA; either version 2 of the License, or
	* (at your option) any later version; incorporated herein by reference.
	*
	* ----------------------------------------------------------------------- */

	#include "passwords.h"
	#include "des.h"
	#include "string.h"
	#include <stdlib.h>
	#include <stdio.h>
	#include "tui.h"

	#define MAX_LINE 512
	// Max line length in a pwdfile
	p_pwdentry userdb[MAX_USERS]; // Array of pointers
	int numusers; // Actual number of users

	// returns true or false, i.e. 1 or 0
	char authenticate_user(const char username, const char pwd)
	{
	char salt[12];
	int i;

	for (i = 0; i < numusers; i++) {
	if (userdb[i] == NULL)
	continue;
	if (strcmp(username, userdb[i]->username) == 0) {
	strcpy(salt, userdb[i]->pwdhash);
	salt[2] = '\0';
	if (strcmp(userdb[i]->pwdhash, crypt(pwd, salt)) == 0)
	return 1;
	}
	}
	return 0;
	}

	// Does user USERNAME have permission PERM
	char isallowed(const char username, const char perm)
	{
	int i;
	char *dperm;
	char *tmp;

	// If no users, then everybody is allowed to do everything
	if (numusers == 0)
	return 1;
	if (strcmp(username, GUEST_USER) == 0)
	return 0;
	dperm = (char *)malloc(strlen(perm) + 3);
	strcpy(dperm + 1, perm);
	dperm[0] = ':';
	dperm[strlen(perm) + 1] = ':';
	dperm[strlen(perm) + 2] = 0;
	// Now dperm = ":perm:"
	for (i = 0; i < numusers; i++) {
	if (strcmp(userdb[i]->username, username) == 0) // Found the user
	{
	if (userdb[i]->perms == NULL)
	return 0; // No permission
	tmp = strstr(userdb[i]->perms, dperm); // Search for permission
	free(dperm); // Release memory
	if (tmp == NULL)
	return 0;
	else
	return 1;
	}
	}
	// User not found return 0
	free(dperm);
	return 0;
	}

	// Initialise the list of of user passwords permissions from file
	void init_passwords(const char *filename)
	{
	int i;
	char line[MAX_LINE], p, user, pwdhash, perms;
	FILE *f;

	for (i = 0; i < MAX_USERS; i++)
	userdb[i] = NULL;
	numusers = 0;

	if (!filename)
	return; // No filename specified

	f = fopen(filename, "r");
	if (!f)
	return; // File does not exist

	// Process each line
	while (fgets(line, sizeof line, f)) {
	// Replace EOLN with \0
	p = strchr(line, '\r');
	if (p)
	*p = '\0';
	p = strchr(line, '\n');
	if (p)
	*p = '\0';

	// If comment line or empty ignore line
	p = line;
	while (*p == ' ')
	p++; // skip initial spaces
	if ((p == '#') \|\| (p == '\0'))
	continue; // Skip comment lines

	user = p; // This is where username starts
	p = strchr(user, ':');
	if (p == NULL)
	continue; // Malformed line skip
	*p = '\0';
	pwdhash = p + 1;
	if (*pwdhash == 0)
	continue; // Malformed line (no password specified)
	p = strchr(pwdhash, ':');
	if (p == NULL) { // No perms specified
	perms = NULL;
	} else {
	*p = '\0';
	perms = p + 1;
	if (*perms == 0)
	perms = NULL;
	}
	// At this point we have user,pwdhash and perms setup
	userdb[numusers] = (p_pwdentry) malloc(sizeof(pwdentry));
	strcpy(userdb[numusers]->username, user);
	strcpy(userdb[numusers]->pwdhash, pwdhash);
	if (perms == NULL)
	userdb[numusers]->perms = NULL;
	else {
	userdb[numusers]->perms = (char *)malloc(strlen(perms) + 3);
	(userdb[numusers]->perms)[0] = ':';
	strcpy(userdb[numusers]->perms + 1, perms);
	(userdb[numusers]->perms)[strlen(perms) + 1] = ':';
	(userdb[numusers]->perms)[strlen(perms) + 2] = 0;
	// Now perms field points to ":perms:"
	}
	numusers++;
	}
	fclose(f);
	}

	void close_passwords(void)
	{
	int i;

	for (i = 0; i < numusers; i++)
	if (userdb[i] != NULL)
	free(userdb[i]);
	numusers = 0;
	}