1/* 2 * Copyright (c) 1998-2005, 2010 Todd C. Miller <Todd.Miller@courtesan.com> 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 * 16 * Sponsored in part by the Defense Advanced Research Projects 17 * Agency (DARPA) and Air Force Research Laboratory, Air Force 18 * Materiel Command, USAF, under agreement number F39502-99-1-0512. 19 */ 20 21#include <config.h> 22 23#include <sys/types.h> 24#include <sys/param.h> 25#include <stdio.h> 26#ifdef STDC_HEADERS 27# include <stdlib.h> 28# include <stddef.h> 29#else 30# ifdef HAVE_STDLIB_H 31# include <stdlib.h> 32# endif 33#endif /* STDC_HEADERS */ 34#ifdef HAVE_STRING_H 35# include <string.h> 36#endif /* HAVE_STRING_H */ 37#ifdef HAVE_STRINGS_H 38# include <strings.h> 39#endif /* HAVE_STRINGS_H */ 40#ifdef HAVE_UNISTD_H 41# include <unistd.h> 42#endif /* HAVE_UNISTD_H */ 43#include <pwd.h> 44#ifdef __hpux 45# undef MAXINT 46# include <hpsecurity.h> 47#else 48# include <sys/security.h> 49#endif /* __hpux */ 50#include <prot.h> 51 52#include "sudo.h" 53#include "sudo_auth.h" 54 55int 56secureware_init(pw, auth) 57 struct passwd *pw; 58 sudo_auth *auth; 59{ 60#ifdef __alpha 61 extern int crypt_type; 62 63 if (crypt_type == INT_MAX) 64 return AUTH_FAILURE; /* no shadow */ 65#endif 66 sudo_setspent(); 67 auth->data = sudo_getepw(pw); 68 sudo_endspent(); 69 return AUTH_SUCCESS; 70} 71 72int 73secureware_verify(pw, pass, auth) 74 struct passwd *pw; 75 char *pass; 76 sudo_auth *auth; 77{ 78 char *pw_epasswd = auth->data; 79#ifdef __alpha 80 extern int crypt_type; 81 82# ifdef HAVE_DISPCRYPT 83 if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0) 84 return AUTH_SUCCESS; 85# else 86 if (crypt_type == AUTH_CRYPT_BIGCRYPT) { 87 if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0) 88 return AUTH_SUCCESS; 89 } else if (crypt_type == AUTH_CRYPT_CRYPT16) { 90 if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0) 91 return AUTH_SUCCESS; 92 } 93# endif /* HAVE_DISPCRYPT */ 94#elif defined(HAVE_BIGCRYPT) 95 if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0) 96 return AUTH_SUCCESS; 97#endif /* __alpha */ 98 99 return AUTH_FAILURE; 100} 101 102int 103secureware_cleanup(pw, auth) 104 struct passwd *pw; 105 sudo_auth *auth; 106{ 107 char *pw_epasswd = auth->data; 108 109 if (pw_epasswd != NULL) { 110 zero_bytes(pw_epasswd, strlen(pw_epasswd)); 111 efree(pw_epasswd); 112 } 113 return AUTH_SUCCESS; 114} 115