2 * Copyright information at end of file.
5 #include <security/_pam_macros.h>
6 #include <security/pam_modules.h>
10 #include <sys/types.h>
24 #elif defined(HAVE_CRYPT_H)
30 #include "passverify.h"
33 #include <selinux/selinux.h>
34 #define SELINUX_ENABLED (is_selinux_enabled()>0)
36 #define SELINUX_ENABLED 0
40 #define pam_modutil_getpwnam(h,n) getpwnam(n)
41 #define pam_modutil_getspnam(h,n) getspnam(n)
42 #define pam_syslog(h,a,b,c) helper_log_err(a,b,c)
44 #include <security/pam_modutil.h>
45 #include <security/pam_ext.h>
48 #if defined(USE_LCKPWDF) && !defined(HAVE_LCKPWDF)
49 # include "./lckpwdf.-c"
53 strip_hpux_aging(char *hash)
55 static const char valid[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
56 "abcdefghijklmnopqrstuvwxyz"
58 if ((*hash != '$') && (strlen(hash) > 13)) {
59 for (hash += 13; *hash != '\0'; hash++) {
60 if (strchr(valid, *hash) == NULL) {
68 PAMH_ARG_DECL(int verify_pwd_hash,
69 const char *p, char *hash, unsigned int nullok)
76 strip_hpux_aging(hash);
77 hash_len = strlen(hash);
79 /* the stored password is NULL */
80 if (nullok) { /* this means we've succeeded */
81 D(("user has empty password - access granted"));
84 D(("user has empty password - access denied"));
85 retval = PAM_AUTH_ERR;
87 } else if (!p || *hash == '*' || *hash == '!') {
88 retval = PAM_AUTH_ERR;
90 if (!strncmp(hash, "$1$", 3)) {
91 pp = Goodcrypt_md5(p, hash);
92 if (pp && strcmp(pp, hash) != 0) {
94 pp = Brokencrypt_md5(p, hash);
96 } else if (*hash != '$' && hash_len >= 13) {
97 pp = bigcrypt(p, hash);
98 if (pp && hash_len == 13 && strlen(pp) > hash_len) {
99 _pam_overwrite(pp + hash_len);
103 * Ok, we don't know the crypt algorithm, but maybe
104 * libcrypt knows about it? We should try it.
106 #if defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
107 /* Get the status of the hash from checksalt */
108 int retval_checksalt = crypt_checksalt(hash);
111 * Check for hashing methods that are disabled by
112 * libcrypt configuration and/or system preset.
114 if (retval_checksalt == CRYPT_SALT_METHOD_DISABLED) {
116 * pam_syslog() needs a pam handle,
117 * but that's not available here.
119 pam_syslog(pamh, LOG_ERR,
120 "The support for password hash \"%.6s\" "
121 "has been disabled in libcrypt "
126 * Check for malformed hashes, like descrypt hashes
127 * starting with "$2...", which might have been
128 * generated by unsafe base64 encoding functions
129 * as used in glibc <= 2.16.
130 * Such hashes are likely to be rejected by many
131 * recent implementations of libcrypt.
