/* $OpenBSD: login_passwd.c,v 1.5 2001/08/12 21:55:46 millert Exp $ */ /*- * Copyright (c) 2001 Hans Insulander . * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include "common.h" int pwd_login(char *username, char *password, char *wheel, int lastchance, char *class) { struct passwd *pwd; char *salt; if (wheel != NULL && strcmp(wheel, "yes") != 0) { fprintf(back, BI_VALUE " errormsg %s\n", auth_mkvalue("you are not in group wheel")); fprintf(back, BI_REJECT "\n"); return (AUTH_FAILED); } pwd = getpwnam(username); /* Check for empty password */ if (pwd != NULL && *pwd->pw_passwd == '\0') { fprintf(back, BI_AUTH "\n"); return (AUTH_OK); } if (pwd) salt = pwd->pw_passwd; else salt = "xx"; setpriority(PRIO_PROCESS, 0, -4); salt = crypt(password, salt); memset(password, 0, strlen(password)); if (!pwd || strcmp(salt, pwd->pw_passwd) != 0) return (AUTH_FAILED); if (login_check_expire(back, pwd, class, lastchance) == 0) fprintf(back, BI_AUTH "\n"); else return (AUTH_FAILED); return (AUTH_OK); }