1 files changed, 159 insertions, 0 deletions

diff --git a/contrib/syslinux-4.02/com32/cmenu/libmenu/passwords.c b/contrib/syslinux-4.02/com32/cmenu/libmenu/passwords.c
new file mode 100644
index 0000000..44ce461
--- /dev/null
+++ b/contrib/syslinux-4.02/com32/cmenu/libmenu/passwords.c
@@ -0,0 +1,159 @@
+/* -*- c -*- ------------------------------------------------------------- *
+ *
+ *   Copyright 2004-2005 Murali Krishnan Ganapathy - All Rights Reserved
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation, Inc., 53 Temple Place Ste 330,
+ *   Bostom MA 02111-1307, USA; either version 2 of the License, or
+ *   (at your option) any later version; incorporated herein by reference.
+ *
+ * ----------------------------------------------------------------------- */
+
+#include "passwords.h"
+#include "des.h"
+#include "string.h"
+#include <stdlib.h>
+#include <stdio.h>
+#include "tui.h"
+
+#define MAX_LINE 512
+// Max line length in a pwdfile
+p_pwdentry userdb[MAX_USERS];	// Array of pointers
+int numusers;			// Actual number of users
+
+// returns true or false, i.e. 1 or 0
+char authenticate_user(const char *username, const char *pwd)
+{
+    char salt[12];
+    int i;
+
+    for (i = 0; i < numusers; i++) {
+	if (userdb[i] == NULL)
+	    continue;
+	if (strcmp(username, userdb[i]->username) == 0) {
+	    strcpy(salt, userdb[i]->pwdhash);
+	    salt[2] = '\0';
+	    if (strcmp(userdb[i]->pwdhash, crypt(pwd, salt)) == 0)
+		return 1;
+	}
+    }
+    return 0;
+}
+
+// Does user USERNAME  have permission PERM
+char isallowed(const char *username, const char *perm)
+{
+    int i;
+    char *dperm;
+    char *tmp;
+
+    // If no users, then everybody is allowed to do everything
+    if (numusers == 0)
+	return 1;
+    if (strcmp(username, GUEST_USER) == 0)
+	return 0;
+    dperm = (char *)malloc(strlen(perm) + 3);
+    strcpy(dperm + 1, perm);
+    dperm[0] = ':';
+    dperm[strlen(perm) + 1] = ':';
+    dperm[strlen(perm) + 2] = 0;
+    // Now dperm = ":perm:"
+    for (i = 0; i < numusers; i++) {
+	if (strcmp(userdb[i]->username, username) == 0)	// Found the user
+	{
+	    if (userdb[i]->perms == NULL)
+		return 0;	// No permission
+	    tmp = strstr(userdb[i]->perms, dperm);	// Search for permission
+	    free(dperm);	// Release memory
+	    if (tmp == NULL)
+		return 0;
+	    else
+		return 1;
+	}
+    }
+    // User not found return 0
+    free(dperm);
+    return 0;
+}
+
+// Initialise the list of of user passwords permissions from file
+void init_passwords(const char *filename)
+{
+    int i;
+    char line[MAX_LINE], *p, *user, *pwdhash, *perms;
+    FILE *f;
+
+    for (i = 0; i < MAX_USERS; i++)
+	userdb[i] = NULL;
+    numusers = 0;
+
+    if (!filename)
+	return;			// No filename specified
+
+    f = fopen(filename, "r");
+    if (!f)
+	return;			// File does not exist
+
+    // Process each line
+    while (fgets(line, sizeof line, f)) {
+	// Replace EOLN with \0
+	p = strchr(line, '\r');
+	if (p)
+	    *p = '\0';
+	p = strchr(line, '\n');
+	if (p)
+	    *p = '\0';
+
+	// If comment line or empty ignore line
+	p = line;
+	while (*p == ' ')
+	    p++;		// skip initial spaces
+	if ((*p == '#') || (*p == '\0'))
+	    continue;		// Skip comment lines
+
+	user = p;		// This is where username starts
+	p = strchr(user, ':');
+	if (p == NULL)
+	    continue;		// Malformed line skip
+	*p = '\0';
+	pwdhash = p + 1;
+	if (*pwdhash == 0)
+	    continue;		// Malformed line (no password specified)
+	p = strchr(pwdhash, ':');
+	if (p == NULL) {	// No perms specified
+	    perms = NULL;
+	} else {
+	    *p = '\0';
+	    perms = p + 1;
+	    if (*perms == 0)
+		perms = NULL;
+	}
+	// At this point we have user,pwdhash and perms setup
+	userdb[numusers] = (p_pwdentry) malloc(sizeof(pwdentry));
+	strcpy(userdb[numusers]->username, user);
+	strcpy(userdb[numusers]->pwdhash, pwdhash);
+	if (perms == NULL)
+	    userdb[numusers]->perms = NULL;
+	else {
+	    userdb[numusers]->perms = (char *)malloc(strlen(perms) + 3);
+	    (userdb[numusers]->perms)[0] = ':';
+	    strcpy(userdb[numusers]->perms + 1, perms);
+	    (userdb[numusers]->perms)[strlen(perms) + 1] = ':';
+	    (userdb[numusers]->perms)[strlen(perms) + 2] = 0;
+	    // Now perms field points to ":perms:"
+	}
+	numusers++;
+    }
+    fclose(f);
+}
+
+void close_passwords(void)
+{
+    int i;
+
+    for (i = 0; i < numusers; i++)
+	if (userdb[i] != NULL)
+	    free(userdb[i]);
+    numusers = 0;
+}