diff options
author | Bobby Bingham <[email protected]> | 2023-03-30 21:54:25 -0500 |
---|---|---|
committer | Michele Calgaro <[email protected]> | 2023-06-05 12:01:42 +0900 |
commit | 61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2 (patch) | |
tree | 1b62f8f925069fb0ed2c1dd056e362f9f7d6faad /kcheckpass | |
parent | 5b795608e0ea643205bbd16f1ef4ab9c6187c9fe (diff) | |
download | tdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.tar.gz tdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.zip |
kcheckpass: fix shadow support when not building tdm
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide
whether to support shadow passwords. However, this was only set if also
building tdm.
Consolidate all PAM/shadow configure checks at the top level so these are
always set correctly.
2. Consolidate /etc/passwd and shadow password handling
The shadow password handler already completely handles /etc/passwd
passwords as well, so having a separate handler for just /etc/passwd is
pure code duplication.
Signed-off-by: Bobby Bingham <[email protected]>
(cherry picked from commit 8c543e26ec35237d00ec44fadda80318c386fdde)
Diffstat (limited to 'kcheckpass')
-rw-r--r-- | kcheckpass/CMakeLists.txt | 2 | ||||
-rw-r--r-- | kcheckpass/checkpass_etcpasswd.c | 60 | ||||
-rw-r--r-- | kcheckpass/checkpass_shadow.c | 19 | ||||
-rw-r--r-- | kcheckpass/kcheckpass.h | 8 |
4 files changed, 12 insertions, 77 deletions
diff --git a/kcheckpass/CMakeLists.txt b/kcheckpass/CMakeLists.txt index 5e83ee41e..b2091e0ce 100644 --- a/kcheckpass/CMakeLists.txt +++ b/kcheckpass/CMakeLists.txt @@ -24,7 +24,7 @@ include_directories( tde_add_executable( kcheckpass AUTOMOC SOURCES - kcheckpass.c checkpass_etcpasswd.c checkpass_pam.c + kcheckpass.c checkpass_pam.c checkpass_shadow.c checkpass_osfc2passwd.c checkpass_aix.c LINK tdefakes-shared ${CRYPT_LIBRARY} ${PAM_LIBRARY} DESTINATION ${BIN_INSTALL_DIR} diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c deleted file mode 100644 index 1dbe06f70..000000000 --- a/kcheckpass/checkpass_etcpasswd.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1998 Christian Esken <[email protected]> - * Copyright (c) 2003 Oswald Buddenhagen <[email protected]> - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public - * License along with this program; if not, write to the Free - * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - * Copyright (C) 1998, Christian Esken <[email protected]> - */ - -#include "kcheckpass.h" - -#ifdef HAVE_ETCPASSWD - -/******************************************************************* - * This is the authentication code for /etc/passwd passwords - *******************************************************************/ - -#include <string.h> -#include <stdlib.h> - -AuthReturn Authenticate(const char *method, - const char *login, char *(*conv) (ConvRequest, const char *)) -{ - struct passwd *pw; - char *passwd; - - if (strcmp(method, "classic")) - return AuthError; - - /* Get the password entry for the user we want */ - if (!(pw = getpwnam(login))) - return AuthBad; - - if (!*pw->pw_passwd) - return AuthOk; - - if (!(passwd = conv(ConvGetHidden, 0))) - return AuthAbort; - - if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) { - dispose(passwd); - return AuthOk; /* Success */ - } - dispose(passwd); - return AuthBad; /* Password wrong or account locked */ -} - -#endif diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c index 850bf06d4..e721582d5 100644 --- a/kcheckpass/checkpass_shadow.c +++ b/kcheckpass/checkpass_shadow.c @@ -27,10 +27,10 @@ #include "kcheckpass.h" /******************************************************************* - * This is the authentication code for Shadow-Passwords + * This is the authentication code for /etc/passwd and Shadow-Passwords *******************************************************************/ -#ifdef HAVE_SHADOW +#if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD) #include <string.h> #include <stdlib.h> #include <pwd.h> @@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method, char *crpt_passwd; char *password; struct passwd *pw; - struct spwd *spw; if (strcmp(method, "classic")) return AuthError; @@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method, if (!(pw = getpwnam(login))) return AuthAbort; - spw = getspnam(login); +#ifdef HAVE_SHADOW + struct spwd *spw = getspnam(login); password = spw ? spw->sp_pwdp : pw->pw_passwd; +#else + password = pw->pw_passwd; +#endif if (!*password) return AuthOk; @@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method, crpt_passwd = crypt(typed_in_password, password); #endif - if (!strcmp(password, crpt_passwd )) { - dispose(typed_in_password); - return AuthOk; /* Success */ - } dispose(typed_in_password); + + if (crpt_passwd && !strcmp(password, crpt_passwd)) + return AuthOk; /* Success */ + return AuthBad; /* Password wrong or account locked */ } diff --git a/kcheckpass/kcheckpass.h b/kcheckpass/kcheckpass.h index e1351375a..66a242856 100644 --- a/kcheckpass/kcheckpass.h +++ b/kcheckpass/kcheckpass.h @@ -43,17 +43,9 @@ #include <crypt.h> #endif -#ifdef HAVE_PATHS_H -#include <paths.h> -#endif - #include <pwd.h> #include <sys/types.h> -#ifndef _PATH_TMP -#define _PATH_TMP "/tmp/" -#endif - #ifdef ultrix #include <auth.h> |