diff options
author | Bobby Bingham <[email protected]> | 2023-03-30 21:54:25 -0500 |
---|---|---|
committer | Michele Calgaro <[email protected]> | 2023-06-05 11:59:33 +0900 |
commit | 8c543e26ec35237d00ec44fadda80318c386fdde (patch) | |
tree | d1841ffeaeae655a3a19878ef597fe4a99517f6b /kcheckpass/checkpass_shadow.c | |
parent | 950f0ce73685e0dbadba7351738d78a9fbdb71f4 (diff) | |
download | tdebase-8c543e26ec35237d00ec44fadda80318c386fdde.tar.gz tdebase-8c543e26ec35237d00ec44fadda80318c386fdde.zip |
kcheckpass: fix shadow support when not building tdm
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide
whether to support shadow passwords. However, this was only set if also
building tdm.
Consolidate all PAM/shadow configure checks at the top level so these are
always set correctly.
2. Consolidate /etc/passwd and shadow password handling
The shadow password handler already completely handles /etc/passwd
passwords as well, so having a separate handler for just /etc/passwd is
pure code duplication.
Signed-off-by: Bobby Bingham <[email protected]>
Diffstat (limited to 'kcheckpass/checkpass_shadow.c')
-rw-r--r-- | kcheckpass/checkpass_shadow.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c index 850bf06d4..e721582d5 100644 --- a/kcheckpass/checkpass_shadow.c +++ b/kcheckpass/checkpass_shadow.c @@ -27,10 +27,10 @@ #include "kcheckpass.h" /******************************************************************* - * This is the authentication code for Shadow-Passwords + * This is the authentication code for /etc/passwd and Shadow-Passwords *******************************************************************/ -#ifdef HAVE_SHADOW +#if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD) #include <string.h> #include <stdlib.h> #include <pwd.h> @@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method, char *crpt_passwd; char *password; struct passwd *pw; - struct spwd *spw; if (strcmp(method, "classic")) return AuthError; @@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method, if (!(pw = getpwnam(login))) return AuthAbort; - spw = getspnam(login); +#ifdef HAVE_SHADOW + struct spwd *spw = getspnam(login); password = spw ? spw->sp_pwdp : pw->pw_passwd; +#else + password = pw->pw_passwd; +#endif if (!*password) return AuthOk; @@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method, crpt_passwd = crypt(typed_in_password, password); #endif - if (!strcmp(password, crpt_passwd )) { - dispose(typed_in_password); - return AuthOk; /* Success */ - } dispose(typed_in_password); + + if (crpt_passwd && !strcmp(password, crpt_passwd)) + return AuthOk; /* Success */ + return AuthBad; /* Password wrong or account locked */ } |