add CheckPassword code

darcs-hash:20070705012902-5007d-981aff94709c9f1923b0c9c11e37ee9f92a8caec.gz

diff --git a/src/org/ibex/crypto/CheckPassword.java b/src/org/ibex/crypto/CheckPassword.java
new file mode 100644 (file)
index 0000000..a54c145
--- /dev/null
+++ b/src/org/ibex/crypto/CheckPassword.java
@@ -0,0 +1,47 @@
+// Copyright 2000-2005 the Contributors, as shown in the revision logs.
+// Licensed under the Apache Public Source License 2.0 ("the License").
+// You may not use this file except in compliance with the License.
+
+package org.ibex.crypto;
+import org.ibex.util.*;
+import java.util.*;
+import java.io.*;
+
+/**
+ *  Implementation of the "checkpassword" protocol; requires bash and
+ *  /bin/true.
+ *
+ *  Documented here:
+ *
+ *    http://cr.yp.to/checkpwd/interface.html
+ *
+ *  A debian implementation can be found in the "fgetty" package, and
+ *  gets installed in /bin/checkpassword.
+ */
+public class CheckPassword {
+    public static boolean verify(String user, String pass) {
+        try {
+            Process p =
+                Runtime.getRuntime().exec(new String[] {
+                    "bash",
+                    "-c",
+                    "checkpassword /bin/true 3<&0"
+                });
+            PrintWriter pw = new PrintWriter(p.getOutputStream());
+            pw.print(user);
+            pw.print('\0');
+            pw.print(pass);
+            pw.print('\0');
+            // timestamp (ignored)
+            pw.print('\0');
+            pw.flush();
+            pw.close();
+            int exitcode = p.waitFor();
+            // FEATURE: grab errors off of stderr?
+            if (exitcode!=0)
+                Log.error(CheckPassword.class, "exitcode " + exitcode);
+            return exitcode==0;
+        } catch (Exception e) { Log.warn(CheckPassword.class, e); }
+        return false;
+    }
+}