Affected by GO-2022-0306 and 2 other vulnerabilities

GO-2022-0306: Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy in github.com/foxcpp/maddy

GO-2022-0374: S3 storage write is not aborted on errors leading to unbounded memory usage in github.com/foxcpp/maddy

GO-2023-1630: Full authentication bypass if SASL authorization username is specified in github.com/foxcpp/maddy

shadow

package

v0.2.1 Latest Latest Go to latest Published: May 14, 2020 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/foxcpp/maddy

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

shadow package implements utilities for parsing and using shadow password database on Unix systems.

Index ¶

Variables
func New(modName, instName string, _, inlineArgs []string) (module.Module, error)
type Auth
type Entry
- func Lookup(name string) (*Entry, error)
- func Read() ([]Entry, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoSuchUser = errors.New("shadow: user entry is not present in database")

View Source

var ErrWrongPassword = errors.New("shadow: wrong password")

Functions ¶

func New ¶

func New(modName, instName string, _, inlineArgs []string) (module.Module, error)

Types ¶

type Auth ¶

type Auth struct {
	Log log.Logger
	// contains filtered or unexported fields
}

func (*Auth) AuthPlain ¶ added in v0.2.0

func (a *Auth) AuthPlain(username, password string) error

func (*Auth) Init ¶

func (a *Auth) Init(cfg *config.Map) error

func (*Auth) InstanceName ¶

func (a *Auth) InstanceName() string

func (*Auth) Name ¶

func (a *Auth) Name() string

type Entry ¶

type Entry struct {
	// User login name.
	Name string

	// Hashed user password.
	Pass string

	// Days since Jan 1, 1970 password was last changed.
	LastChange int

	// The number of days the user will have to wait before she will be allowed to
	// change her password again.
	//
	// -1 if password aging is disabled.
	MinPassAge int

	// The number of days after which the user will have to change her password.
	//
	// -1 is password aging is disabled.
	MaxPassAge int

	// The number of days before a password is going to expire (see the maximum
	// password age above) during which the user should be warned.
	//
	// -1 is password aging is disabled.
	WarnPeriod int

	// The number of days after a password has expired (see the maximum
	// password age above) during which the password should still be accepted.
	//
	// -1 is password aging is disabled.
	InactivityPeriod int

	// The date of expiration of the account, expressed as the number of days
	// since Jan 1, 1970.
	//
	// -1 is account never expires.
	AcctExpiry int

	// Unused now.
	Flags int
}

func Lookup ¶

func Lookup(name string) (*Entry, error)

func Read ¶

func Read() ([]Entry, error)

Read reads system shadow passwords database and returns all entires in it.

func (*Entry) IsAccountValid ¶

func (e *Entry) IsAccountValid() bool

func (*Entry) IsPasswordValid ¶

func (e *Entry) IsPasswordValid() bool

func (*Entry) VerifyPassword ¶

func (e *Entry) VerifyPassword(pass string) (err error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL