On Mon, Sep 11, 2006 at 10:35:23AM +0800, Vincent wrote: > Drar Matt: > I'm porting Dropbear 0.48.1 into my embedded linux system. > My authentication policy is to replase default /etc/password with my own > username/password library. > > But in svr-authpasswd.c, function void svr_auth_password(), > I don't know where can I found the clear text input password for my check. > > Can you advise me ? Or tell me which function in which file is the correct > way to integrate my own library.
Look at http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2006q3/000416.html for what I've suggested previously. In svr-auth.c the call to getpwnam() returns the struct passwd for the user. Various other parts of Dropbear rely on this being populated with pw_uid, pw_shell, pw_dir etc, so you'll have to fill that out manually even if you're not using /etc/passwd. svr_auth_password() then gets the cleartext password from the authentication packet with "password = buf_getstring(" then crypt()s it and compares it with the stored ses.authstate.pw->pw_passwd. To implement your own policy, replace the getpwnam() call in checkusername() with something of your own, that just checks that the username is valid and fills out the pw_ values. You could probably hardcode the values there if all users log in with the same userid/shell. Then you'll want to replace svr_auth_password() with something that uses the password = buf_getstring(...) and checks the user/password combination with your own code. Let me know if you have any problems. Cheers, Matt