|
Home > Archive > Unix Programming > October 2005 > verifying password
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
verifying password
|
|
|
| I want to verify the password of a user by accepting the password and
comparing with the entry in the /etc/shadow file .But I a, getting an
error
The following code is giving one error
/home/training/prasanna/unix system programming/testpas.c:19: undefined
reference to `crypt'
collect2: ld returned 1 exit status
the code as foolows
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <crypt.h>
#include <stdlib.h>
#include <sys/types.h>
#include<pwd.h>
int main()
{
struct passwd *pw;
char *password="prasanna";
char *epass;
epass=(char*)malloc(20);
pw=getpwnam("prasanna");
epass=crypt(password,pw->pw_passwd);
if(strcmp(epass,pw->pw_passwd)==0)
printf("login success\n");
else
printf("login failure\n");
return 0;
}//end of main
please let me know why it ios giving the error
if the method i am following is not correct please tell me the other
alternative
thanks
prasi
| |
| Maxim Yegorushkin 2005-10-25, 7:48 am |
|
prasi wrote:
> I want to verify the password of a user by accepting the password and
> comparing with the entry in the /etc/shadow file .But I a, getting an
> error
> The following code is giving one error
> /home/training/prasanna/unix system programming/testpas.c:19: undefined
> reference to `crypt'
> collect2: ld returned 1 exit status
man crypt
....
Programs using this function must be linked with -lcrypt.
| |
|
|
Maxim Yegorushkin wrote:
> prasi wrote:
>
> man crypt
>
> ...
>
> Programs using this function must be linked with -lcrypt.
hi
I tried by linking -lcrypt i am getting no errors but i am getting
worng output can u tell me why?
thanks
| |
| Rainer Temme 2005-10-25, 7:48 am |
| prasi wrote:
> I want to verify the password of a user by accepting the password and
> comparing with the entry in the /etc/shadow file .But I a, getting an
> error
> The following code is giving one error
> /home/training/prasanna/unix system programming/testpas.c:19: undefined
> reference to `crypt'
> collect2: ld returned 1 exit status
Link with -lcrypt
>
> the code as foolows
> #include <stdio.h>
> #include <string.h>
> #include <unistd.h>
> #include <crypt.h>
> #include <stdlib.h>
> #include <sys/types.h>
> #include<pwd.h>
>
>
> int main()
> {
> struct passwd *pw;
>
> char *password="prasanna";
> char *epass;
> epass=(char*)malloc(20);
No, don't allocate memory to epass
> pw=getpwnam("prasanna");
Check if pw is NULL
> epass=crypt(password,pw->pw_passwd);
No, crypt() expects a 2 character "salt" as the second argument.
Therefore, you should copy the first 2 characters of ps->pw_passwd into
a new string (dont forget to terminate this string with a null-byte and
hand this new sting to crypt().
crypt() will allocate memory for the crypted password and will return
the pointer (which you then assign to epass ... that's why you shouldn't
allocate memory yourself.)
>
> if(strcmp(epass,pw->pw_passwd)==0)
> printf("login success\n");
> else
> printf("login failure\n");
>
> return 0;
>
>
> }//end of main
Regards ... Rainer
| |
| Villy Kruse 2005-10-25, 7:48 am |
| On Tue, 25 Oct 2005 13:03:39 +0200,
Rainer Temme <Rainer.Temme@NoSpam.Siemens.Com> wrote:
>
> No, crypt() expects a 2 character "salt" as the second argument.
> Therefore, you should copy the first 2 characters of ps->pw_passwd into
> a new string (dont forget to terminate this string with a null-byte and
> hand this new sting to crypt().
Not necessary. Crypt will only look at the first two characters of
the salt. The rest of the string can be anything, possibly the original
crypted password.
For some versions of crypt the salt can start with the sequence "$1$"
and in this case the following 8 characters will be the salt.
Villy
| |
| Villy Kruse 2005-10-25, 7:48 am |
| On 25 Oct 2005 03:56:09 -0700,
prasi <kp.prasanna@gmail.com> wrote:
>
> hi
> I tried by linking -lcrypt i am getting no errors but i am getting
> worng output can u tell me why?
> thanks
>
Define "wrong output".
Villy
| |
|
|
Casper H.S. Dik wrote:
> Rainer Temme <Rainer.Temme@NoSpam.Siemens.Com> writes:
>
>
>
>
> No, no, no!
>
> The proper thing to do is to pass the full encrypted password string;
> DO NOT COPY THE SALT.
>
> The reason is that the 2 byte salt is an implementation detail which
> may differ in from one implementation to the next and which is really
> only of concern for the implementer of the password algorithm.
>
> The following code:
>
> if (strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0)
> /* password is good */
>
> is the common idiom which works for many things besides ordinary
> passwords UNIX encrypted passwords.
>
>
> That is correct.