133 if (retval_checksalt == CRYPT_SALT_INVALID) {
134 pam_syslog(pamh, LOG_ERR,
135 "The password hash \"%.6s\" is unknown to "
140 #ifndef HELPER_COMPILE
145 struct crypt_data *cdata;
146 cdata = malloc(sizeof(*cdata));
148 cdata->initialized = 0;
149 pp = x_strdup(crypt_r(p, hash, cdata));
150 memset(cdata, '\0', sizeof(*cdata));
154 pp = x_strdup(crypt(p, hash));
157 p = NULL; /* no longer needed here */
159 /* the moment of truth -- do we agree with the password? */
160 D(("comparing state of pp[%s] and hash[%s]", pp, hash));
162 if (pp && strcmp(pp, hash) == 0) {
163 retval = PAM_SUCCESS;
165 retval = PAM_AUTH_ERR;
171 D(("done [%d].", retval));
177 is_pwd_shadowed(const struct passwd *pwd)
180 if (strcmp(pwd->pw_passwd, "x") == 0) {
183 if ((pwd->pw_passwd[0] == '#') &&
184 (pwd->pw_passwd[1] == '#') &&
185 (strcmp(pwd->pw_name, pwd->pw_passwd + 2) == 0)) {
192 PAMH_ARG_DECL(int get_account_info,
193 const char *name, struct passwd **pwd, struct spwd **spwdent)
195 /* UNIX passwords area */
196 *pwd = pam_modutil_getpwnam(pamh, name); /* Get password file entry... */
200 if (strcmp((*pwd)->pw_passwd, "*NP*") == 0)
202 #ifdef HELPER_COMPILE
203 uid_t save_euid, save_uid;
205 save_euid = geteuid();
207 if (save_uid == (*pwd)->pw_uid)
208 setreuid(save_euid, save_uid);
211 if (setreuid(-1, (*pwd)->pw_uid) == -1) {
214 if(setreuid(-1, (*pwd)->pw_uid) == -1)
215 return PAM_CRED_INSUFFICIENT;
219 *spwdent = pam_modutil_getspnam(pamh, name);
220 if (save_uid == (*pwd)->pw_uid)
221 setreuid(save_uid, save_euid);
224 setreuid(save_uid, -1);
225 setreuid(-1, save_euid);
228 if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL)
229 return PAM_AUTHINFO_UNAVAIL;
231 /* we must run helper for NIS+ passwords */
232 return PAM_UNIX_RUN_HELPER;
234 } else if (is_pwd_shadowed(*pwd)) {
236 * ...and shadow password file entry for this user,
237 * if shadowing is enabled
239 #ifndef HELPER_COMPILE
240 if (geteuid() || SELINUX_ENABLED)
241 return PAM_UNIX_RUN_HELPER;
243 *spwdent = pam_modutil_getspnam(pamh, name);
244 if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL)
245 return PAM_AUTHINFO_UNAVAIL;
248 return PAM_USER_UNKNOWN;
253 PAMH_ARG_DECL(int get_pwd_hash,
254 const char *name, struct passwd **pwd, char **hash)
257 struct spwd *spwdent = NULL;
259 retval = get_account_info(PAMH_ARG(name, pwd, &spwdent));
260 if (retval != PAM_SUCCESS) {
265 *hash = x_strdup(spwdent->sp_pwdp);
267 *hash = x_strdup((*pwd)->pw_passwd);
274 PAMH_ARG_DECL(int check_shadow_expiry,
275 struct spwd *spent, int *daysleft)
279 curdays = (long int)(time(NULL) / (60 * 60 * 24));
280 D(("today is %d, last change %d", curdays, spent->sp_lstchg));
281 if ((curdays >= spent->sp_expire) && (spent->sp_expire != -1)) {
282 D(("account expired"));
283 return PAM_ACCT_EXPIRED;
285 #if defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
286 if (spent->sp_lstchg == 0 ||
287 crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_METHOD_LEGACY ||
288 crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_TOO_CHEAP) {
290 if (spent->sp_lstchg == 0) {
292 D(("need a new password"));
294 return PAM_NEW_AUTHTOK_REQD;
296 if (curdays < spent->sp_lstchg) {
297 pam_syslog(pamh, LOG_DEBUG,
298 "account %s has password changed in future",
302 if ((curdays - spent->sp_lstchg > spent->sp_max)
303 && (curdays - spent->sp_lstchg > spent->sp_inact)
304 && (curdays - spent->sp_lstchg > spent->sp_max + spent->sp_inact)
305 && (spent->sp_max != -1) && (spent->sp_inact != -1)) {
306 *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays);
307 D(("authtok expired"));
308 return PAM_AUTHTOK_EXPIRED;
310 if ((curdays - spent->sp_lstchg > spent->sp_max) && (spent->sp_max != -1)) {
311 D(("need a new password 2"));
312 return PAM_NEW_AUTHTOK_REQD;
314 if ((curdays - spent->sp_lstchg > spent->sp_max - spent->sp_warn)
315 && (spent->sp_max != -1) && (spent->sp_warn != -1)) {
316 *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays);
317 D(("warn before expiry"));
319 if ((curdays - spent->sp_lstchg < spent->sp_min)
320 && (spent->sp_min != -1)) {
322 * The last password change was too recent. This error will be ignored
323 * if no password change is attempted.
