You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by rb...@apache.org on 2001/03/08 01:35:39 UTC
cvs commit: apr/user/unix userinfo.c
rbb 01/03/07 16:35:38
Modified: . CHANGES
include apr_user.h
user/unix userinfo.c
Log:
Allow a way to get the password from the system password database.
Non unix platforms will likely need a similar function.
Submitted by: John Barbee <jb...@covalent.net>
Revision Changes Path
1.72 +3 -0 apr/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apr/CHANGES,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -d -b -w -u -r1.71 -r1.72
--- CHANGES 2001/03/07 22:09:12 1.71
+++ CHANGES 2001/03/08 00:35:35 1.72
@@ -1,5 +1,8 @@
Changes with APR b1
+ *) Add a method to get the password from the system for a given
+ user. [John Barbee <jb...@covalent.net>]
+
*) Change the include path order, so that we look for included files
in the APR paths first, and the system paths second.
[jean-frederic clere <jf...@fujitsu-siemens.com>]
1.12 +10 -0 apr/include/apr_user.h
Index: apr_user.h
===================================================================
RCS file: /home/cvs/apr/include/apr_user.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -b -w -u -r1.11 -r1.12
--- apr_user.h 2001/02/21 23:38:47 1.11
+++ apr_user.h 2001/03/08 00:35:36 1.12
@@ -161,6 +161,16 @@
#define apr_compare_groups(left,right) ((left == right) ? APR_SUCCESS : APR_EMISMATCH)
#endif
+/**
+ * Get a password from the system, given a username.
+ * @param passwd The returned password
+ * @param username The username to get the password for
+ * @param p The pool to allocate out of.
+ * @deffunc apr_status_t apr_get_user_passwd(char **passwd, const char *username, apr_pool_t *p);
+ */
+APR_DECLARE(apr_status_t) apr_get_user_passwd(char **passwd,
+ const char *username, apr_pool_t *p);
+
#endif /* ! APR_HAS_USER */
#ifdef __cplusplus
1.10 +14 -0 apr/user/unix/userinfo.c
Index: userinfo.c
===================================================================
RCS file: /home/cvs/apr/user/unix/userinfo.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -b -w -u -r1.9 -r1.10
--- userinfo.c 2001/02/21 23:38:43 1.9
+++ userinfo.c 2001/03/08 00:35:37 1.10
@@ -129,4 +129,18 @@
*username = apr_pstrdup(p, pw->pw_name);
return APR_SUCCESS;
}
+
+APR_DECLARE(apr_status_t) apr_get_user_passwd(char **passwd,
+ const char *username, apr_pool_t *p)
+{
+ struct passwd *pw;
+ apr_status_t rv;
+
+ if ((rv = getpwnam_safe(username, &pw)) != APR_SUCCESS)
+ return rv;
+
+ *passwd = apr_pstrdup(p, pw->pw_passwd);
+
+ return APR_SUCCESS;
+}
Re: cvs commit: apr/user/unix userinfo.c
Posted by Jeff Trawick <tr...@bellsouth.net>.
rbb@covalent.net writes:
> Of course, you are correct this isn't very portable. However, with a bit
> of time and effort, and can be made portable. John has discovered exactly
> what you say in this message, and he will be working on making this much
> more portable in the next few days.
It would be helpful to see his plans before it is committed, as I need
to add special code to validate a password on OS/390. (John? Care to
briefly describe your plans here?)
For now I will put in a hack to keep that file compiling on OS/390 (no
pw_passwd field).
--
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...
Re: cvs commit: apr/user/unix userinfo.c
Posted by rb...@covalent.net.
On 8 Mar 2001, Jeff Trawick wrote:
> rbb@apache.org writes:
>
> > Allow a way to get the password from the system password database.
> > Non unix platforms will likely need a similar function.
> > Submitted by: John Barbee <jb...@covalent.net>
>
> How useful is this? It certainly isn't portable. Even some UNIX
> platforms cannot have such a function.
>
> Even with Linux, what happens with shadow passwords? You'll get "x"
> back for the password, though certainly that is not the encrypted
> password.
>
> If the goal is to validate a password, it is more portable to define a
> function which does that. Pass it a userid and password and let it
> tell the caller whether or not it worked.
>
> I think the strategy behind this needs to be reworked, and a new
> function with different semantics provided instead of a function to
> try to grab the password.
Of course, you are correct this isn't very portable. However, with a bit
of time and effort, and can be made portable. John has discovered exactly
what you say in this message, and he will be working on making this much
more portable in the next few days.
Ryan
_______________________________________________________________________________
Ryan Bloom rbb@apache.org
406 29th St.
San Francisco, CA 94131
-------------------------------------------------------------------------------
Re: cvs commit: apr/user/unix userinfo.c
Posted by Jeff Trawick <tr...@bellsouth.net>.
rbb@apache.org writes:
> Allow a way to get the password from the system password database.
> Non unix platforms will likely need a similar function.
> Submitted by: John Barbee <jb...@covalent.net>
How useful is this? It certainly isn't portable. Even some UNIX
platforms cannot have such a function.
Even with Linux, what happens with shadow passwords? You'll get "x"
back for the password, though certainly that is not the encrypted
password.
If the goal is to validate a password, it is more portable to define a
function which does that. Pass it a userid and password and let it
tell the caller whether or not it worked.
I think the strategy behind this needs to be reworked, and a new
function with different semantics provided instead of a function to
try to grab the password.
--
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...