summaryrefslogtreecommitdiff
path: root/openbsd-compat
diff options
context:
space:
mode:
Diffstat (limited to 'openbsd-compat')
-rw-r--r--openbsd-compat/port-uw.c35
-rw-r--r--openbsd-compat/port-uw.h4
-rw-r--r--openbsd-compat/xcrypt.c9
3 files changed, 34 insertions, 14 deletions
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index cbc3f686b..d881ff028 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -25,7 +25,7 @@
25 25
26#include "includes.h" 26#include "includes.h"
27 27
28#ifdef UNIXWARE_LONG_PASSWORDS 28#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
29#ifdef HAVE_CRYPT_H 29#ifdef HAVE_CRYPT_H
30#include <crypt.h> 30#include <crypt.h>
31#endif 31#endif
@@ -44,6 +44,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
44 struct passwd *pw = authctxt->pw; 44 struct passwd *pw = authctxt->pw;
45 char *encrypted_password; 45 char *encrypted_password;
46 char *salt; 46 char *salt;
47 int result;
47 48
48 /* Just use the supplied fake password if authctxt is invalid */ 49 /* Just use the supplied fake password if authctxt is invalid */
49 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; 50 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
@@ -52,13 +53,27 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
52 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) 53 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
53 return (1); 54 return (1);
54 55
56 /* Encrypt the candidate password using the proper salt. */
55 salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx"; 57 salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx";
56 if (nischeck(pw->pw_name)) 58#ifdef UNIXWARE_LONG_PASSWORDS
57 return(strcmp(crypt(password, salt), pw_password) == 0); 59 if (!nischeck(pw->pw_name))
60 encrypted_password = bigcrypt(password, salt);
58 else 61 else
59 return(strcmp(bigcrypt(password, salt), pw_password) == 0); 62#endif /* UNIXWARE_LONG_PASSWORDS */
63 encrypted_password = xcrypt(password, salt);
64
65 /*
66 * Authentication is accepted if the encrypted passwords
67 * are identical.
68 */
69 result = (strcmp(encrypted_password, pw_password) == 0);
70
71 if (authctxt->valid)
72 free(pw_password);
73 return(result);
60} 74}
61 75
76#ifdef UNIXWARE_LONG_PASSWORDS
62int 77int
63nischeck(char *namep) 78nischeck(char *namep)
64{ 79{
@@ -94,7 +109,11 @@ nischeck(char *namep)
94 109
95#endif /* UNIXWARE_LONG_PASSWORDS */ 110#endif /* UNIXWARE_LONG_PASSWORDS */
96 111
97#ifdef HAVE_LIBIAF 112/*
113 NOTE: ia_get_logpwd() allocates memory for arg 2
114 functions that call shadow_pw() will need to free
115 */
116
98char * 117char *
99get_iaf_password(struct passwd *pw) 118get_iaf_password(struct passwd *pw)
100{ 119{
@@ -104,12 +123,12 @@ get_iaf_password(struct passwd *pw)
104 if (!ia_openinfo(pw->pw_name,&uinfo)) { 123 if (!ia_openinfo(pw->pw_name,&uinfo)) {
105 ia_get_logpwd(uinfo, &pw_password); 124 ia_get_logpwd(uinfo, &pw_password);
106 if (pw_password == NULL) 125 if (pw_password == NULL)
107 fatal("Unable to get the shadow passwd"); 126 fatal("ia_get_logpwd: Unable to get the shadow passwd");
108 ia_closeinfo(uinfo); 127 ia_closeinfo(uinfo);
109 return pw_password; 128 return pw_password;
110 } 129 }
111 else 130 else
112 fatal("Unable to open the shadow passwd file"); 131 fatal("ia_openinfo: Unable to open the shadow passwd file");
113} 132}
114#endif /* HAVE_LIBIAF */ 133#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
115 134
diff --git a/openbsd-compat/port-uw.h b/openbsd-compat/port-uw.h
index f16bb5e5c..3589b2e44 100644
--- a/openbsd-compat/port-uw.h
+++ b/openbsd-compat/port-uw.h
@@ -24,7 +24,7 @@
24 24
25#include "includes.h" 25#include "includes.h"
26 26
27#ifdef HAVE_LIBIAF 27#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
28char * get_iaf_password(struct passwd *pw); 28char * get_iaf_password(struct passwd *pw);
29#endif /* HAVE_LIBIAF */ 29#endif
30 30
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 453203270..9afa0b9f2 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -91,12 +91,13 @@ shadow_pw(struct passwd *pw)
91 struct spwd *spw = getspnam(pw->pw_name); 91 struct spwd *spw = getspnam(pw->pw_name);
92 92
93 if (spw != NULL) 93 if (spw != NULL)
94#ifdef HAVE_LIBIAF
95 pw_password = get_iaf_password(pw);
96#else
97 pw_password = spw->sp_pwdp; 94 pw_password = spw->sp_pwdp;
98#endif /* HAVE_LIBIAF */
99# endif 95# endif
96
97#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
98 return(get_iaf_password(pw));
99#endif
100
100# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) 101# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
101 struct passwd_adjunct *spw; 102 struct passwd_adjunct *spw;
102 if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) 103 if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL)