diff options
| author | Tim Rice <tim@multitalents.net> | 2005-08-31 09:59:49 -0700 |
|---|---|---|
| committer | Tim Rice <tim@multitalents.net> | 2005-08-31 09:59:49 -0700 |
| commit | 66fd217e8e57f0c86179d77dc14e42efd3098320 (patch) | |
| tree | 647dc150f96b27987211df1c77879111e0f0eac9 /openbsd-compat/port-uw.c | |
| parent | d0a47cd2435abdbb4aaabbdd408e855431ce9ccd (diff) | |
- (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
Feedback and OK dtucker@
Diffstat (limited to 'openbsd-compat/port-uw.c')
| -rw-r--r-- | openbsd-compat/port-uw.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c index cbc3f686..d881ff02 100644 --- a/openbsd-compat/port-uw.c +++ b/openbsd-compat/port-uw.c @@ -25,7 +25,7 @@ #include "includes.h" -#ifdef UNIXWARE_LONG_PASSWORDS +#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF) #ifdef HAVE_CRYPT_H #include <crypt.h> #endif @@ -44,6 +44,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) struct passwd *pw = authctxt->pw; char *encrypted_password; char *salt; + int result; /* Just use the supplied fake password if authctxt is invalid */ char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; @@ -52,13 +53,27 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) return (1); + /* Encrypt the candidate password using the proper salt. */ salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx"; - if (nischeck(pw->pw_name)) - return(strcmp(crypt(password, salt), pw_password) == 0); +#ifdef UNIXWARE_LONG_PASSWORDS + if (!nischeck(pw->pw_name)) + encrypted_password = bigcrypt(password, salt); else - return(strcmp(bigcrypt(password, salt), pw_password) == 0); +#endif /* UNIXWARE_LONG_PASSWORDS */ + encrypted_password = xcrypt(password, salt); + + /* + * Authentication is accepted if the encrypted passwords + * are identical. + */ + result = (strcmp(encrypted_password, pw_password) == 0); + + if (authctxt->valid) + free(pw_password); + return(result); } +#ifdef UNIXWARE_LONG_PASSWORDS int nischeck(char *namep) { @@ -94,7 +109,11 @@ nischeck(char *namep) #endif /* UNIXWARE_LONG_PASSWORDS */ -#ifdef HAVE_LIBIAF +/* + NOTE: ia_get_logpwd() allocates memory for arg 2 + functions that call shadow_pw() will need to free + */ + char * get_iaf_password(struct passwd *pw) { @@ -104,12 +123,12 @@ get_iaf_password(struct passwd *pw) if (!ia_openinfo(pw->pw_name,&uinfo)) { ia_get_logpwd(uinfo, &pw_password); if (pw_password == NULL) - fatal("Unable to get the shadow passwd"); + fatal("ia_get_logpwd: Unable to get the shadow passwd"); ia_closeinfo(uinfo); return pw_password; } else - fatal("Unable to open the shadow passwd file"); + fatal("ia_openinfo: Unable to open the shadow passwd file"); } -#endif /* HAVE_LIBIAF */ +#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */ |