From df04283d6156182012cd13f8c6c8e60a0605da7e Mon Sep 17 00:00:00 2001 From: Brian Gianforcaro Date: Sun, 12 Sep 2021 07:02:17 -0700 Subject: [PATCH] LibCore: Make Account::authenticate take a SecretString To encourage users to use the SecretString API, change the API so that Account::authenticate only accepts a SecretString. --- Userland/Libraries/LibCore/Account.cpp | 4 ++-- Userland/Libraries/LibCore/Account.h | 3 ++- Userland/Utilities/passwd.cpp | 2 +- Userland/Utilities/pls.cpp | 2 +- Userland/Utilities/su.cpp | 2 +- 5 files changed, 7 insertions(+), 6 deletions(-) diff --git a/Userland/Libraries/LibCore/Account.cpp b/Userland/Libraries/LibCore/Account.cpp index 7351a79782..d46bb80731 100644 --- a/Userland/Libraries/LibCore/Account.cpp +++ b/Userland/Libraries/LibCore/Account.cpp @@ -159,7 +159,7 @@ Result Account::from_uid(uid_t uid, Read options) return from_passwd(*pwd, *spwd); } -bool Account::authenticate(const char* password) const +bool Account::authenticate(SecretString const& password) const { // If there was no shadow entry for this account, authentication always fails. if (m_password_hash.is_null()) @@ -170,7 +170,7 @@ bool Account::authenticate(const char* password) const return true; // FIXME: Use crypt_r if it can be built in lagom. - char* hash = crypt(password, m_password_hash.characters()); + char* hash = crypt(password.characters(), m_password_hash.characters()); return hash != nullptr && strcmp(hash, m_password_hash.characters()) == 0; } diff --git a/Userland/Libraries/LibCore/Account.h b/Userland/Libraries/LibCore/Account.h index fc8443cee7..d0c3360575 100644 --- a/Userland/Libraries/LibCore/Account.h +++ b/Userland/Libraries/LibCore/Account.h @@ -10,6 +10,7 @@ #include #include #include +#include #include #ifndef AK_OS_BSD_GENERIC # include @@ -36,7 +37,7 @@ public: static Result from_name(const char* username, Read options = Read::All); static Result from_uid(uid_t uid, Read options = Read::All); - bool authenticate(const char* password) const; + bool authenticate(SecretString const& password) const; bool login() const; String username() const { return m_username; } diff --git a/Userland/Utilities/passwd.cpp b/Userland/Utilities/passwd.cpp index 70860db604..12032a0c89 100644 --- a/Userland/Utilities/passwd.cpp +++ b/Userland/Utilities/passwd.cpp @@ -90,7 +90,7 @@ int main(int argc, char** argv) return 1; } - if (!target_account.authenticate(current_password.value().characters())) { + if (!target_account.authenticate(current_password.value())) { warnln("Incorrect or disabled password."); warnln("Password for user {} unchanged.", target_account.username()); return 1; diff --git a/Userland/Utilities/pls.cpp b/Userland/Utilities/pls.cpp index e617e7d8a0..5e88a4c633 100644 --- a/Userland/Utilities/pls.cpp +++ b/Userland/Utilities/pls.cpp @@ -55,7 +55,7 @@ int main(int argc, char** argv) } auto const& password = password_or_error.value(); - if (!account.authenticate(password.characters())) { + if (!account.authenticate(password)) { warnln("Incorrect or disabled password."); return 1; } diff --git a/Userland/Utilities/su.cpp b/Userland/Utilities/su.cpp index c9290fd63c..d737f14129 100644 --- a/Userland/Utilities/su.cpp +++ b/Userland/Utilities/su.cpp @@ -58,7 +58,7 @@ int main(int argc, char** argv) return 1; } - if (!account.authenticate(password.value().characters())) { + if (!account.authenticate(password.value())) { warnln("Incorrect or disabled password."); return 1; }