Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
05-21-2004, 02:54 PM
|
#1
|
|
Member
Registered: Apr 2002
Location: Montreal, Quebec
Distribution: Debian, Gentoo, RedHat
Posts: 142
Rep: 
|
Reading the passwd passwords
Hi there,
I would need to validate a set of username/password entered by a user and make sure they are valid. Basicly, I want my app to use the same list of passwords as the linux system.
I know the app will require root access in order to read the /etc/shadow file. But I need to be able to transform the passwords from their encrypted state to their original form.
If I remember corectly, there is an OS function to convert the string, but I am unable to find it again. Human memory is (unfortunatly) not permanent!
If I am entirely wrong, and there is no such function, anyone as an idea on how I could go about this??
Thanks in advance.
|
|
|
|
|
05-21-2004, 03:05 PM
|
#2
|
|
Senior Member
Registered: Jan 2004
Location: Oregon, USA
Distribution: Slackware
Posts: 1,246
Rep:
|
There is no function to unencrypt the passwords (how secure would that be?) Instead, you should encrypt the password that the user enters and compare it to the encrypted password in /etc/shadow.
The function is called crypt(). In order to compile/link your program you usually have to link with the libcrypt library (-lcrypt).
|
|
|
|
|
05-21-2004, 11:07 PM
|
#3
|
|
Member
Registered: Aug 2003
Location: Planet Earth
Distribution: Linux Mint
Posts: 216
Rep:
|
Here's an example that shows how to check if a password matches a username. You have to run the program as root since regular users don't have permissions to access the /etc/shadow file. The program also shows how to manipulate the terminal settings to turn off echo (so that passwords don't show up on the console when they are typed.) I've tried to include enough comments for the code to be educational. 
Code:
/*
* testpasswd.c
*
* A password checking program. Use at your own risk!
*
* Author: eric.r.turner(at)bitbreather(dot)com
*/
#include <crypt.h>
#include <shadow.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <termios.h>
#define _XOPEN_SOURCE
#include <unistd.h>
#define INPUT_LENGTH 256
#define SALT_LENGTH 12
int main() {
int authenticated = 0;
char* cryptedPassword = NULL;
char* newLine = NULL;
struct termios newTerminalSettings;
struct termios oldTerminalSettings;
struct spwd* passwordEntry = NULL;
char plainPassword[INPUT_LENGTH + 1];
char salt[SALT_LENGTH + 1];
char userName[INPUT_LENGTH + 1];
strcpy( plainPassword , "" );
strcpy( salt , "" );
strcpy( userName , "" );
/*
* Get the user login name.
*
* fgets captures the newline character, so replace
* the newline with a null termination character.
*/
printf( "Login: " );
fgets( userName , INPUT_LENGTH , stdin );
if( ( newLine = strrchr( userName , '\n' ) ) != NULL ) {
*newLine = '\0';
newLine = NULL;
}
/*
* Get the user password.
*
* We don't want to echo the user's password to the
* terminal, so temporarily disable ECHO in the
* terminal settings.
*
* fgets captures the newline character, so replace
* the newline with a null termination character.
*/
printf( "Password: " );
tcgetattr( fileno( stdin ) , &oldTerminalSettings );
newTerminalSettings = oldTerminalSettings;
newTerminalSettings.c_lflag &= ~ECHO;
tcsetattr( fileno( stdin ) , 0 , &newTerminalSettings );
fgets( plainPassword , INPUT_LENGTH , stdin );
printf( "\n" );
if( ( newLine = strrchr( plainPassword , '\n' ) ) != NULL ) {
*newLine = '\0';
newLine = NULL;
}
tcsetattr( fileno( stdin ) , 0 , &oldTerminalSettings );
/*
* strcmp will match if one of its arguments
* has a length of zero! This is BAD when authenticating
* users, so make sure the user hasn't just hit Enter
* when supplying their username or password.
*/
if ( ( strlen( userName ) == 0 ) ||
( strlen( plainPassword ) == 0 ) ) {
printf( "You must enter a username or password.\n" );
return( -1 );
}
/*
* Compare the password entered by the user with the
* one listed in /etc/shadow.
*/
lckpwdf();
setspent();
if ( ( passwordEntry = getspnam( userName ) ) != NULL ) {
/*
* Use the the first 12 characters of the user's
* crypted password in /etc/shadow as the salt to crypt().
*/
strncpy( salt , passwordEntry->sp_pwdp , SALT_LENGTH );
cryptedPassword = crypt( plainPassword , salt );
if ( strcmp( passwordEntry->sp_pwdp , cryptedPassword ) == 0 ) {
authenticated = 1;
}
}
endspent();
ulckpwdf();
if ( authenticated ) {
printf( "Valid username and password.\n" );
} else {
printf( "Invalid username or password.\n" );
}
return( 0 );
}
Compile it with:
Code:
cc -o testpasswd testpasswd.c -lcrypt -lncurses
|
|
|
|
All times are GMT -5. The time now is 09:16 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
