1/*-
2 * Copyright 1998 Juniper Networks, Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
|
26 * $FreeBSD: head/lib/libpam/modules/pam_unix/pam_unix.c 41228 1998-11-18 01:44:37Z jdp $
|
| 26 * $FreeBSD: head/lib/libpam/modules/pam_unix/pam_unix.c 42917 1999-01-20 21:55:30Z jdp $ |
27 */
28
29#include <sys/types.h>
30#include <pwd.h>
31#include <stdlib.h>
32#include <string.h>
33#include <unistd.h>
34
35#define PAM_SM_AUTH
36#include <security/pam_modules.h>
37
38#include "pam_mod_misc.h"
39
40#define PASSWORD_PROMPT "Password:"
41
42PAM_EXTERN int
43pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
44 const char **argv)
45{
46 int retval;
47 const char *user;
48 const char *password;
49 struct passwd *pwd;
50 char *encrypted;
51 int options;
52 int i;
53
54 options = 0;
55 for (i = 0; i < argc; i++)
56 pam_std_option(&options, argv[i]);
57 if ((retval = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
58 return retval;
59 if ((retval = pam_get_pass(pamh, &password, PASSWORD_PROMPT,
60 options)) != PAM_SUCCESS)
61 return retval;
62 if ((pwd = getpwnam(user)) != NULL) {
63 encrypted = crypt(password, pwd->pw_passwd);
64 if (password[0] == '\0' && pwd->pw_passwd != '\0')
65 encrypted = ":";
66
67 retval = strcmp(encrypted, pwd->pw_passwd) == 0 ?
68 PAM_SUCCESS : PAM_AUTH_ERR;
69 } else {
70 /*
71 * User unknown. Encrypt anyway so that it takes the
72 * same amount of time.
73 */
74 crypt(password, "xx");
75 retval = PAM_AUTH_ERR;
76 }
77 /*
78 * The PAM infrastructure will obliterate the cleartext
79 * password before returning to the application.
80 */
81 return retval;
82}
83
84PAM_EXTERN int
85pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
86{
87 return PAM_SUCCESS;
88}
|
89
90PAM_MODULE_ENTRY("pam_unix"); |
|