commands/pwdauth/pwdauth.c

   1 /*      pwdauth 2.0 - check a shadow password           Author: Kees J. Bot
   2  *                                                              7 Feb 1994
   3  *
   4  * This program gets as input the key and salt arguments of the crypt(3)
   5  * function as two null terminated strings.  The crypt result is output as
   6  * one null terminated string.  Input and output must be <= 1024 characters.
   7  * The exit code will be 1 on any error.
   8  *
   9  * If the key has the form '##name' then the key will be encrypted and the
  10  * result checked to be equal to the encrypted password in the shadow password
  11  * file.  If equal than '##name' will be returned, otherwise exit code 2.
  12  *
  13  * Otherwise the key will be encrypted normally and the result returned.
  14  *
  15  * As a special case, anything matches a null encrypted password to allow
  16  * a no-password login.
  17  */
  18 #define nil 0
  19 #include <sys/types.h>
  20 #include <pwd.h>
  21 #include <stdlib.h>
  22 #include <stdio.h>
  23 #include <string.h>
  24 #include <unistd.h>
  25
  26 #define setkey pwdauth_setkey
  27 #define encrypt pwdauth_encrypt
  28
  29 #define LEN     1024
  30
  31 int main(int argc, char **argv)
  32 {
  33         char key[LEN];
  34         char *salt;
  35         struct passwd *pw;
  36         int n;
  37
  38         /* Read input data.  Check if there are exactly two null terminated
  39          * strings.
  40          */
  41         n= read(0, key, LEN);
  42         if (n < 0) return 1;
  43         salt = key + n;
  44         n = 0;
  45         while (salt > key) if (*--salt == 0) n++;
  46         if (n != 2) return 1;
  47         salt = key + strlen(key) + 1;
  48
  49         if (salt[0] == '#' && salt[1] == '#') {
  50                 if ((pw= getpwnam(salt + 2)) == nil) return 2;
  51
  52                 /* A null encrypted password matches a null key, otherwise
  53                  * do the normal crypt(3) authentication check.
  54                  */
  55                 if (*pw->pw_passwd == 0 && *key == 0) {
  56                         /* fine */
  57                 } else
  58                 if (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) != 0) {
  59                         return 2;
  60                 }
  61         } else {
  62                 /* Normal encryption. */
  63                 if (*salt == 0 && *key == 0) {
  64                         /* fine */
  65                 } else {
  66                         salt= crypt(key, salt);
  67                 }
  68         }
  69
  70         /* Return the (possibly new) salt to the caller. */
  71         if (write(1, salt, strlen(salt) + 1) < 0) return 1;
  72         return 0;
  73 }