vty: disable password encryption, remove dependency to lcrypt

neels/jolly/new_handover
Harald Welte 2009-05-21 07:31:48 +00:00
parent 12247c6713
commit d6cab81175
3 changed files with 16 additions and 2 deletions

View File

@ -14,7 +14,7 @@ libbsc_a_SOURCES = abis_rsl.c abis_nm.c gsm_04_08.c gsm_data.c \
libvty_a_SOURCES = vty/buffer.c vty/command.c vty/vector.c vty/vty.c
bsc_hack_SOURCES = bsc_hack.c vty_interface.c
bsc_hack_LDADD = libbsc.a libvty.a -ldl -ldbi -lcrypt
bsc_hack_LDADD = libbsc.a libvty.a -ldl -ldbi
bs11_config_SOURCES = bs11_config.c abis_nm.c gsm_data.c msgb.c debug.c \
select.c timer.c rs232.c tlv_parser.c signal.c
@ -22,4 +22,4 @@ bs11_config_SOURCES = bs11_config.c abis_nm.c gsm_data.c msgb.c debug.c \
ipaccess_find_SOURCES = ipaccess-find.c select.c timer.c
ipaccess_config_SOURCES = ipaccess-config.c
ipaccess_config_LDADD = libbsc.a libvty.a -ldl -ldbi -lcrypt
ipaccess_config_LDADD = libbsc.a libvty.a -ldl -ldbi

View File

@ -2705,11 +2705,13 @@ DEFUN(config_password, password_cmd,
free(host.password);
host.password = NULL;
#ifdef VTY_CRYPT_PW
if (host.encrypt) {
if (host.password_encrypt)
free(host.password_encrypt);
host.password_encrypt = strdup(zencrypt(argv[0]));
} else
#endif
host.password = strdup(argv[0]);
return CMD_SUCCESS;
@ -2764,11 +2766,13 @@ ALIAS(config_password, password_text_cmd,
host.enable = NULL;
/* Plain password input. */
#ifdef VTY_CRYPT_PW
if (host.encrypt) {
if (host.enable_encrypt)
free(host.enable_encrypt);
host.enable_encrypt = strdup(zencrypt(argv[0]));
} else
#endif
host.enable = strdup(argv[0]);
return CMD_SUCCESS;
@ -2799,6 +2803,7 @@ ALIAS(config_enable_password,
return CMD_SUCCESS;
}
#ifdef VTY_CRYPT_PW
DEFUN(service_password_encrypt,
service_password_encrypt_cmd,
"service password-encryption",
@ -2843,6 +2848,7 @@ DEFUN(no_service_password_encrypt,
return CMD_SUCCESS;
}
#endif
DEFUN(config_terminal_length, config_terminal_length_cmd,
"terminal length <0-512>",
@ -3390,8 +3396,10 @@ void cmd_init(int terminal)
install_element(CONFIG_NODE, &enable_password_text_cmd);
install_element(CONFIG_NODE, &no_enable_password_cmd);
#ifdef VTY_CRYPT_PW
install_element(CONFIG_NODE, &service_password_encrypt_cmd);
install_element(CONFIG_NODE, &no_service_password_encrypt_cmd);
#endif
install_element(CONFIG_NODE, &banner_motd_default_cmd);
install_element(CONFIG_NODE, &banner_motd_file_cmd);
install_element(CONFIG_NODE, &no_banner_motd_cmd);

View File

@ -75,9 +75,11 @@ static void vty_auth(struct vty *vty, char *buf)
switch (vty->node) {
case AUTH_NODE:
#ifdef VTY_CRYPT_PW
if (host.encrypt)
passwd = host.password_encrypt;
else
#endif
passwd = host.password;
if (host.advanced)
next_node = host.enable ? VIEW_NODE : ENABLE_NODE;
@ -85,18 +87,22 @@ static void vty_auth(struct vty *vty, char *buf)
next_node = VIEW_NODE;
break;
case AUTH_ENABLE_NODE:
#ifdef VTY_CRYPT_PW
if (host.encrypt)
passwd = host.enable_encrypt;
else
#endif
passwd = host.enable;
next_node = ENABLE_NODE;
break;
}
if (passwd) {
#ifdef VTY_CRYPT_PW
if (host.encrypt)
fail = strcmp(crypt(buf, passwd), passwd);
else
#endif
fail = strcmp(buf, passwd);
} else
fail = 1;