summaryrefslogtreecommitdiff
path: root/openbsd-compat/port-uw.c
diff options
context:
space:
mode:
authorTim Rice <tim@multitalents.net>2005-08-31 09:59:49 -0700
committerTim Rice <tim@multitalents.net>2005-08-31 09:59:49 -0700
commit66fd217e8e57f0c86179d77dc14e42efd3098320 (patch)
tree647dc150f96b27987211df1c77879111e0f0eac9 /openbsd-compat/port-uw.c
parentd0a47cd2435abdbb4aaabbdd408e855431ce9ccd (diff)
- (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd(). Feedback and OK dtucker@
Diffstat (limited to 'openbsd-compat/port-uw.c')
-rw-r--r--openbsd-compat/port-uw.c35
1 files changed, 27 insertions, 8 deletions
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index cbc3f686..d881ff02 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -25,7 +25,7 @@
#include "includes.h"
-#ifdef UNIXWARE_LONG_PASSWORDS
+#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
#ifdef HAVE_CRYPT_H
#include <crypt.h>
#endif
@@ -44,6 +44,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
struct passwd *pw = authctxt->pw;
char *encrypted_password;
char *salt;
+ int result;
/* Just use the supplied fake password if authctxt is invalid */
char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
@@ -52,13 +53,27 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
return (1);
+ /* Encrypt the candidate password using the proper salt. */
salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx";
- if (nischeck(pw->pw_name))
- return(strcmp(crypt(password, salt), pw_password) == 0);
+#ifdef UNIXWARE_LONG_PASSWORDS
+ if (!nischeck(pw->pw_name))
+ encrypted_password = bigcrypt(password, salt);
else
- return(strcmp(bigcrypt(password, salt), pw_password) == 0);
+#endif /* UNIXWARE_LONG_PASSWORDS */
+ encrypted_password = xcrypt(password, salt);
+
+ /*
+ * Authentication is accepted if the encrypted passwords
+ * are identical.
+ */
+ result = (strcmp(encrypted_password, pw_password) == 0);
+
+ if (authctxt->valid)
+ free(pw_password);
+ return(result);
}
+#ifdef UNIXWARE_LONG_PASSWORDS
int
nischeck(char *namep)
{
@@ -94,7 +109,11 @@ nischeck(char *namep)
#endif /* UNIXWARE_LONG_PASSWORDS */
-#ifdef HAVE_LIBIAF
+/*
+ NOTE: ia_get_logpwd() allocates memory for arg 2
+ functions that call shadow_pw() will need to free
+ */
+
char *
get_iaf_password(struct passwd *pw)
{
@@ -104,12 +123,12 @@ get_iaf_password(struct passwd *pw)
if (!ia_openinfo(pw->pw_name,&uinfo)) {
ia_get_logpwd(uinfo, &pw_password);
if (pw_password == NULL)
- fatal("Unable to get the shadow passwd");
+ fatal("ia_get_logpwd: Unable to get the shadow passwd");
ia_closeinfo(uinfo);
return pw_password;
}
else
- fatal("Unable to open the shadow passwd file");
+ fatal("ia_openinfo: Unable to open the shadow passwd file");
}
-#endif /* HAVE_LIBIAF */
+#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */