2 * Copyright information at end of file.
5 #include <security/_pam_macros.h>
6 #include <security/pam_modules.h>
14 #include "passverify.h"
17 verify_pwd_hash(const char *p, const char *hash, unsigned int nullok)
19 size_t hash_len = strlen(hash);
25 /* the stored password is NULL */
26 if (nullok) { /* this means we've succeeded */
27 D(("user has empty password - access granted"));
30 D(("user has empty password - access denied"));
31 retval = PAM_AUTH_ERR;
33 } else if (!p || *hash == '*' || *hash == '!') {
34 retval = PAM_AUTH_ERR;
36 if (!strncmp(hash, "$1$", 3)) {
37 pp = Goodcrypt_md5(p, hash);
38 if (pp && strcmp(pp, hash) != 0) {
40 pp = Brokencrypt_md5(p, hash);
42 } else if (*hash != '$' && hash_len >= 13) {
43 pp = bigcrypt(p, hash);
44 if (pp && hash_len == 13 && strlen(pp) > hash_len) {
45 _pam_overwrite(pp + hash_len);
49 * Ok, we don't know the crypt algorithm, but maybe
50 * libcrypt nows about it? We should try it.
52 pp = x_strdup(crypt(p, hash));
54 p = NULL; /* no longer needed here */
56 /* the moment of truth -- do we agree with the password? */
57 D(("comparing state of pp[%s] and salt[%s]", pp, salt));
59 if (pp && strcmp(pp, hash) == 0) {
62 retval = PAM_AUTH_ERR;
68 D(("done [%d].", retval));
73 int _unix_shadowed(const struct passwd *pwd)
76 if (strcmp(pwd->pw_passwd, "x") == 0) {
79 if ((pwd->pw_passwd[0] == '#') &&
80 (pwd->pw_passwd[1] == '#') &&
81 (strcmp(pwd->pw_name, pwd->pw_passwd + 2) == 0)) {
88 /* ****************************************************************** *
89 * Copyright (c) Jan Rêkorajski 1999.
90 * Copyright (c) Andrew G. Morgan 1996-8.
91 * Copyright (c) Alex O. Yuriev, 1996.
92 * Copyright (c) Cristian Gafton 1996.
93 * Copyright (c) Red Hat, Inc. 2007.
95 * Redistribution and use in source and binary forms, with or without
96 * modification, are permitted provided that the following conditions
98 * 1. Redistributions of source code must retain the above copyright
99 * notice, and the entire permission notice in its entirety,
100 * including the disclaimer of warranties.
101 * 2. Redistributions in binary form must reproduce the above copyright
102 * notice, this list of conditions and the following disclaimer in the
103 * documentation and/or other materials provided with the distribution.
104 * 3. The name of the author may not be used to endorse or promote
105 * products derived from this software without specific prior
106 * written permission.
108 * ALTERNATIVELY, this product may be distributed under the terms of
109 * the GNU Public License, in which case the provisions of the GPL are
110 * required INSTEAD OF the above restrictions. (This clause is
111 * necessary due to a potential bad interaction between the GPL and
112 * the restrictions contained in a BSD-style copyright.)
114 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
115 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
116 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
117 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
118 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
119 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
120 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
121 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
122 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
123 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
124 * OF THE POSSIBILITY OF SUCH DAMAGE.