+package org.ibex.crypto;
+import org.ibex.util.*;
+import java.util.*;
+import java.io.*;
+
+/**
+ * Right now this is a big fat hack; at some point it would be nice
+ * to try lots of different techniques (JNI/getpwent(),
+ * Runtime.exec(),
+ * http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libcrypt/crypt-md5.c
+ *
+ * Also, this currently assumes that the user has MD5 passwords
+ * enabled and OpenSSL installed.
+ */
+public class EtcPasswd {
+ public static boolean verify(String user, String pass) {
+ try {
+ BufferedReader br = new BufferedReader(new InputStreamReader(new FileInputStream("/etc/passwd-")));
+ for(String s = br.readLine(); s != null; s = br.readLine()) {
+ StringTokenizer st = new StringTokenizer(s, ":");
+ if (!user.equals(st.nextToken())) continue;
+ try {
+ String stuff = st.nextToken();
+ StringTokenizer st2 = new StringTokenizer(stuff, "$");
+ st2.nextToken();
+ String salt = st2.nextToken();
+ Process p =
+ Runtime.getRuntime().exec(new String[] {
+ "/usr/bin/openssl",
+ "passwd",
+ "-1",
+ "-stdin",
+ "-salt",
+ salt });
+ PrintWriter pw = new PrintWriter(p.getOutputStream());
+ pw.println(pass);
+ pw.flush();
+ pw.close();
+ BufferedReader br2 = new BufferedReader(new InputStreamReader(p.getInputStream()));
+ String recrypt = br2.readLine();
+ p.waitFor();
+ if (recrypt.equals(stuff)) return true;
+ } catch (Exception e) { Log.warn(EtcPasswd.class, e); }
+ }
+ } catch (Exception e) { Log.warn(EtcPasswd.class, e); }
+ return false;
+ }
+}
projects / org.ibex.crypto.git / commitdiff