/*
- * auth.c -- system-level password checking for autologin
+ * system-level password checking for host auth mode
* by Nathan Bryant, March 1999
+ * updated by Trey van Riper, June 2005
*
- * $Id$
+ * Copyright (c) 1999-2009 by the citadel.org team
+ *
+ * This program is open source software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-#ifdef linux
-#define _XOPEN_SOURCE /* needed for crypt() */
-#define _XOPEN_SOURCE_EXTENDED /* needed for strdup() */
+#if defined(__linux) || defined(__sun) /* needed for crypt(): */
+#define _XOPEN_SOURCE
+#define _XOPEN_SOURCE_EXTENDED 1
#endif
#include <pwd.h>
}
#endif /* HAVE_PAM_START */
+
/*
- * validpw(): check that `pass' is the correct password for `uid'
- * returns zero if no, nonzero if yes
+ * check that `pass' is the correct password for `uid'
+ * returns zero if no, nonzero if yes
*/
-int validpw(uid_t uid, const char *pass)
+int validate_password(uid_t uid, const char *pass)
{
#ifdef HAVE_PAM_START
- struct pam_conv pc;
- struct appdata data;
- pam_handle_t *ph;
- int i;
+ struct pam_conv pc;
+ struct appdata data;
+ pam_handle_t *ph;
+ int i;
#else
- char *crypted_pwd;
+ char *crypted_pwd;
#ifdef HAVE_GETSPNAM
- struct spwd *sp;
+ struct spwd *sp;
#endif
#endif
- struct passwd *pw;
- int retval = 0;
+ struct passwd *pw;
+ int retval = 0;
+ int flags = 0;
- if ((pw = getpwuid(uid)) == NULL)
- return retval;
+ flags = 0; /* silences compiler warning */
+
+#ifdef PAM_DATA_SILENT
+ flags = ( flags | PAM_DATA_SILENT ) ;
+#endif /* PAM_DATA_SILENT */
+ if ((pw = getpwuid(uid)) == NULL) {
+ return retval;
+ }
#ifdef HAVE_PAM_START
- pc.conv = conv;
- pc.appdata_ptr = &data;
- data.name = pw->pw_name;
- data.pw = pass;
- if (pam_start("citadel", pw->pw_name, &pc, &ph) != PAM_SUCCESS)
- return retval;
-
- if ((i = pam_authenticate(ph, PAM_SILENT)) == PAM_SUCCESS)
- if ((i = pam_acct_mgmt(ph, PAM_SILENT)) == PAM_SUCCESS)
- retval = -1;
-
- pam_end(ph, i | PAM_DATA_SILENT);
+ pc.conv = conv;
+ pc.appdata_ptr = &data;
+ data.name = pw->pw_name;
+ data.pw = pass;
+ if (pam_start("citadel", pw->pw_name, &pc, &ph) != PAM_SUCCESS)
+ return retval;
+
+ if ((i = pam_authenticate(ph, flags)) == PAM_SUCCESS)
+ if ((i = pam_acct_mgmt(ph, flags)) == PAM_SUCCESS)
+ retval = -1;
+
+ pam_end(ph, i | flags);
#else
- crypted_pwd = pw->pw_passwd;
+ crypted_pwd = pw->pw_passwd;
#ifdef HAVE_GETSPNAM
- if ((sp = getspnam(pw->pw_name)) != NULL)
- crypted_pwd = sp->sp_pwdp;
+ if ((sp = getspnam(pw->pw_name)) != NULL)
+ crypted_pwd = sp->sp_pwdp;
#endif
- if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd))
- retval = -1;
-#endif /* HAVE_PAM_START */
+ if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd))
+ retval = -1;
+#endif /* HAVE_PAM_START */
- return retval;
+ return retval;
}