1124208Sdes/* 2124208Sdes * Copyright (c) 2003 Ben Lindstrom. All rights reserved. 3124208Sdes * 4124208Sdes * Redistribution and use in source and binary forms, with or without 5124208Sdes * modification, are permitted provided that the following conditions 6124208Sdes * are met: 7124208Sdes * 1. Redistributions of source code must retain the above copyright 8124208Sdes * notice, this list of conditions and the following disclaimer. 9124208Sdes * 2. Redistributions in binary form must reproduce the above copyright 10124208Sdes * notice, this list of conditions and the following disclaimer in the 11124208Sdes * documentation and/or other materials provided with the distribution. 12124208Sdes * 13124208Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14124208Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15124208Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16124208Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17124208Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18124208Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19124208Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20124208Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21124208Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22124208Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23124208Sdes */ 24124208Sdes 25124208Sdes#include "includes.h" 26124208Sdes 27162852Sdes#include <sys/types.h> 28162852Sdes#include <unistd.h> 29162852Sdes#include <pwd.h> 30162852Sdes 31192595Sdes# if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE) 32124208Sdes# include <crypt.h> 33124208Sdes# endif 34124208Sdes 35124208Sdes# ifdef __hpux 36124208Sdes# include <hpsecurity.h> 37124208Sdes# include <prot.h> 38124208Sdes# endif 39124208Sdes 40124208Sdes# ifdef HAVE_SECUREWARE 41124208Sdes# include <sys/security.h> 42124208Sdes# include <sys/audit.h> 43124208Sdes# include <prot.h> 44124208Sdes# endif 45124208Sdes 46124208Sdes# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 47124208Sdes# include <shadow.h> 48124208Sdes# endif 49124208Sdes 50124208Sdes# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) 51124208Sdes# include <sys/label.h> 52124208Sdes# include <sys/audit.h> 53124208Sdes# include <pwdadj.h> 54124208Sdes# endif 55124208Sdes 56124208Sdes# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) 57124208Sdes# include "md5crypt.h" 58263970Sdes# endif 59124208Sdes 60263970Sdes# if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) 61263970Sdes# include <openssl/des.h> 62263970Sdes# define crypt DES_crypt 63263970Sdes# endif 64263970Sdes 65124208Sdeschar * 66124208Sdesxcrypt(const char *password, const char *salt) 67124208Sdes{ 68124208Sdes char *crypted; 69124208Sdes 70124208Sdes# ifdef HAVE_MD5_PASSWORDS 71124208Sdes if (is_md5_salt(salt)) 72124208Sdes crypted = md5_crypt(password, salt); 73124208Sdes else 74124208Sdes crypted = crypt(password, salt); 75124208Sdes# elif defined(__hpux) && !defined(HAVE_SECUREWARE) 76124208Sdes if (iscomsec()) 77124208Sdes crypted = bigcrypt(password, salt); 78124208Sdes else 79124208Sdes crypted = crypt(password, salt); 80124208Sdes# elif defined(HAVE_SECUREWARE) 81124208Sdes crypted = bigcrypt(password, salt); 82124208Sdes# else 83124208Sdes crypted = crypt(password, salt); 84124208Sdes# endif 85124208Sdes 86124208Sdes return crypted; 87124208Sdes} 88124208Sdes 89124208Sdes/* 90124208Sdes * Handle shadowed password systems in a cleaner way for portable 91124208Sdes * version. 92124208Sdes */ 93124208Sdes 94124208Sdeschar * 95124208Sdesshadow_pw(struct passwd *pw) 96124208Sdes{ 97124208Sdes char *pw_password = pw->pw_passwd; 98124208Sdes 99124208Sdes# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 100124208Sdes struct spwd *spw = getspnam(pw->pw_name); 101124208Sdes 102124208Sdes if (spw != NULL) 103124208Sdes pw_password = spw->sp_pwdp; 104124208Sdes# endif 105149749Sdes 106181111Sdes#ifdef USE_LIBIAF 107149749Sdes return(get_iaf_password(pw)); 108149749Sdes#endif 109149749Sdes 110124208Sdes# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) 111124208Sdes struct passwd_adjunct *spw; 112124208Sdes if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) 113124208Sdes pw_password = spw->pwa_passwd; 114124208Sdes# elif defined(HAVE_SECUREWARE) 115124208Sdes struct pr_passwd *spw = getprpwnam(pw->pw_name); 116124208Sdes 117124208Sdes if (spw != NULL) 118124208Sdes pw_password = spw->ufld.fd_encrypt; 119124208Sdes# endif 120124208Sdes 121124208Sdes return pw_password; 122124208Sdes} 123