Annotation of embedaddon/sudo/plugins/sudoers/getspwuid.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (c) 1996, 1998-2005, 2010
3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #include <config.h>
23:
24: #include <sys/types.h>
25: #include <sys/stat.h>
26: #include <sys/param.h>
27: #include <stdio.h>
28: #ifdef STDC_HEADERS
29: # include <stdlib.h>
30: # include <stddef.h>
31: #else
32: # ifdef HAVE_STDLIB_H
33: # include <stdlib.h>
34: # endif
35: #endif /* STDC_HEADERS */
36: #ifdef HAVE_STRING_H
37: # include <string.h>
38: #endif /* HAVE_STRING_H */
39: #ifdef HAVE_STRINGS_H
40: # include <strings.h>
41: #endif /* HAVE_STRINGS_H */
42: #ifdef HAVE_UNISTD_H
43: # include <unistd.h>
44: #endif /* HAVE_UNISTD_H */
45: #include <pwd.h>
46: #include <grp.h>
47: #ifdef HAVE_GETSPNAM
48: # include <shadow.h>
49: #endif /* HAVE_GETSPNAM */
50: #ifdef HAVE_GETPRPWNAM
51: # ifdef __hpux
52: # undef MAXINT
53: # include <hpsecurity.h>
54: # else
55: # include <sys/security.h>
56: # endif /* __hpux */
57: # include <prot.h>
58: #endif /* HAVE_GETPRPWNAM */
59: #ifdef HAVE_GETPWANAM
60: # include <sys/label.h>
61: # include <sys/audit.h>
62: # include <pwdadj.h>
63: #endif /* HAVE_GETPWANAM */
64: #ifdef HAVE_GETAUTHUID
65: # include <auth.h>
66: #endif /* HAVE_GETAUTHUID */
67:
68: #include "sudoers.h"
69:
70: /*
71: * Exported for auth/secureware.c
72: */
73: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
74: int crypt_type = INT_MAX;
75: #endif /* HAVE_GETPRPWNAM && __alpha */
76:
77: /*
78: * Return a copy of the encrypted password for the user described by pw.
79: * If shadow passwords are in use, look in the shadow file.
80: */
81: char *
82: sudo_getepw(const struct passwd *pw)
83: {
84: char *epw = NULL;
85:
86: /* If there is a function to check for shadow enabled, use it... */
87: #ifdef HAVE_ISCOMSEC
88: if (!iscomsec())
89: goto done;
90: #endif /* HAVE_ISCOMSEC */
91: #ifdef HAVE_ISSECURE
92: if (!issecure())
93: goto done;
94: #endif /* HAVE_ISSECURE */
95:
96: #ifdef HAVE_GETPRPWNAM
97: {
98: struct pr_passwd *spw;
99:
100: if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
101: # ifdef __alpha
102: crypt_type = spw->ufld.fd_oldcrypt;
103: # endif /* __alpha */
104: epw = spw->ufld.fd_encrypt;
105: }
106: }
107: #endif /* HAVE_GETPRPWNAM */
108: #ifdef HAVE_GETSPNAM
109: {
110: struct spwd *spw;
111:
112: if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
113: epw = spw->sp_pwdp;
114: }
115: #endif /* HAVE_GETSPNAM */
116: #ifdef HAVE_GETSPWUID
117: {
118: struct s_passwd *spw;
119:
120: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
121: epw = spw->pw_passwd;
122: }
123: #endif /* HAVE_GETSPWUID */
124: #ifdef HAVE_GETPWANAM
125: {
126: struct passwd_adjunct *spw;
127:
128: if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
129: epw = spw->pwa_passwd;
130: }
131: #endif /* HAVE_GETPWANAM */
132: #ifdef HAVE_GETAUTHUID
133: {
134: AUTHORIZATION *spw;
135:
136: if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
137: epw = spw->a_password;
138: }
139: #endif /* HAVE_GETAUTHUID */
140:
141: #if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
142: done:
143: #endif
144: /* If no shadow password, fall back on regular password. */
145: return estrdup(epw ? epw : pw->pw_passwd);
146: }
147:
148: void
149: sudo_setspent(void)
150: {
151: #ifdef HAVE_GETPRPWNAM
152: setprpwent();
153: #endif
154: #ifdef HAVE_GETSPNAM
155: setspent();
156: #endif
157: #ifdef HAVE_GETSPWUID
158: setspwent();
159: #endif
160: #ifdef HAVE_GETPWANAM
161: setpwaent();
162: #endif
163: #ifdef HAVE_GETAUTHUID
164: setauthent();
165: #endif
166: }
167:
168: void
169: sudo_endspent(void)
170: {
171: #ifdef HAVE_GETPRPWNAM
172: endprpwent();
173: #endif
174: #ifdef HAVE_GETSPNAM
175: endspent();
176: #endif
177: #ifdef HAVE_GETSPWUID
178: endspwent();
179: #endif
180: #ifdef HAVE_GETPWANAM
181: endpwaent();
182: #endif
183: #ifdef HAVE_GETAUTHUID
184: endauthent();
185: #endif
186: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>