httpd: speed up httpd.conf at the cost of 49 bytes of code

[oweals/busybox.git] / loginutils / sulogin.c

diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c
index af457ef1e52b1ea0c0b095a2166fbac1a87b9c09..77eff9f8dc415b0395a4474c59eb17f1d54484a8 100644 (file)
--- a/loginutils/sulogin.c
+++ b/loginutils/sulogin.c
@@ -5,22 +5,20 @@
  * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
  */
 
-#include <syslog.h>
-
 #include "libbb.h"
+#include <syslog.h>
 
-//static void catchalarm(int ATTRIBUTE_UNUSED junk)
+//static void catchalarm(int UNUSED_PARAM junk)
 //{
 //     exit(EXIT_FAILURE);
 //}
 
 
 int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
-int sulogin_main(int argc, char **argv)
+int sulogin_main(int argc UNUSED_PARAM, char **argv)
 {
        char *cp;
        int timeout = 0;
-       char *timeout_arg;
        struct passwd *pwd;
        const char *shell;
 #if ENABLE_FEATURE_SHADOWPASSWDS
@@ -32,27 +30,28 @@ int sulogin_main(int argc, char **argv)
        logmode = LOGMODE_BOTH;
        openlog(applet_name, 0, LOG_AUTH);
 
-       if (getopt32(argv, "t:", &timeout_arg)) {
-               timeout = xatoi_u(timeout_arg);
-       }
+       opt_complementary = "t+"; /* -t N */
+       getopt32(argv, "t:", &timeout);
+       argv += optind;
 
-       if (argv[optind]) {
+       if (argv[0]) {
                close(0);
                close(1);
-               dup(xopen(argv[optind], O_RDWR));
+               dup(xopen(argv[0], O_RDWR));
                close(2);
                dup(0);
        }
 
+       /* Malicious use like "sulogin /dev/sda"? */
        if (!isatty(0) || !isatty(1) || !isatty(2)) {
                logmode = LOGMODE_SYSLOG;
                bb_error_msg_and_die("not a tty");
        }
 
        /* Clear dangerous stuff, set PATH */
-       sanitize_env_for_suid();
+       sanitize_env_if_suid();
 
-// bb_askpass() already handles this
+// bb_ask() already handles this
 //     signal(SIGALRM, catchalarm);
 
        pwd = getpwuid(0);
@@ -74,8 +73,11 @@ int sulogin_main(int argc, char **argv)
 #endif
 
        while (1) {
+               char *encrypted;
+               int r;
+
                /* cp points to a static buffer that is zeroed every time */
-               cp = bb_askpass(timeout,
+               cp = bb_ask(STDIN_FILENO, timeout,
                                "Give root password for system maintenance\n"
                                "(or type Control-D for normal startup):");
 
@@ -83,7 +85,10 @@ int sulogin_main(int argc, char **argv)
                        bb_info_msg("Normal startup");
                        return 0;
                }
-               if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) {
+               encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
+               r = strcmp(encrypted, pwd->pw_passwd);
+               free(encrypted);
+               if (r == 0) {
                        break;
                }
                bb_do_delay(FAIL_DELAY);
@@ -94,7 +99,7 @@ int sulogin_main(int argc, char **argv)
 
        bb_info_msg("System Maintenance Mode");
 
-       USE_SELINUX(renew_current_security_context());
+       IF_SELINUX(renew_current_security_context());
 
        shell = getenv("SUSHELL");
        if (!shell)