diff options
| author | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-06-17 20:09:33 -0400 |
|---|---|---|
| committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-06-17 20:09:33 -0400 |
| commit | 4d12729aa4026229e4e118b924cc3b1c75ca214b (patch) | |
| tree | abd9a69ec11504844148b1017f9e9601ef7e90b8 /go/parabola_hackers/nslcd_backend/db_passwd.go | |
| parent | 4f175a22cf726bfa09652d8d9ca6374785561348 (diff) | |
write setuid, move things around
Diffstat (limited to 'go/parabola_hackers/nslcd_backend/db_passwd.go')
| -rw-r--r-- | go/parabola_hackers/nslcd_backend/db_passwd.go | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/go/parabola_hackers/nslcd_backend/db_passwd.go b/go/parabola_hackers/nslcd_backend/db_passwd.go new file mode 100644 index 0000000..3f32ddd --- /dev/null +++ b/go/parabola_hackers/nslcd_backend/db_passwd.go @@ -0,0 +1,82 @@ +// Copyright 2015-2016 Luke Shumaker <lukeshu@sbcglobal.net>. +// +// This is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License as +// published by the Free Software Foundation; either version 2 of +// the License, or (at your option) any later version. +// +// This software is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public +// License along with this manual; if not, see +// <http://www.gnu.org/licenses/>. + +package hackers_nslcd_backend + +import ( + s "syscall" + + p "lukeshu.com/git/go/libnslcd.git/proto" +) + +/* Note that the output password hash value should be one of: + <empty> - no password set, allow login without password + ! - used to prevent logins + x - "valid" encrypted password that does not match any valid password + often used to indicate that the password is defined elsewhere + other - encrypted password, in crypt(3) format */ + +func (o *Hackers) Passwd_ByName(cred s.Ucred, req p.Request_Passwd_ByName) <-chan p.Passwd { + o.lock.RLock() + ret := make(chan p.Passwd) + go func() { + defer o.lock.RUnlock() + defer close(ret) + + uid := o.name2uid(req.Name) + if uid < 0 { + return + } + passwd := o.users[uid].Passwd + passwd.PwHash = "x" // only put actual hashes in the Shadow DB + ret <- passwd + }() + return ret +} + +func (o *Hackers) Passwd_ByUID(cred s.Ucred, req p.Request_Passwd_ByUID) <-chan p.Passwd { + o.lock.RLock() + ret := make(chan p.Passwd) + go func() { + defer o.lock.RUnlock() + defer close(ret) + + user, found := o.users[req.UID] + if !found { + return + } + passwd := user.Passwd + passwd.PwHash = "x" // only put actual hashes in the Shadow DB + ret <- passwd + }() + return ret +} + +func (o *Hackers) Passwd_All(cred s.Ucred, req p.Request_Passwd_All) <-chan p.Passwd { + o.lock.RLock() + ret := make(chan p.Passwd) + go func() { + defer o.lock.RUnlock() + defer close(ret) + + for _, user := range o.users { + passwd := user.Passwd + passwd.PwHash = "x" // only put actual hashes in the Shadow DB + ret <- passwd + } + }() + return ret +} |