325 D(("password change too recent"));
326 return PAM_AUTHTOK_ERR;
331 /* passwd/salt conversion macros */
333 #define PW_TMPFILE "/etc/npasswd"
334 #define SH_TMPFILE "/etc/nshadow"
335 #define OPW_TMPFILE "/etc/security/nopasswd"
338 * i64c - convert an integer to a radix 64 character
351 if (i >= 2 && i <= 11)
352 return ('0' - 2 + i);
353 if (i >= 12 && i <= 37)
354 return ('A' - 12 + i);
355 if (i >= 38 && i <= 63)
356 return ('a' - 38 + i);
360 /* <where> must point to a buffer of at least <length>+1 length */
362 crypt_make_salt(char *where, int length)
366 unsigned char tmp[16];
367 unsigned char *src = (unsigned char *)where;
369 #ifdef PAM_PATH_RANDOMDEV
373 if ((rv = fd = open(PAM_PATH_RANDOMDEV, O_RDONLY)) != -1) {
374 while ((rv = read(fd, where, length)) != length && errno == EINTR);
380 * Code lifted from Marek Michalkiewicz's shadow suite. (CG)
381 * removed use of static variables (AGM)
383 * will work correctly only for length <= 16 */
386 gettimeofday(&tv, (struct timezone *) 0);
387 GoodMD5Update(&ctx, (void *) &tv, sizeof tv);
389 GoodMD5Update(&ctx, (void *) &i, sizeof i);
391 GoodMD5Update(&ctx, (void *) &i, sizeof i);
392 GoodMD5Update(&ctx, src, length);
393 GoodMD5Final(tmp, &ctx);
394 #ifdef PAM_PATH_RANDOMDEV
397 for (i = 0; i < length; i++)
398 *where++ = i64c(src[i] & 077);
403 crypt_md5_wrapper(const char *pass_new)
405 unsigned char result[16];
406 char *cp = (char *) result;
408 cp = stpcpy(cp, "$1$"); /* magic for the MD5 */
409 crypt_make_salt(cp, 8);
411 /* no longer need cleartext */
412 cp = Goodcrypt_md5(pass_new, (const char *) result);
418 PAMH_ARG_DECL(char * create_password_hash,
419 const char *password, unsigned long long ctrl, int rounds)
422 #if defined(CRYPT_GENSALT_OUTPUT_SIZE) && CRYPT_GENSALT_OUTPUT_SIZE > 64
423 /* Strings returned by crypt_gensalt_rn will be no longer than this. */
424 char salt[CRYPT_GENSALT_OUTPUT_SIZE];
426 char salt[64]; /* contains rounds number + max 16 bytes of salt + algo id */
430 struct crypt_data *cdata = NULL;
433 if (on(UNIX_MD5_PASS, ctrl)) {
435 return crypt_md5_wrapper(password);
436 } else if (on(UNIX_YESCRYPT_PASS, ctrl)) {
438 } else if (on(UNIX_GOST_YESCRYPT_PASS, ctrl)) {
440 } else if (on(UNIX_BLOWFISH_PASS, ctrl)) {
442 } else if (on(UNIX_SHA256_PASS, ctrl)) {
444 } else if (on(UNIX_SHA512_PASS, ctrl)) {
446 } else { /* must be crypt/bigcrypt */
450 crypt_make_salt(salt, 2);
451 if (off(UNIX_BIGCRYPT, ctrl) && strlen(password) > 8) {
452 strncpy(tmppass, password, sizeof(tmppass)-1);
453 tmppass[sizeof(tmppass)-1] = '\0';
456 crypted = bigcrypt(password, salt);
457 memset(tmppass, '\0', sizeof(tmppass));
462 #if defined(CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) && CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY
464 * Any version of libcrypt supporting auto entropy is
465 * guaranteed to have crypt_gensalt_rn().
