src/auth/passdb-bsdauth.c

	passdb-bsdauth.c revision 2692797175379e86c592f07b1e3430e715ba90a8
56417118453b335ca2bba5ad1f6624db4f03c5beTimo Sirainen/* Copyright (C) 2002-2003 Timo Sirainen */
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainen
863f2bc9983c33221f5936421fc9c06caf21639aTimo Sirainen#include "common.h"
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen#ifdef PASSDB_BSDAUTH
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen#include "safe-memset.h"
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen#include "passdb.h"
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen#include "mycrypt.h"
6baee5cd05602df1c39e502c7784501e58b3241dAki Tuomi
e98ba66a8ead146be66ba8219038a45fbf87b62cStephan Bosch#include <login_cap.h>
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen#include <bsd_auth.h>
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainen#include <pwd.h>
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
2e533fb1283b5f06a4063b519e47f1861c910386Timo Sirainenstatic void
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainenbsdauth_verify_plain(struct auth_request *request, const char *password,
863f2bc9983c33221f5936421fc9c06caf21639aTimo Sirainen            verify_plain_callback_t *callback)
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen{
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi    struct passwd *pw;
42cb779853b1814d7ab052436b0b6d1f507c742bAki Tuomi    int result;
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    pw = getpwnam(request->user);
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen    if (pw == NULL) {
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen        auth_request_log_info(request, "bsdauth", "unknown user");
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi        callback(PASSDB_RESULT_USER_UNKNOWN, request);
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi        return;
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi    }
ca44a6ba994aaa3231a20ef6e046dfd97a8dcd2dTimo Sirainen
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen    /* check if the password is valid */
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    result = auth_userokay(request->user, NULL, NULL,
8dec8eab222cb7a0b4ef5e066cb1d7dac8a526d1Timo Sirainen                   t_strdup_noconst(password));
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi    /* clear the passwords from memory */
b200bc3875fa06d42c8619865cc306c3297fcaccAki Tuomi    safe_memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));
ca44a6ba994aaa3231a20ef6e046dfd97a8dcd2dTimo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    if (result == 0) {
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen        auth_request_log_info(request, "bsdauth", "password mismatch");
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen        callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen        return;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    }
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
c1847a38dfbc8bad29547d96432ef9d707dbd345Timo Sirainen    /* make sure we're using the username exactly as it's in the database */
b28a1c61a5d262fd16b46bebe47dbfb90ac9c5fcTimo Sirainen        auth_request_set_field(request, "user", pw->pw_name, NULL);
c1847a38dfbc8bad29547d96432ef9d707dbd345Timo Sirainen
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen    callback(PASSDB_RESULT_OK, request);
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen}
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainenstatic struct passdb_module *
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainenbsdauth_preinit(struct auth_passdb *auth_passdb, const char *args)
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen{
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen    struct passdb_module *module;
cd18d7bb3e8d5921c3c852bd0a27fbeff9a9babbTimo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    module = p_new(auth_passdb->auth->pool, struct passdb_module, 1);
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    if (strncmp(args, "cache_key=", 10) == 0) {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen        module->cache_key =
b28a1c61a5d262fd16b46bebe47dbfb90ac9c5fcTimo Sirainen            p_strdup(auth_passdb->auth->pool, args + 10);
c1847a38dfbc8bad29547d96432ef9d707dbd345Timo Sirainen    }
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    return module;
149089b97827554ffd17dbf0cbc990b2301703f3Timo Sirainen}
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
c1847a38dfbc8bad29547d96432ef9d707dbd345Timo Sirainenstatic void bsdauth_deinit(struct passdb_module *module __attr_unused__)
b28a1c61a5d262fd16b46bebe47dbfb90ac9c5fcTimo Sirainen{
149089b97827554ffd17dbf0cbc990b2301703f3Timo Sirainen    endpwent();
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen}
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a5563dc790a44bb58860d74479a24349f593d68fTimo Sirainenstruct passdb_module_interface passdb_bsdauth = {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    "bsdauth",
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
9f0f2de10e4ea0c99052bf4b2bef8179f2536228Timo Sirainen    bsdauth_preinit,
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    NULL,
    bsdauth_deinit,

    bsdauth_verify_plain,
    NULL
};

#endif