| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 |
- #!/bin/bash
- # info: check user password
- # options: USER PASSWORD [IP]
- #
- # The function verifies user password from file
- #----------------------------------------------------------#
- # Variable&Function #
- #----------------------------------------------------------#
- # Argument definition
- user=$1
- password=$2; HIDE=2
- ip=${3-127.0.0.1}
- # Includes
- source $VESTA/func/main.sh
- source $VESTA/conf/vesta.conf
- time_n_date=$(date +'%T %F')
- time=$(echo "$time_n_date" |cut -f 1 -d \ )
- date=$(echo "$time_n_date" |cut -f 2 -d \ )
- #----------------------------------------------------------#
- # Verifications #
- #----------------------------------------------------------#
- check_args '2' "$#" 'USER PASSWORD'
- is_format_valid 'user'
- # Checking user
- if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- # Checking user password
- is_password_valid
- # Checking empty password
- if [[ -z "$password" ]]; then
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- #----------------------------------------------------------#
- # Action #
- #----------------------------------------------------------#
- # Parsing user's salt
- shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :)
- if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'
- then
- salt=$(echo "$shadow" |cut -f 3 -d \$)
- method=$(echo "$shadow" |cut -f 2 -d \$)
- if [ "$method" -eq '1' ]; then
- method='md5'
- elif [ "$method" -eq '6' ]; then
- method='sha-512'
- else
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- else
- salt=${shadow:0:2}
- method='des'
- fi
- if [ -z "$salt" ]; then
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- # Generating hash
- hash=$($BIN/v-generate-password-hash $method $salt <<< $password)
- if [[ -z "$hash" ]]; then
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- # Checking hash
- result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null)
- if [[ -z "$result" ]]; then
- echo "Error: password missmatch"
- echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
- exit 9
- fi
- #----------------------------------------------------------#
- # Vesta #
- #----------------------------------------------------------#
- # Logging
- echo "$date $time $user $ip successfully logged in" >> $VESTA/log/auth.log
- exit
|