--- /dev/null
+// Copyright 2000-2005 the Contributors, as shown in the revision logs.
+// Licensed under the Apache Public Source License 2.0 ("the License").
+// You may not use this file except in compliance with the License.
+
+package org.ibex.crypto;
+import org.ibex.util.*;
+import java.util.*;
+import java.io.*;
+
+/**
+ * Implementation of the "checkpassword" protocol; requires bash and
+ * /bin/true.
+ *
+ * Documented here:
+ *
+ * http://cr.yp.to/checkpwd/interface.html
+ *
+ * A debian implementation can be found in the "fgetty" package, and
+ * gets installed in /bin/checkpassword.
+ */
+public class CheckPassword {
+ public static boolean verify(String user, String pass) {
+ try {
+ Process p =
+ Runtime.getRuntime().exec(new String[] {
+ "bash",
+ "-c",
+ "checkpassword /bin/true 3<&0"
+ });
+ PrintWriter pw = new PrintWriter(p.getOutputStream());
+ pw.print(user);
+ pw.print('\0');
+ pw.print(pass);
+ pw.print('\0');
+ // timestamp (ignored)
+ pw.print('\0');
+ pw.flush();
+ pw.close();
+ int exitcode = p.waitFor();
+ // FEATURE: grab errors off of stderr?
+ if (exitcode!=0)
+ Log.error(CheckPassword.class, "exitcode " + exitcode);
+ return exitcode==0;
+ } catch (Exception e) { Log.warn(CheckPassword.class, e); }
+ return false;
+ }
+}