467 sp = crypt_gensalt_rn(algoid, rounds, NULL, 0, salt, sizeof(salt));
469 #ifdef HAVE_CRYPT_GENSALT_R
470 if (on(UNIX_BLOWFISH_PASS, ctrl)) {
472 crypt_make_salt(entropy, sizeof(entropy) - 1);
473 sp = crypt_gensalt_r (algoid, rounds,
474 entropy, sizeof(entropy),
478 sp = stpcpy(salt, algoid);
479 if (on(UNIX_ALGO_ROUNDS, ctrl)) {
480 sp += snprintf(sp, sizeof(salt) - (16 + 1 + (sp - salt)), "rounds=%u$", rounds);
482 crypt_make_salt(sp, 16);
483 #ifdef HAVE_CRYPT_GENSALT_R
486 #endif /* CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY */
489 cdata = malloc(sizeof(*cdata));
491 cdata->initialized = 0;
492 sp = crypt_r(password, salt, cdata);
495 sp = crypt(password, salt);
497 if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) {
498 /* libxcrypt/libc doesn't know the algorithm, use MD5 */
499 pam_syslog(pamh, LOG_ERR,
500 "Algo %s not supported by the crypto backend, "
501 "falling back to MD5\n",
502 on(UNIX_YESCRYPT_PASS, ctrl) ? "yescrypt" :
503 on(UNIX_GOST_YESCRYPT_PASS, ctrl) ? "gost_yescrypt" :
504 on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" :
505 on(UNIX_SHA256_PASS, ctrl) ? "sha256" :
506 on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid);
508 memset(sp, '\0', strlen(sp));
513 return crypt_md5_wrapper(password);
524 unix_selinux_confined(void)
526 static int confined = -1;
528 char tempfile[]="/etc/.pwdXXXXXX";
533 /* cannot be confined without SELinux enabled */
534 if (!SELINUX_ENABLED){
539 /* let's try opening shadow read only */
540 if ((fd=open("/etc/shadow", O_RDONLY)) != -1) {
546 if (errno == EACCES) {
551 /* shadow opening failed because of other reasons let's try
552 creating a file in /etc */
553 if ((fd=mkstemp(tempfile)) != -1) {
566 unix_selinux_confined(void)
579 #ifndef HELPER_COMPILE
580 if (unix_selinux_confined()) {
584 /* These values for the number of attempts and the sleep time
585 are, of course, completely arbitrary.
586 My reading of the PAM docs is that, once pam_chauthtok() has been
587 called with PAM_UPDATE_AUTHTOK, we are obliged to take any
588 reasonable steps to make sure the token is updated; so retrying
589 for 1/10 sec. isn't overdoing it. */
591 while((retval = lckpwdf()) != 0 && i < 100) {
596 return PAM_AUTHTOK_LOCK_BUSY;
604 #ifndef HELPER_COMPILE
605 if (unix_selinux_confined()) {
625 #ifdef HELPER_COMPILE
627 save_old_password(const char *forwho, const char *oldpass,
631 save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass,
635 static char buf[16384];
636 static char nbuf[16384];
637 char *s_luser, *s_uid, *s_npas, *s_pas, *pass;
639 FILE *pwfile, *opwfile;
643 struct passwd *pwd = NULL;
645 size_t len = strlen(forwho);
647 security_context_t prev_context=NULL;
654 if (oldpass == NULL) {
658 oldmask = umask(077);
661 if (SELINUX_ENABLED) {
662 security_context_t passwd_context=NULL;
663 if (getfilecon("/etc/passwd",&passwd_context)<0) {
664 return PAM_AUTHTOK_ERR;
666 if (getfscreatecon(&prev_context)<0) {
667 freecon(passwd_context);
668 return PAM_AUTHTOK_ERR;
670 if (setfscreatecon(passwd_context)) {
671 freecon(passwd_context);
672 freecon(prev_context);
673 return PAM_AUTHTOK_ERR;
675 freecon(passwd_context);
678 pwfile = fopen(OPW_TMPFILE, "w");
680 if (pwfile == NULL) {
685 opwfile = fopen(OLD_PASSWORDS_FILE, "r");
686 if (opwfile == NULL) {
692 if (fstat(fileno(opwfile), &st) == -1) {
