X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fauth.c;h=07f4e9fa701bdc0cc7dc29a60e7f74fd63b38f34;hb=aa7365c86de8e26e796d3aa3fd605c85d8c26220;hp=37b989aff496f6833e4f27cbaeb33b4929aafc1f;hpb=cea771722e07808fbbb1858cc71030218e44ea26;p=citadel.git diff --git a/citadel/auth.c b/citadel/auth.c index 37b989aff..07f4e9fa7 100644 --- a/citadel/auth.c +++ b/citadel/auth.c @@ -1,8 +1,17 @@ /* - * auth.c -- system-level password checking for autologin + * system-level password checking for host auth mode * by Nathan Bryant, March 1999 + * updated by Trey van Riper, June 2005 * - * $Id$ + * Copyright (c) 1999-2009 by the citadel.org team + * + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #if defined(__linux) || defined(__sun) /* needed for crypt(): */ @@ -74,54 +83,63 @@ static int conv(int num_msg, const struct pam_message **msg, } #endif /* HAVE_PAM_START */ + /* - * validpw(): check that `pass' is the correct password for `uid' - * returns zero if no, nonzero if yes + * check that `pass' is the correct password for `uid' + * returns zero if no, nonzero if yes */ -int validpw(uid_t uid, const char *pass) +int validate_password(uid_t uid, const char *pass) { #ifdef HAVE_PAM_START - struct pam_conv pc; - struct appdata data; - pam_handle_t *ph; - int i; + struct pam_conv pc; + struct appdata data; + pam_handle_t *ph; + int i; #else - char *crypted_pwd; + char *crypted_pwd; #ifdef HAVE_GETSPNAM - struct spwd *sp; + struct spwd *sp; #endif #endif - struct passwd *pw; - int retval = 0; + struct passwd *pw; + int retval = 0; + int flags = 0; - if ((pw = getpwuid(uid)) == NULL) - return retval; +#ifdef PAM_DATA_SILENT + flags = PAM_DATA_SILENT; +#else + flags = 0; +#endif /* PAM_DATA_SILENT */ + + if ((pw = getpwuid(uid)) == NULL) { + return retval; + } #ifdef HAVE_PAM_START - pc.conv = conv; - pc.appdata_ptr = &data; - data.name = pw->pw_name; - data.pw = pass; - if (pam_start("citadel", pw->pw_name, &pc, &ph) != PAM_SUCCESS) - return retval; - - if ((i = pam_authenticate(ph, PAM_SILENT)) == PAM_SUCCESS) - if ((i = pam_acct_mgmt(ph, PAM_SILENT)) == PAM_SUCCESS) - retval = -1; - - pam_end(ph, i | PAM_DATA_SILENT); + pc.conv = conv; + pc.appdata_ptr = &data; + data.name = pw->pw_name; + data.pw = pass; + if (pam_start("citadel", pw->pw_name, &pc, &ph) != PAM_SUCCESS) + return retval; + + if ((i = pam_authenticate(ph, flags)) == PAM_SUCCESS) + if ((i = pam_acct_mgmt(ph, flags)) == PAM_SUCCESS) + retval = -1; + + pam_end(ph, i | flags); #else - crypted_pwd = pw->pw_passwd; + crypted_pwd = pw->pw_passwd; #ifdef HAVE_GETSPNAM - if ((sp = getspnam(pw->pw_name)) != NULL) - crypted_pwd = sp->sp_pwdp; + if ((sp = getspnam(pw->pw_name)) != NULL) + crypted_pwd = sp->sp_pwdp; #endif - if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd)) - retval = -1; -#endif /* HAVE_PAM_START */ + if (!strcmp(crypt(pass, crypted_pwd), crypted_pwd)) + retval = -1; +#endif /* HAVE_PAM_START */ - return retval; + return retval; }