Return to getspwuid.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

sudo 1.8.5p1

    1: /*
    2:  * Copyright (c) 1996, 1998-2005, 2010
    3:  *	Todd C. Miller <Todd.Miller@courtesan.com>
    4:  *
    5:  * Permission to use, copy, modify, and distribute this software for any
    6:  * purpose with or without fee is hereby granted, provided that the above
    7:  * copyright notice and this permission notice appear in all copies.
    8:  *
    9:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   10:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   11:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   12:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   13:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   14:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   15:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   16:  *
   17:  * Sponsored in part by the Defense Advanced Research Projects
   18:  * Agency (DARPA) and Air Force Research Laboratory, Air Force
   19:  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
   20:  */
   21: 
   22: #include <config.h>
   23: 
   24: #include <sys/types.h>
   25: #include <sys/stat.h>
   26: #include <sys/param.h>
   27: #include <stdio.h>
   28: #ifdef STDC_HEADERS
   29: # include <stdlib.h>
   30: # include <stddef.h>
   31: #else
   32: # ifdef HAVE_STDLIB_H
   33: #  include <stdlib.h>
   34: # endif
   35: #endif /* STDC_HEADERS */
   36: #ifdef HAVE_STRING_H
   37: # include <string.h>
   38: #endif /* HAVE_STRING_H */
   39: #ifdef HAVE_STRINGS_H
   40: # include <strings.h>
   41: #endif /* HAVE_STRINGS_H */
   42: #ifdef HAVE_UNISTD_H
   43: # include <unistd.h>
   44: #endif /* HAVE_UNISTD_H */
   45: #include <pwd.h>
   46: #include <grp.h>
   47: #ifdef HAVE_GETSPNAM
   48: # include <shadow.h>
   49: #endif /* HAVE_GETSPNAM */
   50: #ifdef HAVE_GETPRPWNAM
   51: # ifdef __hpux
   52: #  undef MAXINT
   53: #  include <hpsecurity.h>
   54: # else
   55: #  include <sys/security.h>
   56: # endif /* __hpux */
   57: # include <prot.h>
   58: #endif /* HAVE_GETPRPWNAM */
   59: #ifdef HAVE_GETPWANAM
   60: # include <sys/label.h>
   61: # include <sys/audit.h>
   62: # include <pwdadj.h>
   63: #endif /* HAVE_GETPWANAM */
   64: #ifdef HAVE_GETAUTHUID
   65: # include <auth.h>
   66: #endif /* HAVE_GETAUTHUID */
   67: 
   68: #include "sudoers.h"
   69: 
   70: /*
   71:  * Exported for auth/secureware.c
   72:  */
   73: #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
   74: int crypt_type = INT_MAX;
   75: #endif /* HAVE_GETPRPWNAM && __alpha */
   76: 
   77: /*
   78:  * Return a copy of the encrypted password for the user described by pw.
   79:  * If shadow passwords are in use, look in the shadow file.
   80:  */
   81: char *
   82: sudo_getepw(const struct passwd *pw)
   83: {
   84:     char *epw = NULL;
   85:     debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
   86: 
   87:     /* If there is a function to check for shadow enabled, use it... */
   88: #ifdef HAVE_ISCOMSEC
   89:     if (!iscomsec())
   90: 	goto done;
   91: #endif /* HAVE_ISCOMSEC */
   92: #ifdef HAVE_ISSECURE
   93:     if (!issecure())
   94: 	goto done;
   95: #endif /* HAVE_ISSECURE */
   96: 
   97: #ifdef HAVE_GETPRPWNAM
   98:     {
   99: 	struct pr_passwd *spw;
  100: 
  101: 	if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
  102: # ifdef __alpha
  103: 	    crypt_type = spw->ufld.fd_oldcrypt;
  104: # endif /* __alpha */
  105: 	    epw = spw->ufld.fd_encrypt;
  106: 	}
  107:     }
  108: #endif /* HAVE_GETPRPWNAM */
  109: #ifdef HAVE_GETSPNAM
  110:     {
  111: 	struct spwd *spw;
  112: 
  113: 	if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
  114: 	    epw = spw->sp_pwdp;
  115:     }
  116: #endif /* HAVE_GETSPNAM */
  117: #ifdef HAVE_GETSPWUID
  118:     {
  119: 	struct s_passwd *spw;
  120: 
  121: 	if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
  122: 	    epw = spw->pw_passwd;
  123:     }
  124: #endif /* HAVE_GETSPWUID */
  125: #ifdef HAVE_GETPWANAM
  126:     {
  127: 	struct passwd_adjunct *spw;
  128: 
  129: 	if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
  130: 	    epw = spw->pwa_passwd;
  131:     }
  132: #endif /* HAVE_GETPWANAM */
  133: #ifdef HAVE_GETAUTHUID
  134:     {
  135: 	AUTHORIZATION *spw;
  136: 
  137: 	if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
  138: 	    epw = spw->a_password;
  139:     }
  140: #endif /* HAVE_GETAUTHUID */
  141: 
  142: #if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
  143: done:
  144: #endif
  145:     /* If no shadow password, fall back on regular password. */
  146:     debug_return_str(estrdup(epw ? epw : pw->pw_passwd));
  147: }
  148: 
  149: void
  150: sudo_setspent(void)
  151: {
  152:     debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
  153: 
  154: #ifdef HAVE_GETPRPWNAM
  155:     setprpwent();
  156: #endif
  157: #ifdef HAVE_GETSPNAM
  158:     setspent();
  159: #endif
  160: #ifdef HAVE_GETSPWUID
  161:     setspwent();
  162: #endif
  163: #ifdef HAVE_GETPWANAM
  164:     setpwaent();
  165: #endif
  166: #ifdef HAVE_GETAUTHUID
  167:     setauthent();
  168: #endif
  169:     debug_return;
  170: }
  171: 
  172: void
  173: sudo_endspent(void)
  174: {
  175:     debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
  176: 
  177: #ifdef HAVE_GETPRPWNAM
  178:     endprpwent();
  179: #endif
  180: #ifdef HAVE_GETSPNAM
  181:     endspent();
  182: #endif
  183: #ifdef HAVE_GETSPWUID
  184:     endspwent();
  185: #endif
  186: #ifdef HAVE_GETPWANAM
  187:     endpwaent();
  188: #endif
  189: #ifdef HAVE_GETAUTHUID
  190:     endauthent();
  191: #endif
  192:     debug_return;
  193: }