From 2cedaf2c2ac9e4b4e3078c5a6f04ba5fc3f4f5b3 Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Wed, 11 Oct 2017 14:46:54 -0400 Subject: Update lumina-checkpass with 2 additional options: 1. "-fd " pass in a file descriptor (such as 0 for standard input) to read password 2. "-f " pass in a file path to read the password Then update lumina-desktop-unified to use the "-f" version with a QTemporaryFile. I was trying to get it to use the "-fd" version, but the file descriptor I am getting from the QTemporaryFile does not seem to work properly - still need to track this down a bit more later but the -f option works fine for now. --- src-qt5/core/lumina-checkpass/main.c | 39 +++++++++++++++++++++++++++++++----- 1 file changed, 34 insertions(+), 5 deletions(-) (limited to 'src-qt5/core/lumina-checkpass/main.c') diff --git a/src-qt5/core/lumina-checkpass/main.c b/src-qt5/core/lumina-checkpass/main.c index e12e7c78..481cce33 100644 --- a/src-qt5/core/lumina-checkpass/main.c +++ b/src-qt5/core/lumina-checkpass/main.c @@ -14,23 +14,52 @@ //=========================================== //Standard C libary #include // Standard C +#include #include // Usage output #include // User DB information +#include //PAM/security libraries #include #include #include +void showUsage(){ + puts("lumina-checkpass: Simple user-level check for password validity (for screen unlockers and such)."); + puts("Usage:"); + puts(" lumina-checkpass "); + puts(" lumina-checkpass -fd "); + puts(" lumina-checkpass -f "); + puts("Returns: 0 for a valid password, 1 for invalid"); +} + int main(int argc, char** argv){ //Check the inputs - if(argc!=2){ + if(argc<2){ //Invalid inputs - show the help text - puts("lumina-checkpass: Simple user-level check for password validity (for screen unlockers and such)."); - puts("Usage: lumina-checkpass "); - puts("Returns: 0 for a valid password, 1 for invalid"); + showUsage(); return 1; } + char*pass = 0; + if(argc==2){ pass = argv[1]; } + else if(argc==3 && 0==strcmp(argv[1],"-fd") ){ + FILE *fp = fdopen(atoi(argv[2]), "r"); + size_t len; + if(fp!=0){ + ssize_t slen = getline(&pass, &len, fp); + if(pass[slen-1]=='\n'){ pass[slen-1] = '\0'; } + } + fclose(fp); + }else if(argc==3 && 0==strcmp(argv[1],"-f") ){ + FILE *fp = fopen(argv[2], "r"); + size_t len; + if(fp!=0){ + ssize_t slen = getline(&pass, &len, fp); + if(pass[slen-1]=='\n'){ pass[slen-1] = '\0'; } + } + fclose(fp); + } + if(pass == 0){ puts("Could not read password!!"); return 1; } //error in reading password //Validate current user (make sure current UID matches the logged-in user, char* cUser = getlogin(); struct passwd *pwd = 0; @@ -44,7 +73,7 @@ int main(int argc, char** argv){ int ret = pam_start( "system", cUser, &pamc, &pamh); if(ret != PAM_SUCCESS){ return 1; } //could not init PAM //char* cPassword = argv[1]; - ret = pam_set_item(pamh, PAM_AUTHTOK, argv[1]); + ret = pam_set_item(pamh, PAM_AUTHTOK, pass); //Authenticate with PAM ret = pam_authenticate(pamh,0); //this can be true without verifying password if pam_self.so is used in the auth procedures (common) if( ret == PAM_SUCCESS ){ ret = pam_acct_mgmt(pamh,0); } //Check for valid, unexpired account and verify access restrictions -- cgit From 221c57a127579d6ad4849b475e107d7b60369db3 Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Thu, 12 Oct 2017 11:10:58 -0400 Subject: Remove the plaintext input option for lumina-checkpass, and add more usage reporting/output if the first input flag is invalid. --- src-qt5/core/lumina-checkpass/main.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src-qt5/core/lumina-checkpass/main.c') diff --git a/src-qt5/core/lumina-checkpass/main.c b/src-qt5/core/lumina-checkpass/main.c index 481cce33..2f54c8e6 100644 --- a/src-qt5/core/lumina-checkpass/main.c +++ b/src-qt5/core/lumina-checkpass/main.c @@ -27,7 +27,7 @@ void showUsage(){ puts("lumina-checkpass: Simple user-level check for password validity (for screen unlockers and such)."); puts("Usage:"); - puts(" lumina-checkpass "); + //puts(" lumina-checkpass "); puts(" lumina-checkpass -fd "); puts(" lumina-checkpass -f "); puts("Returns: 0 for a valid password, 1 for invalid"); @@ -35,14 +35,13 @@ void showUsage(){ int main(int argc, char** argv){ //Check the inputs - if(argc<2){ + if(argc!=3){ //Invalid inputs - show the help text showUsage(); return 1; } char*pass = 0; - if(argc==2){ pass = argv[1]; } - else if(argc==3 && 0==strcmp(argv[1],"-fd") ){ + if(argc==3 && 0==strcmp(argv[1],"-fd") ){ FILE *fp = fdopen(atoi(argv[2]), "r"); size_t len; if(fp!=0){ @@ -56,6 +55,11 @@ int main(int argc, char** argv){ if(fp!=0){ ssize_t slen = getline(&pass, &len, fp); if(pass[slen-1]=='\n'){ pass[slen-1] = '\0'; } + }else{ + puts("[ERROR] Unknown option provided"); + puts("----------------"); + showUsage(); + return 1; } fclose(fp); } -- cgit