diff options
| author | Bobby Bingham <[email protected]> | 2023-03-30 21:54:25 -0500 |
|---|---|---|
| committer | Michele Calgaro <[email protected]> | 2023-06-05 12:01:42 +0900 |
| commit | 61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2 (patch) | |
| tree | 1b62f8f925069fb0ed2c1dd056e362f9f7d6faad /kcheckpass/checkpass_shadow.c | |
| parent | 5b795608e0ea643205bbd16f1ef4ab9c6187c9fe (diff) | |
| download | tdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.tar.gz tdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.zip | |
kcheckpass: fix shadow support when not building tdm
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide
whether to support shadow passwords. However, this was only set if also
building tdm.
Consolidate all PAM/shadow configure checks at the top level so these are
always set correctly.
2. Consolidate /etc/passwd and shadow password handling
The shadow password handler already completely handles /etc/passwd
passwords as well, so having a separate handler for just /etc/passwd is
pure code duplication.
Signed-off-by: Bobby Bingham <[email protected]>
(cherry picked from commit 8c543e26ec35237d00ec44fadda80318c386fdde)
Diffstat (limited to 'kcheckpass/checkpass_shadow.c')
| -rw-r--r-- | kcheckpass/checkpass_shadow.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c index 850bf06d4..e721582d5 100644 --- a/kcheckpass/checkpass_shadow.c +++ b/kcheckpass/checkpass_shadow.c @@ -27,10 +27,10 @@ #include "kcheckpass.h" /******************************************************************* - * This is the authentication code for Shadow-Passwords + * This is the authentication code for /etc/passwd and Shadow-Passwords *******************************************************************/ -#ifdef HAVE_SHADOW +#if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD) #include <string.h> #include <stdlib.h> #include <pwd.h> @@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method, char *crpt_passwd; char *password; struct passwd *pw; - struct spwd *spw; if (strcmp(method, "classic")) return AuthError; @@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method, if (!(pw = getpwnam(login))) return AuthAbort; - spw = getspnam(login); +#ifdef HAVE_SHADOW + struct spwd *spw = getspnam(login); password = spw ? spw->sp_pwdp : pw->pw_passwd; +#else + password = pw->pw_passwd; +#endif if (!*password) return AuthOk; @@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method, crpt_passwd = crypt(typed_in_password, password); #endif - if (!strcmp(password, crpt_passwd )) { - dispose(typed_in_password); - return AuthOk; /* Success */ - } dispose(typed_in_password); + + if (crpt_passwd && !strcmp(password, crpt_passwd)) + return AuthOk; /* Success */ + return AuthBad; /* Password wrong or account locked */ } |