summaryrefslogtreecommitdiffstats
path: root/kcheckpass/checkpass_shadow.c
diff options
context:
space:
mode:
authorBobby Bingham <[email protected]>2023-03-30 21:54:25 -0500
committerMichele Calgaro <[email protected]>2023-06-05 11:59:33 +0900
commit8c543e26ec35237d00ec44fadda80318c386fdde (patch)
treed1841ffeaeae655a3a19878ef597fe4a99517f6b /kcheckpass/checkpass_shadow.c
parent950f0ce73685e0dbadba7351738d78a9fbdb71f4 (diff)
downloadtdebase-8c543e26ec35237d00ec44fadda80318c386fdde.tar.gz
tdebase-8c543e26ec35237d00ec44fadda80318c386fdde.zip
kcheckpass: fix shadow support when not building tdm
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide whether to support shadow passwords. However, this was only set if also building tdm. Consolidate all PAM/shadow configure checks at the top level so these are always set correctly. 2. Consolidate /etc/passwd and shadow password handling The shadow password handler already completely handles /etc/passwd passwords as well, so having a separate handler for just /etc/passwd is pure code duplication. Signed-off-by: Bobby Bingham <[email protected]>
Diffstat (limited to 'kcheckpass/checkpass_shadow.c')
-rw-r--r--kcheckpass/checkpass_shadow.c19
1 files changed, 11 insertions, 8 deletions
diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
index 850bf06d4..e721582d5 100644
--- a/kcheckpass/checkpass_shadow.c
+++ b/kcheckpass/checkpass_shadow.c
@@ -27,10 +27,10 @@
#include "kcheckpass.h"
/*******************************************************************
- * This is the authentication code for Shadow-Passwords
+ * This is the authentication code for /etc/passwd and Shadow-Passwords
*******************************************************************/
-#ifdef HAVE_SHADOW
+#if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD)
#include <string.h>
#include <stdlib.h>
#include <pwd.h>
@@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method,
char *crpt_passwd;
char *password;
struct passwd *pw;
- struct spwd *spw;
if (strcmp(method, "classic"))
return AuthError;
@@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method,
if (!(pw = getpwnam(login)))
return AuthAbort;
- spw = getspnam(login);
+#ifdef HAVE_SHADOW
+ struct spwd *spw = getspnam(login);
password = spw ? spw->sp_pwdp : pw->pw_passwd;
+#else
+ password = pw->pw_passwd;
+#endif
if (!*password)
return AuthOk;
@@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method,
crpt_passwd = crypt(typed_in_password, password);
#endif
- if (!strcmp(password, crpt_passwd )) {
- dispose(typed_in_password);
- return AuthOk; /* Success */
- }
dispose(typed_in_password);
+
+ if (crpt_passwd && !strcmp(password, crpt_passwd))
+ return AuthOk; /* Success */
+
return AuthBad; /* Password wrong or account locked */
}