LibCore: Make Account::authenticate take a SecretString

To encourage users to use the SecretString API, change the API so that
Account::authenticate only accepts a SecretString.

Userland/Libraries/LibCore/Account.cpp

@@ -159,7 +159,7 @@ Result<Account, String> Account::from_uid(uid_t uid, Read options)
     return from_passwd(*pwd, *spwd);
 }
 
-bool Account::authenticate(const char* password) const
+bool Account::authenticate(SecretString const& password) const
 {
     // If there was no shadow entry for this account, authentication always fails.
     if (m_password_hash.is_null())
@@ -170,7 +170,7 @@ bool Account::authenticate(const char* password) const
         return true;
 
     // FIXME: Use crypt_r if it can be built in lagom.
-    char* hash = crypt(password, m_password_hash.characters());
+    char* hash = crypt(password.characters(), m_password_hash.characters());
     return hash != nullptr && strcmp(hash, m_password_hash.characters()) == 0;
 }
 

Userland/Libraries/LibCore/Account.h

@@ -10,6 +10,7 @@
 #include <AK/String.h>
 #include <AK/Types.h>
 #include <AK/Vector.h>
+#include <LibCore/SecretString.h>
 #include <pwd.h>
 #ifndef AK_OS_BSD_GENERIC
 #    include <shadow.h>
@@ -36,7 +37,7 @@ public:
     static Result<Account, String> from_name(const char* username, Read options = Read::All);
     static Result<Account, String> from_uid(uid_t uid, Read options = Read::All);
 
-    bool authenticate(const char* password) const;
+    bool authenticate(SecretString const& password) const;
     bool login() const;
 
     String username() const { return m_username; }

Userland/Utilities/passwd.cpp

@@ -90,7 +90,7 @@ int main(int argc, char** argv)
                 return 1;
             }
 
-            if (!target_account.authenticate(current_password.value().characters())) {
+            if (!target_account.authenticate(current_password.value())) {
                 warnln("Incorrect or disabled password.");
                 warnln("Password for user {} unchanged.", target_account.username());
                 return 1;

Userland/Utilities/pls.cpp

@@ -55,7 +55,7 @@ int main(int argc, char** argv)
             }
 
             auto const& password = password_or_error.value();
-            if (!account.authenticate(password.characters())) {
+            if (!account.authenticate(password)) {
                 warnln("Incorrect or disabled password.");
                 return 1;
             }

Userland/Utilities/su.cpp

@@ -58,7 +58,7 @@ int main(int argc, char** argv)
             return 1;
         }
 
-        if (!account.authenticate(password.value().characters())) {
+        if (!account.authenticate(password.value())) {
             warnln("Incorrect or disabled password.");
             return 1;
         }