diff options
Diffstat (limited to 'openbsd-compat/port-uw.c')
-rw-r--r-- | openbsd-compat/port-uw.c | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c new file mode 100644 index 000000000..d881ff028 --- /dev/null +++ b/openbsd-compat/port-uw.c | |||
@@ -0,0 +1,134 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2005 The SCO Group. All rights reserved. | ||
3 | * Copyright (c) 2005 Tim Rice. All rights reserved. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions | ||
7 | * are met: | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * 2. Redistributions in binary form must reproduce the above copyright | ||
11 | * notice, this list of conditions and the following disclaimer in the | ||
12 | * documentation and/or other materials provided with the distribution. | ||
13 | * | ||
14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | ||
15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | ||
16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | ||
17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | ||
18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
24 | */ | ||
25 | |||
26 | #include "includes.h" | ||
27 | |||
28 | #if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) | ||
29 | #ifdef HAVE_CRYPT_H | ||
30 | #include <crypt.h> | ||
31 | #endif | ||
32 | #include "packet.h" | ||
33 | #include "buffer.h" | ||
34 | #include "log.h" | ||
35 | #include "servconf.h" | ||
36 | #include "auth.h" | ||
37 | #include "auth-options.h" | ||
38 | |||
39 | int nischeck(char *); | ||
40 | |||
41 | int | ||
42 | sys_auth_passwd(Authctxt *authctxt, const char *password) | ||
43 | { | ||
44 | struct passwd *pw = authctxt->pw; | ||
45 | char *encrypted_password; | ||
46 | char *salt; | ||
47 | int result; | ||
48 | |||
49 | /* Just use the supplied fake password if authctxt is invalid */ | ||
50 | char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; | ||
51 | |||
52 | /* Check for users with no password. */ | ||
53 | if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) | ||
54 | return (1); | ||
55 | |||
56 | /* Encrypt the candidate password using the proper salt. */ | ||
57 | salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx"; | ||
58 | #ifdef UNIXWARE_LONG_PASSWORDS | ||
59 | if (!nischeck(pw->pw_name)) | ||
60 | encrypted_password = bigcrypt(password, salt); | ||
61 | else | ||
62 | #endif /* UNIXWARE_LONG_PASSWORDS */ | ||
63 | encrypted_password = xcrypt(password, salt); | ||
64 | |||
65 | /* | ||
66 | * Authentication is accepted if the encrypted passwords | ||
67 | * are identical. | ||
68 | */ | ||
69 | result = (strcmp(encrypted_password, pw_password) == 0); | ||
70 | |||
71 | if (authctxt->valid) | ||
72 | free(pw_password); | ||
73 | return(result); | ||
74 | } | ||
75 | |||
76 | #ifdef UNIXWARE_LONG_PASSWORDS | ||
77 | int | ||
78 | nischeck(char *namep) | ||
79 | { | ||
80 | char password_file[] = "/etc/passwd"; | ||
81 | FILE *fd; | ||
82 | struct passwd *ent = NULL; | ||
83 | |||
84 | if ((fd = fopen (password_file, "r")) == NULL) { | ||
85 | /* | ||
86 | * If the passwd file has dissapeared we are in a bad state. | ||
87 | * However, returning 0 will send us back through the | ||
88 | * authentication scheme that has checked the ia database for | ||
89 | * passwords earlier. | ||
90 | */ | ||
91 | return(0); | ||
92 | } | ||
93 | |||
94 | /* | ||
95 | * fgetpwent() only reads from password file, so we know for certain | ||
96 | * that the user is local. | ||
97 | */ | ||
98 | while (ent = fgetpwent(fd)) { | ||
99 | if (strcmp (ent->pw_name, namep) == 0) { | ||
100 | /* Local user */ | ||
101 | fclose (fd); | ||
102 | return(0); | ||
103 | } | ||
104 | } | ||
105 | |||
106 | fclose (fd); | ||
107 | return (1); | ||
108 | } | ||
109 | |||
110 | #endif /* UNIXWARE_LONG_PASSWORDS */ | ||
111 | |||
112 | /* | ||
113 | NOTE: ia_get_logpwd() allocates memory for arg 2 | ||
114 | functions that call shadow_pw() will need to free | ||
115 | */ | ||
116 | |||
117 | char * | ||
118 | get_iaf_password(struct passwd *pw) | ||
119 | { | ||
120 | char *pw_password = NULL; | ||
121 | |||
122 | uinfo_t uinfo; | ||
123 | if (!ia_openinfo(pw->pw_name,&uinfo)) { | ||
124 | ia_get_logpwd(uinfo, &pw_password); | ||
125 | if (pw_password == NULL) | ||
126 | fatal("ia_get_logpwd: Unable to get the shadow passwd"); | ||
127 | ia_closeinfo(uinfo); | ||
128 | return pw_password; | ||
129 | } | ||
130 | else | ||
131 | fatal("ia_openinfo: Unable to open the shadow passwd file"); | ||
132 | } | ||
133 | #endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ | ||
134 | |||