Home Verkennen Help
Inloggen
yosoyhendrix
/
hestiacp
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: d6b6ca576e
Aftakkingen Labels
hestiacp
/
bin
/
v-check-user-password

v-check-user-password 3.1 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 
  1. #!/bin/bash
    2. 

  2. # info: check user password
    3. 

  3. # options: USER PASSWORD [IP]
    4. 

  4. #
    5. 

  5. # example: v-check-user-password admin qwerty1234
    6. 

  6. #
    7. 

  7. # This function verifies user password from file
    8. 

  8. 

  9. #----------------------------------------------------------#
    10. 

  10. #                Variables & Functions                     #
    11. 

  11. #----------------------------------------------------------#
    12. 

  12. 

  13. # Argument definition
    14. 

  14. user=$1
    15. 

  15. password=$2; HIDE=2
    16. 

  16. ip=${3-127.0.0.1}
    17. 

  17. 

  18. # Includes
    19. 

  19. # shellcheck source=/etc/hestiacp/hestia.conf
    20. 

  20. source /etc/hestiacp/hestia.conf
    21. 

  21. # shellcheck source=/usr/local/hestia/func/main.sh
    22. 

  22. source $HESTIA/func/main.sh
    23. 

  23. # load config file
    24. 

  24. source_conf "$HESTIA/conf/hestia.conf"
    25. 

  25. 

  26. time_n_date=$(date +'%T %F')
    27. 

  27. time=$(echo "$time_n_date" |cut -f 1 -d \ )
    28. 

  28. date=$(echo "$time_n_date" |cut -f 2 -d \ )
    29. 

  29. 

  30. #----------------------------------------------------------#
    31. 

  31. #                    Verifications                         #
    32. 

  32. #----------------------------------------------------------#
    33. 

  33. 

  34. check_args '2' "$#" 'USER PASSWORD'
    35. 

  35. is_format_valid 'user'
    36. 

  36. 

  37. # Checking user
    38. 

  38. if [ ! -d "$HESTIA/data/users/$user" ] && [ "$user" != 'root' ]; then
    39. 

  39.     echo "Error: password missmatch"
    40. 

  40.     echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    41. 

  41.     exit 9
    42. 

  42. fi
    43. 

  43. 

  44. # Checking user password
    45. 

  45. is_password_valid
    46. 

  46. 

  47. # Checking empty password
    48. 

  48. if [[ -z "$password" ]]; then
    49. 

  49.     echo "Error: password missmatch"
    50. 

  50.     echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    51. 

  51.     exit 9
    52. 

  52. fi
    53. 

  53. 

  54. #----------------------------------------------------------#
    55. 

  55. #                       Action                             #
    56. 

  56. #----------------------------------------------------------#
    57. 

  57. 

  58. # Parsing user's salt
    59. 

  59. shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :)
    60. 

  60. 

  61. if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'
    62. 

  62. then
    63. 

  63.     salt=$(echo "$shadow" |cut -f 3 -d \$)
    64. 

  64.     method=$(echo "$shadow" |cut -f 2 -d \$)
    65. 

  65.     if [ "$method" = "y" ]; then
    66. 

  66.         echo "Unsuported hash method";
    67. 

  67.         exit 1;   
    68. 

  68.     elif [ "$method" -eq '1' ]; then
    69. 

  69.         method='md5'
    70. 

  70.     elif [ "$method" -eq '6' ]; then
    71. 

  71.         method='sha-512'
    72. 

  72.     else
    73. 

  73.         echo "Error: password missmatch"
    74. 

  74.         echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    75. 

  75.         exit 9
    76. 

  76.     fi
    77. 

  77. else
    78. 

  78.     salt=${shadow:0:2}
    79. 

  79.     method='des'
    80. 

  80. fi
    81. 

  81. 

  82. if [ -z "$salt" ]; then
    83. 

  83.     echo "Error: password missmatch"
    84. 

  84.     echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    85. 

  85.     exit 9
    86. 

  86. fi
    87. 

  87. 

  88. # Generating hash
    89. 

  89. set -o noglob
    90. 

  90. hash=$($BIN/v-generate-password-hash "$method" "$salt" <<< "$password")
    91. 

  91. if [[ -z "$hash" ]]; then
    92. 

  92.     echo "Error: password missmatch"
    93. 

  93.     echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    94. 

  94.     exit 9
    95. 

  95. fi
    96. 

  96. 

  97. # Checking hash
    98. 

  98. result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null)
    99. 

  99. if [[ -z "$result" ]]; then
    100. 

  100.     echo "Error: password missmatch"
    101. 

  101.     echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
    102. 

  102.     exit 9
    103. 

  103. fi
    104. 

  104. 

  105. #----------------------------------------------------------#
    106. 

  106. #                       Hestia                             #
    107. 

  107. #----------------------------------------------------------#
    108. 

  108. 

  109. # Logging
    110. 

  110. echo "$date $time $user $ip successfully logged in" >> $HESTIA/log/auth.log
    111. 

  111. 

  112. exit
    113.