1/*
2 * Copyright (c) 1998-2005, 2010 Todd C. Miller <Todd.Miller@courtesan.com>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 *
16 * Sponsored in part by the Defense Advanced Research Projects
17 * Agency (DARPA) and Air Force Research Laboratory, Air Force
18 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
19 */
20
21#include <config.h>
22
23#include <sys/types.h>
24#include <sys/param.h>
25#include <stdio.h>
26#ifdef STDC_HEADERS
27# include <stdlib.h>
28# include <stddef.h>
29#else
30# ifdef HAVE_STDLIB_H
31#  include <stdlib.h>
32# endif
33#endif /* STDC_HEADERS */
34#ifdef HAVE_STRING_H
35# include <string.h>
36#endif /* HAVE_STRING_H */
37#ifdef HAVE_STRINGS_H
38# include <strings.h>
39#endif /* HAVE_STRINGS_H */
40#ifdef HAVE_UNISTD_H
41# include <unistd.h>
42#endif /* HAVE_UNISTD_H */
43#include <pwd.h>
44#ifdef __hpux
45#  undef MAXINT
46#  include <hpsecurity.h>
47#else
48#  include <sys/security.h>
49#endif /* __hpux */
50#include <prot.h>
51
52#include "sudo.h"
53#include "sudo_auth.h"
54
55int
56secureware_init(pw, auth)
57    struct passwd *pw;
58    sudo_auth *auth;
59{
60#ifdef __alpha
61    extern int crypt_type;
62
63    if (crypt_type == INT_MAX)
64	return AUTH_FAILURE;			/* no shadow */
65#endif
66    sudo_setspent();
67    auth->data = sudo_getepw(pw);
68    sudo_endspent();
69    return AUTH_SUCCESS;
70}
71
72int
73secureware_verify(pw, pass, auth)
74    struct passwd *pw;
75    char *pass;
76    sudo_auth *auth;
77{
78    char *pw_epasswd = auth->data;
79#ifdef __alpha
80    extern int crypt_type;
81
82#  ifdef HAVE_DISPCRYPT
83    if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0)
84	return AUTH_SUCCESS;
85#  else
86    if (crypt_type == AUTH_CRYPT_BIGCRYPT) {
87	if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
88	    return AUTH_SUCCESS;
89    } else if (crypt_type == AUTH_CRYPT_CRYPT16) {
90	if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0)
91	    return AUTH_SUCCESS;
92    }
93#  endif /* HAVE_DISPCRYPT */
94#elif defined(HAVE_BIGCRYPT)
95    if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0)
96	return AUTH_SUCCESS;
97#endif /* __alpha */
98
99	return AUTH_FAILURE;
100}
101
102int
103secureware_cleanup(pw, auth)
104    struct passwd *pw;
105    sudo_auth *auth;
106{
107    char *pw_epasswd = auth->data;
108
109    if (pw_epasswd != NULL) {
110	zero_bytes(pw_epasswd, strlen(pw_epasswd));
111	efree(pw_epasswd);
112    }
113    return AUTH_SUCCESS;
114}
115