search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
not quite so much needs to be delayed to the init() function
[personal-kdebase.git] / workspace / kcheckpass / checkpass_osfc2passwd.c
blob9a074f987fe5dc28974d4e2e8926704bef63fd86
1 /*
2 *
3 * Copyright (C) 1999 Mark Davies <mark@MCS.VUW.AC.NZ>
4 * Copyright (C) 2003 Oswald Buddenhagen <ossi@kde.org>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public
17 * License along with this program; if not, write to the Free
18 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
19 *
20 */
21
22 #include "kcheckpass.h"
23
24 #ifdef HAVE_OSF_C2_PASSWD
25
26 static char *osf1c2crypt(const char *pw, char *salt);
27 static int osf1c2_getprpwent(char *p, char *n, int len);
28
29 /*******************************************************************
30 * This is the authentication code for OSF C2 security passwords
31 *******************************************************************/
32
33 #include <stdio.h>
34 #include <string.h>
35 #include <stdlib.h>
36
37 AuthReturn Authenticate(const char *method,
38 const char *login, char *(*conv) (ConvRequest, const char *))
39 {
40 char *passwd;
41 char c2passwd[256];
42
43 if (strcmp(method, "classic"))
44 return AuthError;
45
46 if (!osf1c2_getprpwent(c2passwd, login, sizeof(c2passwd)))
47 return AuthBad;
48
49 if (!*c2passwd)
50 return AuthOk;
51
52 if (!(passwd = conv(ConvGetHidden, 0)))
53 return AuthAbort;
54
55 if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) {
56 dispose(passwd);
57 return AuthOk; /* Success */
58 }
59 dispose(passwd);
60 return AuthBad; /* Password wrong or account locked */
61 }
62
63
64 /*
65 The following code was lifted from the file osfc2.c from the ssh 1.2.26
66 distribution. Parts of the code that were not needed by kcheckpass
67 (notably the osf1c2_check_account_and_terminal() function and the code
68 to set the external variable days_before_password_expires have been
69 removed). The original copyright from the osfc2.c file is included
70 below.
71 */
72
73 /*
74
75 osfc2.c
76
77 Author: Christophe Wolfhugel
78
79 Copyright (c) 1995 Christophe Wolfhugel
80
81 Free use of this file is permitted for any purpose as long as
82 this copyright is preserved in the header.
83
84 This program implements the use of the OSF/1 C2 security extensions
85 within ssh. See the file COPYING for full licensing information.
86
87 */
88
89 #include <sys/security.h>
90 #include <prot.h>
91 #include <sia.h>
92
93 static int c2security = -1;
94 static int crypt_algo;
95
96 static void
97 initialize_osf_security(int ac, char **av)
98 {
99 FILE *f;
100 char buf[256];
101 char siad[] = "siad_ses_init=";
102
103 if (access(SIAIGOODFILE, F_OK) == -1)
104 {
105 /* Broken OSF/1 system, better don't run on it. */
106 fprintf(stderr, SIAIGOODFILE);
107 fprintf(stderr, " does not exist. Your OSF/1 system is probably broken\n");
108 exit(1);
109 }
110 if ((f = fopen(MATRIX_CONF, "r")) == NULL)
111 {
112 /* Another way OSF/1 is probably broken. */
113 fprintf(stderr, "%s unreadable. Your OSF/1 system is probably broken.\n"
114
115 MATRIX_CONF);
116 exit(1);
117 }
118
119 /* Read matrix.conf to check if we run C2 or not */
120 while (fgets(buf, sizeof(buf), f) != NULL)
121 {
122 if (strncmp(buf, siad, sizeof(siad) - 1) == 0)
123 {
124 if (strstr(buf, "OSFC2") != NULL)
125 c2security = 1;
126 else if (strstr(buf, "BSD") != NULL)
127 c2security = 0;
128 break;
129 }
130 }
131 fclose(f);
132 if (c2security == -1)
133 {
134 fprintf(stderr, "C2 security initialization failed : could not determine security level.\n");
135 exit(1);
136 }
137 if (c2security == 1)
138 set_auth_parameters(ac, av);
139 }
140
141
142 static int
143 osf1c2_getprpwent(char *p, char *n, int len)
144 {
145 time_t pschg, tnow;
146
147 if (c2security == 1)
148 {
149 struct es_passwd *es;
150 struct pr_passwd *pr = getprpwnam(n);
151 if (pr)
152 {
153 strlcpy(p, pr->ufld.fd_encrypt, len);
154 crypt_algo = pr->ufld.fd_oldcrypt;
155
156 tnow = time(NULL);
157 if (pr->uflg.fg_schange == 1)
158 pschg = pr->ufld.fd_schange;
159 else
160 pschg = 0;
161 if (pr->uflg.fg_template == 0)
162 {
163 /** default template, system values **/
164 if (pr->sflg.fg_lifetime == 1)
165 if (pr->sfld.fd_lifetime > 0 &&
166 pschg + pr->sfld.fd_lifetime < tnow)
167 return 1;
168 }
169 else /** user template, specific values **/
170 {
171 es = getespwnam(pr->ufld.fd_template);
172 if (es)
173 {
174 if (es->uflg->fg_expire == 1)
175 if (es->ufld->fd_expire > 0 &&
176 pschg + es->ufld->fd_expire < tnow)
177 return 1;
178 }
179 }
180 }
181 }
182 else
183 {
184 struct passwd *pw = getpwnam(n);
185 if (pw)
186 {
187 strlcpy(p, pw->pw_passwd, len);
188 return 1;
189 }
190 }
191 return 0;
192 }
193
194 static char *
195 osf1c2crypt(const char *pw, char *salt)
196 {
197 if (c2security == 1) {
198 return(dispcrypt(pw, salt, crypt_algo));
199 } else
200 return(crypt(pw, salt));
201 }
202
203 #endif
My personal kdebase copy