mirror of
https://github.com/serghey-rodin/vesta.git
synced 2024-12-11 06:40:47 -08:00
110 lines
2.8 KiB
Bash
Executable File
110 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
# info: check user password
|
|
# options: USER PASSWORD [IP]
|
|
#
|
|
# The function verifies user password from file
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Variable&Function #
|
|
#----------------------------------------------------------#
|
|
|
|
# Argument definition
|
|
user=$1
|
|
password=$2; HIDE=2
|
|
ip=${3-127.0.0.1}
|
|
|
|
# Includes
|
|
source $VESTA/func/main.sh
|
|
source $VESTA/conf/vesta.conf
|
|
|
|
time_n_date=$(date +'%T %F')
|
|
time=$(echo "$time_n_date" |cut -f 1 -d \ )
|
|
date=$(echo "$time_n_date" |cut -f 2 -d \ )
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
check_args '2' "$#" 'USER PASSWORD'
|
|
is_format_valid 'user'
|
|
|
|
# Checking user
|
|
if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
|
|
# Checking user password
|
|
is_password_valid
|
|
|
|
# Checking empty password
|
|
if [[ -z "$password" ]]; then
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
# Parsing user's salt
|
|
shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :)
|
|
|
|
if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'
|
|
then
|
|
salt=$(echo "$shadow" |cut -f 3 -d \$)
|
|
method=$(echo "$shadow" |cut -f 2 -d \$)
|
|
if [ "$method" -eq '1' ]; then
|
|
method='md5'
|
|
elif [ "$method" -eq '6' ]; then
|
|
method='sha-512'
|
|
else
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
else
|
|
salt=${shadow:0:2}
|
|
method='des'
|
|
fi
|
|
|
|
if [ -z "$salt" ]; then
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
|
|
# Generating hash
|
|
set -o noglob
|
|
hash=$($BIN/v-generate-password-hash $method $salt <<< "$password")
|
|
if [[ -z "$hash" ]]; then
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
|
|
# Checking hash
|
|
result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null)
|
|
if [[ -z "$result" ]]; then
|
|
echo "Error: password missmatch"
|
|
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
|
|
exit 9
|
|
fi
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Vesta #
|
|
#----------------------------------------------------------#
|
|
|
|
# Logging
|
|
echo "$date $time $user $ip successfully logged in" >> $VESTA/log/auth.log
|
|
|
|
exit
|