Annotation of embedaddon/sudo/plugins/sudoers/getspwuid.c, revision 1.1.1.2
1.1 misho 1: /*
2: * Copyright (c) 1996, 1998-2005, 2010
3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #include <config.h>
23:
24: #include <sys/types.h>
25: #include <sys/stat.h>
26: #include <sys/param.h>
27: #include <stdio.h>
28: #ifdef STDC_HEADERS
29: # include <stdlib.h>
30: # include <stddef.h>
31: #else
32: # ifdef HAVE_STDLIB_H
33: # include <stdlib.h>
34: # endif
35: #endif /* STDC_HEADERS */
36: #ifdef HAVE_STRING_H
37: # include <string.h>
38: #endif /* HAVE_STRING_H */
39: #ifdef HAVE_STRINGS_H
40: # include <strings.h>
41: #endif /* HAVE_STRINGS_H */
42: #ifdef HAVE_UNISTD_H
43: # include <unistd.h>
44: #endif /* HAVE_UNISTD_H */
45: #include <pwd.h>
46: #include <grp.h>
47: #ifdef HAVE_GETSPNAM
48: # include <shadow.h>
49: #endif /* HAVE_GETSPNAM */
50: #ifdef HAVE_GETPRPWNAM
51: # ifdef __hpux
52: # undef MAXINT
53: # include <hpsecurity.h>
54: # else
55: # include <sys/security.h>
56: # endif /* __hpux */
57: # include <prot.h>
58: #endif /* HAVE_GETPRPWNAM */
59: #ifdef HAVE_GETPWANAM
60: # include <sys/label.h>
61: # include <sys/audit.h>
62: # include <pwdadj.h>
63: #endif /* HAVE_GETPWANAM */
64: #ifdef HAVE_GETAUTHUID
65: # include <auth.h>
66: #endif /* HAVE_GETAUTHUID */
67:
68: #include "sudoers.h"
69:
70: /*
71: * Exported for auth/secureware.c
72: */
73: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
74: int crypt_type = INT_MAX;
75: #endif /* HAVE_GETPRPWNAM && __alpha */
76:
77: /*
78: * Return a copy of the encrypted password for the user described by pw.
79: * If shadow passwords are in use, look in the shadow file.
80: */
81: char *
82: sudo_getepw(const struct passwd *pw)
83: {
84: char *epw = NULL;
1.1.1.2 ! misho 85: debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
1.1 misho 86:
87: /* If there is a function to check for shadow enabled, use it... */
88: #ifdef HAVE_ISCOMSEC
89: if (!iscomsec())
90: goto done;
91: #endif /* HAVE_ISCOMSEC */
92: #ifdef HAVE_ISSECURE
93: if (!issecure())
94: goto done;
95: #endif /* HAVE_ISSECURE */
96:
97: #ifdef HAVE_GETPRPWNAM
98: {
99: struct pr_passwd *spw;
100:
101: if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
102: # ifdef __alpha
103: crypt_type = spw->ufld.fd_oldcrypt;
104: # endif /* __alpha */
105: epw = spw->ufld.fd_encrypt;
106: }
107: }
108: #endif /* HAVE_GETPRPWNAM */
109: #ifdef HAVE_GETSPNAM
110: {
111: struct spwd *spw;
112:
113: if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
114: epw = spw->sp_pwdp;
115: }
116: #endif /* HAVE_GETSPNAM */
117: #ifdef HAVE_GETSPWUID
118: {
119: struct s_passwd *spw;
120:
121: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
122: epw = spw->pw_passwd;
123: }
124: #endif /* HAVE_GETSPWUID */
125: #ifdef HAVE_GETPWANAM
126: {
127: struct passwd_adjunct *spw;
128:
129: if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
130: epw = spw->pwa_passwd;
131: }
132: #endif /* HAVE_GETPWANAM */
133: #ifdef HAVE_GETAUTHUID
134: {
135: AUTHORIZATION *spw;
136:
137: if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
138: epw = spw->a_password;
139: }
140: #endif /* HAVE_GETAUTHUID */
141:
142: #if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
143: done:
144: #endif
145: /* If no shadow password, fall back on regular password. */
1.1.1.2 ! misho 146: debug_return_str(estrdup(epw ? epw : pw->pw_passwd));
1.1 misho 147: }
148:
149: void
150: sudo_setspent(void)
151: {
1.1.1.2 ! misho 152: debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
! 153:
1.1 misho 154: #ifdef HAVE_GETPRPWNAM
155: setprpwent();
156: #endif
157: #ifdef HAVE_GETSPNAM
158: setspent();
159: #endif
160: #ifdef HAVE_GETSPWUID
161: setspwent();
162: #endif
163: #ifdef HAVE_GETPWANAM
164: setpwaent();
165: #endif
166: #ifdef HAVE_GETAUTHUID
167: setauthent();
168: #endif
1.1.1.2 ! misho 169: debug_return;
1.1 misho 170: }
171:
172: void
173: sudo_endspent(void)
174: {
1.1.1.2 ! misho 175: debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
! 176:
1.1 misho 177: #ifdef HAVE_GETPRPWNAM
178: endprpwent();
179: #endif
180: #ifdef HAVE_GETSPNAM
181: endspent();
182: #endif
183: #ifdef HAVE_GETSPWUID
184: endspwent();
185: #endif
186: #ifdef HAVE_GETPWANAM
187: endpwaent();
188: #endif
189: #ifdef HAVE_GETAUTHUID
190: endauthent();
191: #endif
1.1.1.2 ! misho 192: debug_return;
1.1 misho 193: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>