summaryrefslogtreecommitdiffstats
path: root/kcheckpass
diff options
context:
space:
mode:
authorBobby Bingham <[email protected]>2023-03-30 21:54:25 -0500
committerMichele Calgaro <[email protected]>2023-06-05 12:01:42 +0900
commit61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2 (patch)
tree1b62f8f925069fb0ed2c1dd056e362f9f7d6faad /kcheckpass
parent5b795608e0ea643205bbd16f1ef4ab9c6187c9fe (diff)
downloadtdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.tar.gz
tdebase-61357f5f74e91ac7bc1ed8c6a5b9a0da373e22c2.zip
kcheckpass: fix shadow support when not building tdm
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide whether to support shadow passwords. However, this was only set if also building tdm. Consolidate all PAM/shadow configure checks at the top level so these are always set correctly. 2. Consolidate /etc/passwd and shadow password handling The shadow password handler already completely handles /etc/passwd passwords as well, so having a separate handler for just /etc/passwd is pure code duplication. Signed-off-by: Bobby Bingham <[email protected]> (cherry picked from commit 8c543e26ec35237d00ec44fadda80318c386fdde)
Diffstat (limited to 'kcheckpass')
-rw-r--r--kcheckpass/CMakeLists.txt2
-rw-r--r--kcheckpass/checkpass_etcpasswd.c60
-rw-r--r--kcheckpass/checkpass_shadow.c19
-rw-r--r--kcheckpass/kcheckpass.h8
4 files changed, 12 insertions, 77 deletions
diff --git a/kcheckpass/CMakeLists.txt b/kcheckpass/CMakeLists.txt
index 5e83ee41e..b2091e0ce 100644
--- a/kcheckpass/CMakeLists.txt
+++ b/kcheckpass/CMakeLists.txt
@@ -24,7 +24,7 @@ include_directories(
tde_add_executable( kcheckpass AUTOMOC
SOURCES
- kcheckpass.c checkpass_etcpasswd.c checkpass_pam.c
+ kcheckpass.c checkpass_pam.c
checkpass_shadow.c checkpass_osfc2passwd.c checkpass_aix.c
LINK tdefakes-shared ${CRYPT_LIBRARY} ${PAM_LIBRARY}
DESTINATION ${BIN_INSTALL_DIR}
diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c
deleted file mode 100644
index 1dbe06f70..000000000
--- a/kcheckpass/checkpass_etcpasswd.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright (c) 1998 Christian Esken <[email protected]>
- * Copyright (c) 2003 Oswald Buddenhagen <[email protected]>
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public
- * License along with this program; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- *
- * Copyright (C) 1998, Christian Esken <[email protected]>
- */
-
-#include "kcheckpass.h"
-
-#ifdef HAVE_ETCPASSWD
-
-/*******************************************************************
- * This is the authentication code for /etc/passwd passwords
- *******************************************************************/
-
-#include <string.h>
-#include <stdlib.h>
-
-AuthReturn Authenticate(const char *method,
- const char *login, char *(*conv) (ConvRequest, const char *))
-{
- struct passwd *pw;
- char *passwd;
-
- if (strcmp(method, "classic"))
- return AuthError;
-
- /* Get the password entry for the user we want */
- if (!(pw = getpwnam(login)))
- return AuthBad;
-
- if (!*pw->pw_passwd)
- return AuthOk;
-
- if (!(passwd = conv(ConvGetHidden, 0)))
- return AuthAbort;
-
- if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
- dispose(passwd);
- return AuthOk; /* Success */
- }
- dispose(passwd);
- return AuthBad; /* Password wrong or account locked */
-}
-
-#endif
diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
index 850bf06d4..e721582d5 100644
--- a/kcheckpass/checkpass_shadow.c
+++ b/kcheckpass/checkpass_shadow.c
@@ -27,10 +27,10 @@
#include "kcheckpass.h"
/*******************************************************************
- * This is the authentication code for Shadow-Passwords
+ * This is the authentication code for /etc/passwd and Shadow-Passwords
*******************************************************************/
-#ifdef HAVE_SHADOW
+#if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD)
#include <string.h>
#include <stdlib.h>
#include <pwd.h>
@@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method,
char *crpt_passwd;
char *password;
struct passwd *pw;
- struct spwd *spw;
if (strcmp(method, "classic"))
return AuthError;
@@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method,
if (!(pw = getpwnam(login)))
return AuthAbort;
- spw = getspnam(login);
+#ifdef HAVE_SHADOW
+ struct spwd *spw = getspnam(login);
password = spw ? spw->sp_pwdp : pw->pw_passwd;
+#else
+ password = pw->pw_passwd;
+#endif
if (!*password)
return AuthOk;
@@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method,
crpt_passwd = crypt(typed_in_password, password);
#endif
- if (!strcmp(password, crpt_passwd )) {
- dispose(typed_in_password);
- return AuthOk; /* Success */
- }
dispose(typed_in_password);
+
+ if (crpt_passwd && !strcmp(password, crpt_passwd))
+ return AuthOk; /* Success */
+
return AuthBad; /* Password wrong or account locked */
}
diff --git a/kcheckpass/kcheckpass.h b/kcheckpass/kcheckpass.h
index e1351375a..66a242856 100644
--- a/kcheckpass/kcheckpass.h
+++ b/kcheckpass/kcheckpass.h
@@ -43,17 +43,9 @@
#include <crypt.h>
#endif
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-
#include <pwd.h>
#include <sys/types.h>
-#ifndef _PATH_TMP
-#define _PATH_TMP "/tmp/"
-#endif
-
#ifdef ultrix
#include <auth.h>