From 64ead485ac8fa10cb4db9c316e0c72c51a95e82e Mon Sep 17 00:00:00 2001
From: Tim Rice <tim@multitalents.net>
Date: Thu, 8 Sep 2005 21:56:33 -0700
Subject:  - (tim) [defines.h openbsd-compat/port-uw.c] Add long password
 support to    OpenServer 6 and add osr5bigcrypt support so when someone
 migrates    passwords between UnixWare and OpenServer they will still work.
 OK dtucker@

---
 openbsd-compat/port-uw.c | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

(limited to 'openbsd-compat')

diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index d881ff028..c64427121 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -25,7 +25,7 @@
 
 #include "includes.h"
 
-#if defined(HAVE_LIBIAF)  &&  !defined(BROKEN_LIBIAF)
+#ifdef HAVE_LIBIAF
 #ifdef HAVE_CRYPT_H
 #include <crypt.h>
 #endif
@@ -42,7 +42,6 @@ int
 sys_auth_passwd(Authctxt *authctxt, const char *password)
 {
 	struct passwd *pw = authctxt->pw;
-	char *encrypted_password;
 	char *salt;
 	int result;
 
@@ -55,21 +54,24 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
 
 	/* Encrypt the candidate password using the proper salt. */
 	salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx";
-#ifdef UNIXWARE_LONG_PASSWORDS
-	if (!nischeck(pw->pw_name))
-		encrypted_password = bigcrypt(password, salt);
-	else
-#endif /* UNIXWARE_LONG_PASSWORDS */
-		encrypted_password = xcrypt(password, salt);
 
 	/*
 	 * Authentication is accepted if the encrypted passwords
 	 * are identical.
 	 */
-	result = (strcmp(encrypted_password, pw_password) == 0);
+#ifdef UNIXWARE_LONG_PASSWORDS
+	if (!nischeck(pw->pw_name)) {
+		result = ((strcmp(bigcrypt(password, salt), pw_password) == 0)
+		||  (strcmp(osr5bigcrypt(password, salt), pw_password) == 0));
+	}
+	else
+#endif /* UNIXWARE_LONG_PASSWORDS */
+		result = (strcmp(xcrypt(password, salt), pw_password) == 0);
 
+#if !defined(BROKEN_LIBIAF)
 	if (authctxt->valid)
 		free(pw_password);
+#endif
 	return(result);
 }
 
@@ -114,6 +116,7 @@ nischeck(char *namep)
 	functions that call shadow_pw() will need to free
  */
 
+#if !defined(BROKEN_LIBIAF)
 char *
 get_iaf_password(struct passwd *pw)
 {
@@ -130,5 +133,6 @@ get_iaf_password(struct passwd *pw)
 	else
 		fatal("ia_openinfo: Unable to open the shadow passwd file");
 }
-#endif /* HAVE_LIBIAF  && !BROKEN_LIBIAF */
+#endif /* !BROKEN_LIBIAF */
+#endif /* HAVE_LIBIAF */
 
-- 
cgit v1.2.3