Annotation of embedaddon/sudo/plugins/sudoers/getspwuid.c, revision 1.1.1.3
1.1 misho 1: /*
1.1.1.3 ! misho 2: * Copyright (c) 1996, 1998-2005, 2010-2012
1.1 misho 3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #include <config.h>
23:
24: #include <sys/types.h>
25: #include <sys/stat.h>
26: #include <stdio.h>
27: #ifdef STDC_HEADERS
28: # include <stdlib.h>
29: # include <stddef.h>
30: #else
31: # ifdef HAVE_STDLIB_H
32: # include <stdlib.h>
33: # endif
34: #endif /* STDC_HEADERS */
35: #ifdef HAVE_STRING_H
36: # include <string.h>
37: #endif /* HAVE_STRING_H */
38: #ifdef HAVE_STRINGS_H
39: # include <strings.h>
40: #endif /* HAVE_STRINGS_H */
41: #ifdef HAVE_UNISTD_H
42: # include <unistd.h>
43: #endif /* HAVE_UNISTD_H */
44: #include <pwd.h>
45: #include <grp.h>
46: #ifdef HAVE_GETSPNAM
47: # include <shadow.h>
48: #endif /* HAVE_GETSPNAM */
49: #ifdef HAVE_GETPRPWNAM
50: # ifdef __hpux
51: # undef MAXINT
52: # include <hpsecurity.h>
53: # else
54: # include <sys/security.h>
55: # endif /* __hpux */
56: # include <prot.h>
57: #endif /* HAVE_GETPRPWNAM */
58: #ifdef HAVE_GETPWANAM
59: # include <sys/label.h>
60: # include <sys/audit.h>
61: # include <pwdadj.h>
62: #endif /* HAVE_GETPWANAM */
63: #ifdef HAVE_GETAUTHUID
64: # include <auth.h>
65: #endif /* HAVE_GETAUTHUID */
66:
67: #include "sudoers.h"
68:
69: /*
70: * Exported for auth/secureware.c
71: */
72: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
73: int crypt_type = INT_MAX;
74: #endif /* HAVE_GETPRPWNAM && __alpha */
75:
76: /*
77: * Return a copy of the encrypted password for the user described by pw.
78: * If shadow passwords are in use, look in the shadow file.
79: */
80: char *
81: sudo_getepw(const struct passwd *pw)
82: {
83: char *epw = NULL;
1.1.1.2 misho 84: debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
1.1 misho 85:
86: /* If there is a function to check for shadow enabled, use it... */
87: #ifdef HAVE_ISCOMSEC
88: if (!iscomsec())
89: goto done;
90: #endif /* HAVE_ISCOMSEC */
91: #ifdef HAVE_ISSECURE
92: if (!issecure())
93: goto done;
94: #endif /* HAVE_ISSECURE */
95:
96: #ifdef HAVE_GETPRPWNAM
97: {
98: struct pr_passwd *spw;
99:
100: if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
101: # ifdef __alpha
102: crypt_type = spw->ufld.fd_oldcrypt;
103: # endif /* __alpha */
104: epw = spw->ufld.fd_encrypt;
105: }
106: }
107: #endif /* HAVE_GETPRPWNAM */
108: #ifdef HAVE_GETSPNAM
109: {
110: struct spwd *spw;
111:
112: if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
113: epw = spw->sp_pwdp;
114: }
115: #endif /* HAVE_GETSPNAM */
116: #ifdef HAVE_GETSPWUID
117: {
118: struct s_passwd *spw;
119:
120: if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
121: epw = spw->pw_passwd;
122: }
123: #endif /* HAVE_GETSPWUID */
124: #ifdef HAVE_GETPWANAM
125: {
126: struct passwd_adjunct *spw;
127:
128: if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
129: epw = spw->pwa_passwd;
130: }
131: #endif /* HAVE_GETPWANAM */
132: #ifdef HAVE_GETAUTHUID
133: {
134: AUTHORIZATION *spw;
135:
136: if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
137: epw = spw->a_password;
138: }
139: #endif /* HAVE_GETAUTHUID */
140:
141: #if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
142: done:
143: #endif
144: /* If no shadow password, fall back on regular password. */
1.1.1.2 misho 145: debug_return_str(estrdup(epw ? epw : pw->pw_passwd));
1.1 misho 146: }
147:
148: void
149: sudo_setspent(void)
150: {
1.1.1.2 misho 151: debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
152:
1.1 misho 153: #ifdef HAVE_GETPRPWNAM
154: setprpwent();
155: #endif
156: #ifdef HAVE_GETSPNAM
157: setspent();
158: #endif
159: #ifdef HAVE_GETSPWUID
160: setspwent();
161: #endif
162: #ifdef HAVE_GETPWANAM
163: setpwaent();
164: #endif
165: #ifdef HAVE_GETAUTHUID
166: setauthent();
167: #endif
1.1.1.2 misho 168: debug_return;
1.1 misho 169: }
170:
171: void
172: sudo_endspent(void)
173: {
1.1.1.2 misho 174: debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
175:
1.1 misho 176: #ifdef HAVE_GETPRPWNAM
177: endprpwent();
178: #endif
179: #ifdef HAVE_GETSPNAM
180: endspent();
181: #endif
182: #ifdef HAVE_GETSPWUID
183: endspwent();
184: #endif
185: #ifdef HAVE_GETPWANAM
186: endpwaent();
187: #endif
188: #ifdef HAVE_GETAUTHUID
189: endauthent();
190: #endif
1.1.1.2 misho 191: debug_return;
1.1 misho 192: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>