1bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman/* 2bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Copyright (c) 2003 Ben Lindstrom. All rights reserved. 3bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 4bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Redistribution and use in source and binary forms, with or without 5bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * modification, are permitted provided that the following conditions 6bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * are met: 7bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 1. Redistributions of source code must retain the above copyright 8bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * notice, this list of conditions and the following disclaimer. 9bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 2. Redistributions in binary form must reproduce the above copyright 10bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * notice, this list of conditions and the following disclaimer in the 11bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * documentation and/or other materials provided with the distribution. 12bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * 13bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman */ 24bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 25bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#include "includes.h" 26bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 27bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#include <sys/types.h> 28bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#include <unistd.h> 29bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#include <pwd.h> 30bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 31bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE) 32bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <crypt.h> 33bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 34bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 35bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# ifdef __hpux 36bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <hpsecurity.h> 37bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <prot.h> 38bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 39bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 40bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# ifdef HAVE_SECUREWARE 41bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <sys/security.h> 42bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <sys/audit.h> 43bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <prot.h> 44bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 45bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 46bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 47bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <shadow.h> 48bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 49bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 50bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) 51bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <sys/label.h> 52bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <sys/audit.h> 53bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include <pwdadj.h> 54bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 55bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 56bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) 57bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# include "md5crypt.h" 58d059297112922cabb0c674840589be8db821fd9aAdam Langley# endif 59d059297112922cabb0c674840589be8db821fd9aAdam Langley 60d059297112922cabb0c674840589be8db821fd9aAdam Langley# if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) 61d059297112922cabb0c674840589be8db821fd9aAdam Langley# include <openssl/des.h> 62d059297112922cabb0c674840589be8db821fd9aAdam Langley# define crypt DES_crypt 63d059297112922cabb0c674840589be8db821fd9aAdam Langley# endif 64bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 65bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanchar * 66bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanxcrypt(const char *password, const char *salt) 67bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman{ 68bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman char *crypted; 69bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 70bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# ifdef HAVE_MD5_PASSWORDS 71bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman if (is_md5_salt(salt)) 72bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = md5_crypt(password, salt); 73bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman else 74bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = crypt(password, salt); 75bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# elif defined(__hpux) && !defined(HAVE_SECUREWARE) 76bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman if (iscomsec()) 77bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = bigcrypt(password, salt); 78bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman else 79bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = crypt(password, salt); 80bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# elif defined(HAVE_SECUREWARE) 81bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = bigcrypt(password, salt); 82bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# else 83bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman crypted = crypt(password, salt); 84bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 85bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 86bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman return crypted; 87bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman} 88bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 89bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman/* 90bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * Handle shadowed password systems in a cleaner way for portable 91bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman * version. 92bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman */ 93bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 94bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanchar * 95bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartmanshadow_pw(struct passwd *pw) 96bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman{ 97bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman char *pw_password = pw->pw_passwd; 98bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 99bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) 100bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman struct spwd *spw = getspnam(pw->pw_name); 101bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 102bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman if (spw != NULL) 103bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman pw_password = spw->sp_pwdp; 104bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 105bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 106bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#ifdef USE_LIBIAF 107bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman return(get_iaf_password(pw)); 108bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman#endif 109bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 110bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) 111bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman struct passwd_adjunct *spw; 112bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) 113bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman pw_password = spw->pwa_passwd; 114bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# elif defined(HAVE_SECUREWARE) 115bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman struct pr_passwd *spw = getprpwnam(pw->pw_name); 116bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 117bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman if (spw != NULL) 118bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman pw_password = spw->ufld.fd_encrypt; 119bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman# endif 120bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman 121bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman return pw_password; 122bd77cf78387b72b7b3ea870459077672bf75c3b5Greg Hartman} 123