granicus.if.org Git - postgresql/blob - src/backend/libpq/password.c

   1 #include <postgres.h>
   2 #include <miscadmin.h>
   3 #include <libpq/password.h>
   4 #include <libpq/libpq.h>
   5 #include <storage/fd.h>
   6 #include <string.h>
   7 #include <unistd.h>
   8 #ifdef HAVE_CRYPT_H
   9 #include <crypt.h>
  10 #endif
  11
  12 int
  13 verify_password(char *auth_arg, char *user, char *password)
  14 {
  15         char    *pw_file_fullname;
  16         FILE    *pw_file;
  17
  18         pw_file_fullname = (char *) palloc(strlen(DataDir) + strlen(auth_arg) + 2);
  19         strcpy(pw_file_fullname, DataDir);
  20         strcat(pw_file_fullname, "/");
  21         strcat(pw_file_fullname, auth_arg);
  22
  23         pw_file = AllocateFile(pw_file_fullname, "r");
  24         if (!pw_file)
  25         {
  26                 sprintf(PQerrormsg,
  27                                 "verify_password: couldn't open password file '%s'\n",
  28                                 pw_file_fullname);
  29                 fputs(PQerrormsg, stderr);
  30                 pqdebug("%s", PQerrormsg);
  31
  32                 pfree(pw_file_fullname);
  33
  34                 return STATUS_ERROR;
  35         }
  36
  37         while (!feof(pw_file))
  38         {
  39                 char pw_file_line[255], *p, *test_user, *test_pw;
  40
  41                 fgets(pw_file_line, sizeof (pw_file_line), pw_file);
  42                 p = pw_file_line;
  43
  44                 test_user = strtok(p, ":");
  45                 test_pw = strtok(NULL, ":");
  46                 if (!test_user || !test_pw ||
  47                         test_user[0] == '\0' || test_pw[0] == '\0')
  48                 {
  49                         continue;
  50                 }
  51
  52                 /* kill the newline */
  53                 if (test_pw[strlen(test_pw) - 1] == '\n')
  54                         test_pw[strlen(test_pw) - 1] = '\0';
  55
  56                 if (strcmp(user, test_user) == 0)
  57                 {
  58                         /* we're outta here one way or the other. */
  59                         FreeFile(pw_file);
  60
  61                         if (strcmp(crypt(password, test_pw), test_pw) == 0)
  62                         {
  63                                 /* it matched. */
  64
  65                                 pfree(pw_file_fullname);
  66
  67                                 return STATUS_OK;
  68                         }
  69
  70                         sprintf(PQerrormsg,
  71                                         "verify_password: password mismatch for '%s'.\n",
  72                                         user);
  73                         fputs(PQerrormsg, stderr);
  74                         pqdebug("%s", PQerrormsg);
  75
  76                         pfree(pw_file_fullname);
  77
  78                         return STATUS_ERROR;
  79                 }
  80         }
  81
  82         sprintf(PQerrormsg,
  83                         "verify_password: user '%s' not found in password file.\n",
  84                         user);
  85         fputs(PQerrormsg, stderr);
  86         pqdebug("%s", PQerrormsg);
  87
  88         pfree(pw_file_fullname);
  89
  90         return STATUS_ERROR;
  91 }