Re: Patch for the getpwnam_auth helper

From: Giancarlo Razzolini <linux-fan@dont-contact.us>
Date: Mon, 03 Jul 2006 21:33:27 -0300

Henrik Nordstrom wrote:
> mån 2006-07-03 klockan 20:07 -0300 skrev Giancarlo Razzolini:
>
>> First sorry for the late, it were 2 weeks of tests in my university, so
>> i was busiest that never. Now that i'm on vacation from university, i do
>> have more free time.
>
> No problem.
>
>> Now, to the patch. For doing what you want, i'll have do do major
>> changes to the code. Because if using shadow, i declare a pointer to the
>> spwd struct, and if using getpwnam, i declare a pointer to the passwd
>> struct. To fail back, i'll have to do some big changes to the code. I'm
>> even thinking in using functions inside the code to do the auth. Want to
>> know if you agree with it or not.
>
> Didn't look that big to me... a few lines only.
>
> Regards
> Henrik
Here it is. Please send any comments, critics or suggestions. Did the
patch against the getpwnam.c from 2.6.STABLE1. Also i've started today
writing the documentation for it.

Thanks in advance,

-- 
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
OpenBSD Stable
Snike Tecnologia em Informática
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

--- getpwnam_auth.c 2005-05-17 13:56:27.000000000 -0300
+++ getpwnam_auth.c.new 2006-07-03 21:07:56.000000000 -0300
@@ -17,6 +17,11 @@
  * + can handle LDAP request
  * + can handle PAM request
  *
+ * 2006-07: Giancarlo Razzolini <linux-fan@onda.com.br>
+ *
+ * Added functionality for doing shadow authentication too,
+ * using the getspnam() function on systems that support it.
+ *
  */
 
 #include "config.h"
@@ -39,45 +44,86 @@
 #if HAVE_PWD_H
 #include <pwd.h>
 #endif
+#if HAVE_SHADOW_H
+#include <shadow.h>
+#endif
 
 #include "util.h"
 
 #define ERR "ERR\n"
 #define OK "OK\n"
 
+#if HAVE_PWD_H
+int passwd_auth(char *user, char *passwd)
+{
+ struct passwd *pwd;
+ pwd = getpwnam(user);
+ if (pwd == NULL) {
+ return 0; /* User does not exist */
+ } else {
+ if (strcmp(pwd->pw_passwd, (char *) crypt(passwd, pwd->pw_passwd))) {
+ return 2; /* Wrong password */
+ } else {
+ return 1; /* Authentication Sucessful */
+ }
+ }
+}
+#endif
+
+#if HAVE_SHADOW_H
+int shadow_auth(char *user, char *passwd)
+{
+ struct spwd *pwd;
+ pwd = getspnam(user);
+ if (pwd == NULL) {
+ return passwd_auth(user, passwd); /* Fall back to passwd_auth */
+ } else {
+ if (strcmp(pwd->sp_pwdp, crypt(passwd, pwd->sp_pwdp))) {
+ return 2; /* Wrong password */
+ } else {
+ return 1; /* Authentication Sucessful */
+ }
+ }
+}
+#endif
+
 int
 main()
 {
- char buf[256];
- struct passwd *pwd;
- char *user, *passwd, *p;
-
- setbuf(stdout, NULL);
- while (fgets(buf, 256, stdin) != NULL) {
-
- if ((p = strchr(buf, '\n')) != NULL)
- *p = '\0'; /* strip \n */
-
- if ((user = strtok(buf, " ")) == NULL) {
- printf(ERR);
- continue;
- }
- if ((passwd = strtok(NULL, "")) == NULL) {
- printf(ERR);
- continue;
- }
- rfc1738_unescape(user);
- rfc1738_unescape(passwd);
- pwd = getpwnam(user);
- if (pwd == NULL) {
- printf("ERR No such user\n");
- } else {
- if (strcmp(pwd->pw_passwd, (char *) crypt(passwd, pwd->pw_passwd))) {
- printf("ERR Wrong password\n");
- } else {
- printf(OK);
- }
- }
+ int auth = 0;
+ char buf[256];
+ char *user, *passwd, *p;
+
+ setbuf(stdout, NULL);
+ while (fgets(buf, 256, stdin) != NULL) {
+
+ if ((p = strchr(buf, '\n')) != NULL)
+ *p = '\0'; /* strip \n */
+
+ if ((user = strtok(buf, " ")) == NULL) {
+ printf(ERR);
+ continue;
+ }
+ if ((passwd = strtok(NULL, "")) == NULL) {
+ printf(ERR);
+ continue;
+ }
+ rfc1738_unescape(user);
+ rfc1738_unescape(passwd);
+#if HAVE_SHADOW_H
+ auth = shadow_auth(user, passwd);
+#else
+ auth = passwd_auth(user, passwd);
+#endif
+ if (auth == 0) {
+ printf("ERR No such user\n");
+ } else {
+ if (auth == 2) {
+ printf("ERR Wrong password\n");
+ } else {
+ printf(OK);
+ }
     }
- exit(0);
+ }
+ exit(0);
 }

75119cf970605c11407e0b9f2724ca4c getpwnam_auth.c.patch

Received on Mon Jul 03 2006 - 18:34:05 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT