X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fauth.c;h=248b74bbea3162a2963e7a5ab8b3366fe0cff27a;hb=6946ee9e9f23584fbc2b6a83ab9a2c24dddf2547;hp=d23ca24dcf99757fce27ceddff11519eb52874bf;hpb=86af5f9ab22255a00fc987076e1c7e5f3942504a;p=citadel.git diff --git a/citadel/auth.c b/citadel/auth.c index d23ca24dc..248b74bbe 100644 --- a/citadel/auth.c +++ b/citadel/auth.c @@ -1,10 +1,17 @@ /* - * $Id$ - * * system-level password checking for host auth mode * by Nathan Bryant, March 1999 * updated by Trey van Riper, June 2005 * + * Copyright (c) 1999-2016 by the citadel.org team + * + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #if defined(__linux) || defined(__sun) /* needed for crypt(): */ @@ -78,12 +85,16 @@ static int conv(int num_msg, const struct pam_message **msg, /* - * validpw(): check that `pass' is the correct password for `uid' - * returns zero if no, nonzero if yes + * check that `pass' is the correct password for `uid' + * returns zero if no, nonzero if yes */ -int validpw(uid_t uid, const char *pass) +int validate_password(uid_t uid, const char *pass) { + if (pass == NULL) { + return(0); + } + #ifdef HAVE_PAM_START struct pam_conv pc; struct appdata data; @@ -97,42 +108,49 @@ int validpw(uid_t uid, const char *pass) #endif struct passwd *pw; int retval = 0; - int flags = 0; - - flags = 0; /* silences compiler warning */ -#ifdef PAM_DATA_SILENT - flags = ( flags | PAM_DATA_SILENT ) ; -#endif /* PAM_DATA_SILENT */ - if ((pw = getpwuid(uid)) == NULL) { + pw = getpwuid(uid); + if (pw == NULL) { return retval; } #ifdef HAVE_PAM_START + +#ifdef PAM_DATA_SILENT + int flags = PAM_DATA_SILENT; +#else + int flags = 0; +#endif + pc.conv = conv; pc.appdata_ptr = &data; data.name = pw->pw_name; data.pw = pass; if (pam_start("citadel", pw->pw_name, &pc, &ph) != PAM_SUCCESS) - return retval; + return(0); - if ((i = pam_authenticate(ph, flags)) == PAM_SUCCESS) - if ((i = pam_acct_mgmt(ph, flags)) == PAM_SUCCESS) + if ((i = pam_authenticate(ph, flags)) == PAM_SUCCESS) { + if ((i = pam_acct_mgmt(ph, flags)) == PAM_SUCCESS) { retval = -1; + } + } pam_end(ph, i | flags); #else crypted_pwd = pw->pw_passwd; #ifdef HAVE_GETSPNAM - if ((sp = getspnam(pw->pw_name)) != NULL) + if (pw == NULL) return(0); + if (pw->pw_name == NULL) return(0); + if ((sp = getspnam(pw->pw_name)) != NULL) { crypted_pwd = sp->sp_pwdp; + } #endif - if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd)) + if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd)) { retval = -1; + } #endif /* HAVE_PAM_START */ return retval; } -