>
> There are several implementations where the pw->pw_passwd is either not
> a standard unix crypt password (MD5, or other new password scheme) or
> not even an encrypted password at all (e.g., the SunOS 4.x ##user shadow
> string)
>
> So in some cases a longer salt is needed (and passing the password gives
> all of the salt, guaranteed) and in some cases crypt does a side-band
> verification and returns the salt as indication of success (and it better
> be equal to pw->pw_passwd.
>
> Casper
> --
> Expressed in this posting are my opinions. They are in no way related
> to opinions held by my employer, Sun Microsystems.
> Statements on Sun products included here are not gospel and may
> be fiction rather than truth.
hi
the following is the line in the /etc/shadow file
prasanna:$1$RSfOn24H$nxi.k/FLhnW0NikqiG5Yk/:13052:-1:99999:-1:::
but when i execute getpwnam("prasanna"); it is giving only 'x'
but crypt(password,pw->pw_pass) it is giving "xxo0TZv2eqB22"
that is why strcmp results in mismatch.
bye
| |
| Villy Kruse 2005-10-26, 7:54 am |
| On 25 Oct 2005 21:32:11 -0700,
prasi <kp.prasanna@gmail.com> wrote:
> hi
>
> the following is the line in the /etc/shadow file
>
> prasanna:$1$RSfOn24H$nxi.k/FLhnW0NikqiG5Yk/:13052:-1:99999:-1:::
>
> but when i execute getpwnam("prasanna"); it is giving only 'x'
That is a hint you should use getspnam() to read the shadow entry to
get the real password. Then use sp->sp_pwdp instead of pw->pw_pass.
Naturaly, only superuser is able to use getspnam with success.
> but crypt(password,pw->pw_pass) it is giving "xxo0TZv2eqB22"
> that is why strcmp results in mismatch.
> bye
CAVEAT. There are several variations on how to do this, so consult
the man pages for your own system.
Villy
| |
| Rainer Temme 2005-10-26, 7:54 am |
| prasi wrote:
> hi
>
> the following is the line in the /etc/shadow file
>
> prasanna:$1$RSfOn24H$nxi.k/FLhnW0NikqiG5Yk/:13052:-1:99999:-1:::
>
> but when i execute getpwnam("prasanna"); it is giving only 'x'
> but crypt(password,pw->pw_pass) it is giving "xxo0TZv2eqB22"
> that is why strcmp results in mismatch.
> bye
Aha ... here we are ... /etc/shadow !!! ...
"man getspnam" ... (at least in my linux-system)
Regards ... Rainer
| |
|
|
Rainer Temme wrote:
> prasi wrote:
>
> Aha ... here we are ... /etc/shadow !!! ...
>
> "man getspnam" ... (at least in my linux-system)
hi all
At last i got it right
Now i am using /etc/shadow file
#include<stdio.h>
#include <unistd.h> /* crypt(), etc. */
#include <pwd.h> /* getpass(), getpwnam(). */
#include <string.h> /* strcmp(), etc. */
#include<shadow.h>
char user[21];
static int
password_auth_ok(pw, pass)
const struct passwd *pw;
const char *pass;
{
int result;
char *cp,*ecrypt;
struct spwd *sp;
sp = getspnam(user);//pw->pw_name);
cp = sp->sp_pwdp;
if (*pass || *cp)
{
ecrypt=crypt(pass, cp);
result = strcmp(ecrypt, cp);
}
else
result = 1;
return result;
}
int main()
{
/* buffers for reading in the user name and the password. */
char* password;
char* encrypted_password;
char salt[2];
int res;
struct spwd *user_info;
/* prompt the user for a user name. */
printf("User name: ");
fflush(stdout); /* flush the prompt to make sure the user sees it. */
fgets(user, 20, stdin);
if (strchr(user, '\n'))
*(strchr(user, '\n')) = '\0';
password = getpass("Password: ");
strcat(password,"\0");
/* find the user's encrypted password, as stored in "/etc/passwd". */
user_info=getspnam(user);
if (!user_info)
{
printf("login incorrect.\n");
exit(1);
}
res=password_auth_ok(user_info,password)
;
if(!res)
printf("eurekaa!!!!\n");
else
printf("tussssss\n");
return 0;
}
thanks for your support
| |
| Rainer Temme 2005-10-26, 7:54 am |
| prasi wrote:
> hi all
> At last i got it right
>
> Now i am using /etc/shadow file
Well, good to know, that everything has its explanation ;-)
> ...
> static int
> password_auth_ok(pw, pass)
> const struct passwd *pw;
> const char *pass;
> {
> ...
Hm ... is there any good reason to use old K&R-style instead
of the modern ansi-style ...
static int password_auth_ok(const struct passwd *pw,const char *pass)
{
...
}
Most compilers dont check parameter-types if coding uses K&R-style ...
so you do yourself a big favour when using ansi-style.
Regards ... Rainer
|
|
|
|
|