launch_daemon: Don't verify passwords.
* Instead, the caller should have done this already. This is really outside of the scope of the launch_daemon. * Fixed Login with empty passwords; removed the (unused) test login feature along the way.
This commit is contained in:
parent
cb82874e92
commit
560119c9a4
|
@ -25,8 +25,7 @@ public:
|
|||
status_t Target(const char* name, BMessage& data,
|
||||
const char* baseName = NULL);
|
||||
|
||||
status_t StartSession(const char* login,
|
||||
const char* password);
|
||||
status_t StartSession(const char* login);
|
||||
|
||||
class Private;
|
||||
|
||||
|
|
|
@ -144,21 +144,19 @@ LoginApp::ArgvReceived(int32 argc, char **argv)
|
|||
void
|
||||
LoginApp::TryLogin(BMessage *message)
|
||||
{
|
||||
BMessage reply(kLoginBad);
|
||||
status_t status = B_BAD_VALUE;
|
||||
|
||||
const char *login;
|
||||
const char *password;
|
||||
BMessage reply(kLoginBad);
|
||||
const char* login;
|
||||
if (message->FindString("login", &login) == B_OK) {
|
||||
if (message->FindString("password", &password) < B_OK)
|
||||
password = NULL;
|
||||
const char* password = message->GetString("password");
|
||||
|
||||
if (password != NULL) {
|
||||
status = StartUserSession(login, password);
|
||||
status = ValidateLogin(login, password);
|
||||
if (status == B_OK) {
|
||||
status = BLaunchRoster().StartSession(login);
|
||||
if (status == B_OK)
|
||||
Quit();
|
||||
} else
|
||||
status = ValidateLogin(login, password);
|
||||
}
|
||||
|
||||
fprintf(stderr, "ValidateLogin: %s\n", strerror(status));
|
||||
}
|
||||
|
@ -179,39 +177,18 @@ LoginApp::ValidateLogin(const char *login, const char *password)
|
|||
struct passwd *pwd;
|
||||
|
||||
pwd = getpwnam(login);
|
||||
if (!pwd)
|
||||
if (pwd == NULL)
|
||||
return ENOENT;
|
||||
if (strcmp(pwd->pw_name, login))
|
||||
if (strcmp(pwd->pw_name, login) != 0)
|
||||
return ENOENT;
|
||||
|
||||
if (password == NULL) {
|
||||
// we only want to check is login exists.
|
||||
return B_OK;
|
||||
}
|
||||
|
||||
#ifdef __HAIKU__
|
||||
if (verify_password(pwd, getspnam(login), password))
|
||||
return B_OK;
|
||||
#else
|
||||
// for testing
|
||||
if (strcmp(crypt(password, pwd->pw_passwd), pwd->pw_passwd) == 0)
|
||||
return B_OK;
|
||||
#endif
|
||||
|
||||
return B_PERMISSION_DENIED;
|
||||
}
|
||||
|
||||
|
||||
status_t
|
||||
LoginApp::StartUserSession(const char* login, const char* password)
|
||||
{
|
||||
if (login == NULL || password == NULL)
|
||||
return B_BAD_VALUE;
|
||||
|
||||
return BLaunchRoster().StartSession(login, password);
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
LoginApp::getpty(char *pty, char *tty)
|
||||
{
|
||||
|
|
|
@ -29,7 +29,6 @@ public:
|
|||
private:
|
||||
void TryLogin(BMessage *message);
|
||||
status_t ValidateLogin(const char *login, const char *password);
|
||||
status_t StartUserSession(const char *login, const char *password);
|
||||
int getpty(char *pty, char *tty);
|
||||
|
||||
DesktopWindow* fDesktopWindow;
|
||||
|
|
|
@ -175,17 +175,15 @@ BLaunchRoster::Target(const char* name, BMessage& data, const char* baseName)
|
|||
|
||||
|
||||
status_t
|
||||
BLaunchRoster::StartSession(const char* login, const char* password)
|
||||
BLaunchRoster::StartSession(const char* login)
|
||||
{
|
||||
if (login == NULL || password == NULL)
|
||||
if (login == NULL)
|
||||
return B_BAD_VALUE;
|
||||
|
||||
BMessage request(B_LAUNCH_SESSION);
|
||||
status_t status = request.AddInt32("user", getuid());
|
||||
if (status == B_OK)
|
||||
status = request.AddString("login", login);
|
||||
if (status == B_OK)
|
||||
status = request.AddString("password", password);
|
||||
if (status != B_OK)
|
||||
return status;
|
||||
|
||||
|
|
|
@ -105,8 +105,7 @@ private:
|
|||
void _SetCondition(BaseJob* job,
|
||||
const BMessage& message);
|
||||
|
||||
status_t _StartSession(const char* login,
|
||||
const char* password);
|
||||
status_t _StartSession(const char* login);
|
||||
|
||||
void _RetrieveKernelOptions();
|
||||
void _SetupEnvironment();
|
||||
|
@ -361,15 +360,15 @@ LaunchDaemon::MessageReceived(BMessage* message)
|
|||
|
||||
status_t status = B_OK;
|
||||
const char* login = message->GetString("login");
|
||||
const char* password = message->GetString("password");
|
||||
if (login == NULL || password == NULL)
|
||||
if (login == NULL)
|
||||
status = B_BAD_VALUE;
|
||||
if (status == B_OK && user != 0) {
|
||||
// Only the root user can start sessions
|
||||
// TODO: we'd actually need to know the uid of the sender
|
||||
status = B_PERMISSION_DENIED;
|
||||
}
|
||||
if (status == B_OK)
|
||||
status = _StartSession(login, password);
|
||||
status = _StartSession(login);
|
||||
|
||||
BMessage reply((uint32)status);
|
||||
message->SendReply(&reply);
|
||||
|
@ -699,11 +698,9 @@ LaunchDaemon::_SetCondition(BaseJob* job, const BMessage& message)
|
|||
|
||||
|
||||
status_t
|
||||
LaunchDaemon::_StartSession(const char* login, const char* password)
|
||||
LaunchDaemon::_StartSession(const char* login)
|
||||
{
|
||||
Unlock();
|
||||
|
||||
// TODO: enable user/group code and password authentication
|
||||
// TODO: enable user/group code
|
||||
// The launch_daemon currently cannot talk to the registrar, though
|
||||
/*
|
||||
struct passwd* passwd = getpwnam(login);
|
||||
|
@ -712,15 +709,13 @@ LaunchDaemon::_StartSession(const char* login, const char* password)
|
|||
if (strcmp(passwd->pw_name, login) != 0)
|
||||
return B_NAME_NOT_FOUND;
|
||||
|
||||
// TODO: check for auto-login, and ignore password then
|
||||
if (!verify_password(passwd, getspnam(login), password))
|
||||
return B_PERMISSION_DENIED;
|
||||
|
||||
// Check if there is a user session running already
|
||||
uid_t user = passwd->pw_uid;
|
||||
gid_t group = passwd->pw_gid;
|
||||
*/
|
||||
|
||||
Unlock();
|
||||
|
||||
if (fork() == 0) {
|
||||
if (setsid() < 0)
|
||||
exit(EXIT_FAILURE);
|
||||
|
|
Loading…
Reference in New Issue