diff options
author | Damien Miller <djm@mindrot.org> | 2000-09-16 15:55:52 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-09-16 15:55:52 +1100 |
commit | 8a1e6a629e6c712a0f24451b93c293536ad864e6 (patch) | |
tree | 8ebdc7b283b38fcb6c906387dc5c424862953559 /auth-passwd.c | |
parent | 606f880e0fd1a31f5beb3b37ece0c12317a9ed61 (diff) |
- (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
Kevin Steves <stevesk@sweden.hp.com>
Diffstat (limited to 'auth-passwd.c')
-rw-r--r-- | auth-passwd.c | 55 |
1 files changed, 26 insertions, 29 deletions
diff --git a/auth-passwd.c b/auth-passwd.c index 055a03629..c6fdc82d1 100644 --- a/auth-passwd.c +++ b/auth-passwd.c | |||
@@ -71,14 +71,14 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.17 2000/09/07 20:27:49 deraadt Exp $"); | |||
71 | #ifdef WITH_AIXAUTHENTICATE | 71 | #ifdef WITH_AIXAUTHENTICATE |
72 | # include <login.h> | 72 | # include <login.h> |
73 | #endif | 73 | #endif |
74 | #ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW | 74 | #ifdef __hpux |
75 | # include <hpsecurity.h> | 75 | # include <hpsecurity.h> |
76 | # include <prot.h> | 76 | # include <prot.h> |
77 | #endif | 77 | #endif |
78 | #ifdef HAVE_SHADOW_H | 78 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
79 | # include <shadow.h> | 79 | # include <shadow.h> |
80 | #endif | 80 | #endif |
81 | #ifdef HAVE_GETPWANAM | 81 | #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) |
82 | # include <sys/label.h> | 82 | # include <sys/label.h> |
83 | # include <sys/audit.h> | 83 | # include <sys/audit.h> |
84 | # include <pwdadj.h> | 84 | # include <pwdadj.h> |
@@ -105,10 +105,13 @@ auth_password(struct passwd * pw, const char *password) | |||
105 | char *encrypted_password; | 105 | char *encrypted_password; |
106 | char *pw_password; | 106 | char *pw_password; |
107 | char *salt; | 107 | char *salt; |
108 | #ifdef HAVE_SHADOW_H | 108 | #ifdef __hpux |
109 | struct pr_passwd *spw; | ||
110 | #endif | ||
111 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | ||
109 | struct spwd *spw; | 112 | struct spwd *spw; |
110 | #endif | 113 | #endif |
111 | #ifdef HAVE_GETPWANAM | 114 | #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) |
112 | struct passwd_adjunct *spw; | 115 | struct passwd_adjunct *spw; |
113 | #endif | 116 | #endif |
114 | # ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW | 117 | # ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW |
@@ -170,38 +173,29 @@ auth_password(struct passwd * pw, const char *password) | |||
170 | } | 173 | } |
171 | #endif | 174 | #endif |
172 | 175 | ||
173 | # ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW | ||
174 | prpw = getprpwnam(pw->pw_name); | ||
175 | pw_password = prpw->ufld.fd_encrypt; | ||
176 | #else | ||
177 | pw_password = pw->pw_passwd; | ||
178 | #endif | ||
179 | 176 | ||
180 | /* Check for users with no password. */ | 177 | pw_password = pw->pw_passwd; |
181 | if (strcmp(password, "") == 0 && strcmp(pw_password, "") == 0) | ||
182 | return 1; | ||
183 | 178 | ||
179 | /* | ||
180 | * Various interfaces to shadow or protected password data | ||
181 | */ | ||
184 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | 182 | #if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) |
185 | spw = getspnam(pw->pw_name); | 183 | spw = getspnam(pw->pw_name); |
186 | if (spw != NULL) | 184 | if (spw != NULL) |
187 | { | ||
188 | /* Check for users with no password. */ | ||
189 | if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0) | ||
190 | return 1; | ||
191 | |||
192 | pw_password = spw->sp_pwdp; | 185 | pw_password = spw->sp_pwdp; |
193 | } | ||
194 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ | 186 | #endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */ |
195 | #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | 187 | #if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) |
196 | if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) | 188 | if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) |
197 | { | ||
198 | /* Check for users with no password. */ | ||
199 | if (strcmp(password, "") == 0 && strcmp(spw->pwa_passwd, "") == 0) | ||
200 | return 1; | ||
201 | |||
202 | pw_password = spw->pwa_passwd; | 189 | pw_password = spw->pwa_passwd; |
203 | } | ||
204 | #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ | 190 | #endif /* defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) */ |
191 | #if defined(__hpux) | ||
192 | if (iscomsec() && (spw = getprpwnam(pw->pw_name)) != NULL) | ||
193 | pw_password = spw->ufld.fd_encrypt; | ||
194 | #endif /* defined(__hpux) */ | ||
195 | |||
196 | /* Check for users with no password. */ | ||
197 | if ((password[0] == '\0') && (pw_password[0] == '\0')) | ||
198 | return 1; | ||
205 | 199 | ||
206 | if (pw_password[0] != '\0') | 200 | if (pw_password[0] != '\0') |
207 | salt = pw_password; | 201 | salt = pw_password; |
@@ -214,11 +208,14 @@ auth_password(struct passwd * pw, const char *password) | |||
214 | else | 208 | else |
215 | encrypted_password = crypt(password, salt); | 209 | encrypted_password = crypt(password, salt); |
216 | #else /* HAVE_MD5_PASSWORDS */ | 210 | #else /* HAVE_MD5_PASSWORDS */ |
217 | # ifdef HAVE_HPUX_TRUSTED_SYSTEM_PW | 211 | # ifdef __hpux |
218 | encrypted_password = bigcrypt(password, salt); | 212 | if (iscomsec()) |
213 | encrypted_password = bigcrypt(password, salt); | ||
214 | else | ||
215 | encrypted_password = crypt(password, salt); | ||
219 | # else | 216 | # else |
220 | encrypted_password = crypt(password, salt); | 217 | encrypted_password = crypt(password, salt); |
221 | # endif /* HAVE_HPUX_TRUSTED_SYSTEM_PW */ | 218 | # endif /* __hpux */ |
222 | #endif /* HAVE_MD5_PASSWORDS */ | 219 | #endif /* HAVE_MD5_PASSWORDS */ |
223 | 220 | ||
224 | /* Authentication is accepted if the encrypted passwords are identical. */ | 221 | /* Authentication is accepted if the encrypted passwords are identical. */ |