2 * Dropbear - a SSH2 server
4 * Copyright (c) 2002,2003 Matt Johnston
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
25 /* Validates a user password */
34 #ifdef ENABLE_SVR_PASSWORD_AUTH
36 static int constant_time_strcmp(const char* a
, const char* b
) {
37 size_t la
= strlen(a
);
38 size_t lb
= strlen(b
);
44 return constant_time_memcmp(a
, b
, la
);
47 /* Process a password auth request, sending success or failure messages as
49 void svr_auth_password() {
51 char * passwdcrypt
= NULL
; /* the crypt from /etc/passwd or /etc/shadow */
52 char * testcrypt
= NULL
; /* crypt generated from the user's password sent */
53 unsigned char * password
;
54 unsigned int passwordlen
;
56 unsigned int changepw
;
58 passwdcrypt
= ses
.authstate
.pw_passwd
;
60 #ifdef DEBUG_HACKCRYPT
61 /* debugging crypt for non-root testing with shadows */
62 passwdcrypt
= DEBUG_HACKCRYPT
;
65 /* check if client wants to change password */
66 changepw
= buf_getbool(ses
.payload
);
68 /* not implemented by this server */
69 send_msg_userauth_failure(0, 1);
73 password
= buf_getstring(ses
.payload
, &passwordlen
);
75 /* the first bytes of passwdcrypt are the salt */
76 testcrypt
= crypt((char*)password
, passwdcrypt
);
77 m_burn(password
, passwordlen
);
80 if (testcrypt
== NULL
) {
81 /* crypt() with an invalid salt like "!!" */
82 dropbear_log(LOG_WARNING
, "User account '%s' is locked",
83 ses
.authstate
.pw_name
);
84 send_msg_userauth_failure(0, 1);
88 /* check for empty password */
89 if (passwdcrypt
[0] == '\0') {
90 dropbear_log(LOG_WARNING
, "User '%s' has blank password, rejected",
91 ses
.authstate
.pw_name
);
92 send_msg_userauth_failure(0, 1);
96 if (constant_time_strcmp(testcrypt
, passwdcrypt
) == 0) {
97 /* successful authentication */
98 dropbear_log(LOG_NOTICE
,
99 "Password auth succeeded for '%s' from %s",
100 ses
.authstate
.pw_name
,
102 send_msg_userauth_success();
104 dropbear_log(LOG_WARNING
,
105 "Bad password attempt for '%s' from %s",
106 ses
.authstate
.pw_name
,
108 send_msg_userauth_failure(0, 1);