workspace/kcheckpass/checkpass_shadow.c

   1 /*
   2  * Copyright (C) 1998 Christian Esken <esken@kde.org>
   3  * Copyright (C) 2003 Oswald Buddenhagen <ossi@kde.org>
   4  *
   5  * This is a modified version of checkpass_shadow.cpp
   6  *
   7  * Modifications made by Thorsten Kukuk <kukuk@suse.de>
   8  *                       Mathias Kettner <kettner@suse.de>
   9  *
  10  * ------------------------------------------------------------
  11  *
  12  * This program is free software; you can redistribute it and/or
  13  * modify it under the terms of the GNU General Public
  14  * License as published by the Free Software Foundation; either
  15  * version 2 of the License, or (at your option) any later version.
  16  *
  17  * This program is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  20  * General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU General Public
  23  * License along with this program; if not, write to the Free
  24  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  25  */
  26
  27 #include "kcheckpass.h"
  28
  29 /*******************************************************************
  30  * This is the authentication code for Shadow-Passwords
  31  *******************************************************************/
  32
  33 #ifdef HAVE_SHADOW
  34 #include <string.h>
  35 #include <stdlib.h>
  36 #include <pwd.h>
  37
  38 #ifndef __hpux
  39 #include <shadow.h>
  40 #endif
  41
  42 AuthReturn Authenticate(const char *method,
  43         const char *login, char *(*conv) (ConvRequest, const char *))
  44 {
  45   char          *typed_in_password;
  46   char          *crpt_passwd;
  47   char          *password;
  48   struct passwd *pw;
  49   struct spwd   *spw;
  50
  51   if (strcmp(method, "classic"))
  52     return AuthError;
  53
  54   if (!(pw = getpwnam(login)))
  55     return AuthAbort;
  56
  57   spw = getspnam(login);
  58   password = spw ? spw->sp_pwdp : pw->pw_passwd;
  59
  60   if (!*password)
  61     return AuthOk;
  62
  63   if (!(typed_in_password = conv(ConvGetHidden, 0)))
  64     return AuthAbort;
  65
  66 #if defined( __linux__ ) && defined( HAVE_PW_ENCRYPT )
  67   crpt_passwd = pw_encrypt(typed_in_password, password);  /* (1) */
  68 #else
  69   crpt_passwd = crypt(typed_in_password, password);
  70 #endif
  71
  72   if (!strcmp(password, crpt_passwd )) {
  73     dispose(typed_in_password);
  74     return AuthOk; /* Success */
  75   }
  76   dispose(typed_in_password);
  77   return AuthBad; /* Password wrong or account locked */
  78 }
  79
  80 /*
  81  (1) Deprecated - long passwords have known weaknesses.  Also,
  82      pw_encrypt is non-standard (requires libshadow.a) while
  83      everything else you need to support shadow passwords is in
  84      the standard (ELF) libc.
  85  */
  86 #endif