From cb7a79063e0753b04c35b055a3e7346fffe6cfa4 Mon Sep 17 00:00:00 2001 From: Russ Magee Date: Wed, 3 Oct 2018 22:31:35 -0700 Subject: [PATCH] Added validation user actually exists on system --- hkexauth.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/hkexauth.go b/hkexauth.go index c5018f6..2fd43a7 100644 --- a/hkexauth.go +++ b/hkexauth.go @@ -22,6 +22,15 @@ import ( "github.com/jameskeane/bcrypt" ) +func userExistsOnSystem(who string) bool { + _, userErr := user.Lookup(who) + if userErr != nil { + return false + } else { + return true + } +} + func AuthUserByPasswd(username string, auth string, fname string) (valid bool, allowedCmds string) { b, e := ioutil.ReadFile(fname) if e != nil { @@ -66,6 +75,9 @@ func AuthUserByPasswd(username string, auth string, fname string) (valid bool, a r = nil runtime.GC() + if !userExistsOnSystem(username) { + valid = false + } return } @@ -102,5 +114,8 @@ func AuthUserByToken(username string, connhostname string, auth string) (valid b return true } } + if !userExistsOnSystem(username) { + valid = false + } return }