summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoland McGrath <roland@gnu.org>1999-05-24 02:39:20 +0000
committerRoland McGrath <roland@gnu.org>1999-05-24 02:39:20 +0000
commitc0ce7ec44dd9c403ba1e94b1a8d01641966c4e87 (patch)
tree4ab548b844220d4c6a3b4c36a62c4c414ac87ce5
parent752b43d64d107d04ba9007db92bb6c872467c794 (diff)
1999-05-23 Roland McGrath <roland@baalperazim.frob.com>
* idvec-verify.c (SHADOW_PASSWORD_STRING): New macro. (verify_id): Check for shadow password immediately after getpwuid_r call, and replace PW->pw_passwd pointer with SP->sp_pwdp. This is ok since the only use will be later in the function, and we give the lookup buffer function scope. (verify_passwd): Don't call CHECK_SHADOW for main passwd, only when rechecking for wheel-group hack.
-rw-r--r--libshouldbeinlibc/idvec-verify.c53
1 files changed, 34 insertions, 19 deletions
diff --git a/libshouldbeinlibc/idvec-verify.c b/libshouldbeinlibc/idvec-verify.c
index d1f7a144..4014c2b5 100644
--- a/libshouldbeinlibc/idvec-verify.c
+++ b/libshouldbeinlibc/idvec-verify.c
@@ -28,6 +28,8 @@
#include <pwd.h>
#include <shadow.h>
+#define SHADOW_PASSWORD_STRING "x" /* pw_passwd contents for shadow passwd */
+
extern char *crypt (const char *string, const char salt[2]);
#pragma weak crypt
@@ -55,20 +57,6 @@ verify_passwd (const char *password,
int wheel_uid = (int)hook;
const char *sys_encrypted;
- char sp_lookup_buf[1024];
- const char *check_shadow (struct passwd *pw)
- {
- if (strcmp (pw->pw_passwd, "x") == 0)
- {
- /* When encrypted password is "x", try shadow passwords. */
- struct spwd _sp, *sp;
- if (getspnam_r (pw->pw_name, &_sp, sp_lookup_buf,
- sizeof sp_lookup_buf, &sp) == 0)
- return sp->sp_pwdp;
- }
- return pw->pw_passwd;
- }
-
if (! pwd_or_grp)
/* No password db entry for ID; if ID is root, the system is probably
really fucked up, so grant it (heh). */
@@ -80,9 +68,6 @@ verify_passwd (const char *password,
? ((struct passwd *)pwd_or_grp)->pw_passwd
: ((struct group *)pwd_or_grp)->gr_passwd);
- if (!is_group)
- sys_encrypted = check_shadow (pwd_or_grp);
-
if (sys_encrypted[0] == '\0')
return 0; /* No password. */
@@ -105,8 +90,22 @@ verify_passwd (const char *password,
/* Special hack: a user attempting to gain root access can use
their own password (instead of root's) if they're in group 0. */
{
- char lookup_buf[1024];
struct passwd _pw, *pw;
+ char lookup_buf[1024];
+ char sp_lookup_buf[1024];
+
+ const char *check_shadow (struct passwd *pw)
+ {
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
+ {
+ /* When encrypted password is "x", try shadow passwords. */
+ struct spwd _sp, *sp;
+ if (getspnam_r (pw->pw_name, &_sp, sp_lookup_buf,
+ sizeof sp_lookup_buf, &sp) == 0)
+ return sp->sp_pwdp;
+ }
+ return pw->pw_passwd;
+ }
if (getpwuid_r (wheel_uid, &_pw, lookup_buf, sizeof lookup_buf, &pw))
return errno ?: EINVAL;
@@ -255,6 +254,7 @@ verify_id (uid_t id, int is_group, int multiple,
char *name = 0;
char *prompt = 0, *password;
char id_lookup_buf[1024];
+ char sp_lookup_buf[1024];
/* VERIFY_FN should have been defaulted in idvec_verify if necessary. */
assert (verify_fn);
@@ -280,7 +280,22 @@ verify_id (uid_t id, int is_group, int multiple,
if (getpwuid_r (id, &_pw, id_lookup_buf, sizeof id_lookup_buf, &pw)
== 0)
{
- if (!pw->pw_passwd || !*pw->pw_passwd)
+ if (strcmp (pw->pw_passwd, SHADOW_PASSWORD_STRING) == 0)
+ {
+ /* When encrypted password is "x", check shadow
+ passwords to see if there is an empty password. */
+ struct spwd _sp, *sp;
+ if (getspnam_r (pw->pw_name, &_sp, sp_lookup_buf,
+ sizeof sp_lookup_buf, &sp) == 0)
+ /* The storage for the password string is in
+ SP_LOOKUP_BUF, a local variable in this function.
+ We Know that the only use of PW->pw_passwd will be
+ in the VERIFY_FN call in this function, and that
+ the pointer will not be stored past the call. */
+ pw->pw_passwd = sp->sp_pwdp;
+ }
+
+ if (pw->pw_passwd[0] == '\0')
return (*verify_fn) ("", id, 0, pw, verify_hook);
name = pw->pw_name;
pwd_or_grp = pw;