699 if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
705 if (fchmod(fileno(pwfile), st.st_mode) == -1) {
712 while (fgets(buf, 16380, opwfile)) {
713 if (!strncmp(buf, forwho, len) && strchr(":,\n", buf[len]) != NULL) {
718 buf[strlen(buf) - 1] = '\0';
719 s_luser = strtok_r(buf, ":", &sptr);
720 if (s_luser == NULL) {
724 s_uid = strtok_r(NULL, ":", &sptr);
729 s_npas = strtok_r(NULL, ":", &sptr);
730 if (s_npas == NULL) {
734 s_pas = strtok_r(NULL, ":", &sptr);
735 npas = strtol(s_npas, NULL, 10) + 1;
736 while (npas > howmany && s_pas != NULL) {
737 s_pas = strpbrk(s_pas, ",");
742 pass = crypt_md5_wrapper(oldpass);
744 snprintf(nbuf, sizeof(nbuf), "%s:%s:%d:%s\n",
745 s_luser, s_uid, npas, pass);
747 snprintf(nbuf, sizeof(nbuf),"%s:%s:%d:%s,%s\n",
748 s_luser, s_uid, npas, s_pas, pass);
750 if (fputs(nbuf, pwfile) < 0) {
754 } else if (fputs(buf, pwfile) < 0) {
762 pwd = pam_modutil_getpwnam(pamh, forwho);
766 pass = crypt_md5_wrapper(oldpass);
767 snprintf(nbuf, sizeof(nbuf), "%s:%lu:1:%s\n",
768 forwho, (unsigned long)pwd->pw_uid, pass);
770 if (fputs(nbuf, pwfile) < 0) {
776 if (fflush(pwfile) || fsync(fileno(pwfile))) {
777 D(("fflush or fsync error writing entries to old passwords file: %m"));
781 if (fclose(pwfile)) {
782 D(("fclose error writing entries to old passwords file: %m"));
788 if (rename(OPW_TMPFILE, OLD_PASSWORDS_FILE))
792 if (SELINUX_ENABLED) {
793 if (setfscreatecon(prev_context)) {
797 freecon(prev_context);
805 return PAM_AUTHTOK_ERR;
809 PAMH_ARG_DECL(int unix_update_passwd,
810 const char *forwho, const char *towhat)
812 struct passwd *tmpent = NULL;
814 FILE *pwfile, *opwfile;
818 security_context_t prev_context=NULL;
821 oldmask = umask(077);
823 if (SELINUX_ENABLED) {
824 security_context_t passwd_context=NULL;
825 if (getfilecon("/etc/passwd",&passwd_context)<0) {
826 return PAM_AUTHTOK_ERR;
828 if (getfscreatecon(&prev_context)<0) {
829 freecon(passwd_context);
830 return PAM_AUTHTOK_ERR;
832 if (setfscreatecon(passwd_context)) {
833 freecon(passwd_context);
834 freecon(prev_context);
835 return PAM_AUTHTOK_ERR;
837 freecon(passwd_context);
840 pwfile = fopen(PW_TMPFILE, "w");
842 if (pwfile == NULL) {
847 opwfile = fopen("/etc/passwd", "r");
848 if (opwfile == NULL) {
854 if (fstat(fileno(opwfile), &st) == -1) {
861 if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
867 if (fchmod(fileno(pwfile), st.st_mode) == -1) {
874 tmpent = fgetpwent(opwfile);
876 if (!strcmp(tmpent->pw_name, forwho)) {
879 const char *const_charp;
882 assigned_passwd.const_charp = towhat;
884 tmpent->pw_passwd = assigned_passwd.charp;
887 if (putpwent(tmpent, pwfile)) {
888 D(("error writing entry to password file: %m"));
892 tmpent = fgetpwent(opwfile);
896 if (fflush(pwfile) || fsync(fileno(pwfile))) {
897 D(("fflush or fsync error writing entries to password file: %m"));
901 if (fclose(pwfile)) {
902 D(("fclose error writing entries to password file: %m"));
908 if (!rename(PW_TMPFILE, "/etc/passwd"))
910 LOG_NOTICE, "password changed for %s", forwho);
915 if (SELINUX_ENABLED) {
916 if (setfscreatecon(prev_context)) {
920 freecon(prev_context);
928 return PAM_AUTHTOK_ERR;
932 PAMH_ARG_DECL(int unix_update_shadow,
933 const char *forwho, char *towhat)
935 struct spwd spwdent, *stmpent = NULL;
937 FILE *pwfile, *opwfile;
942 security_context_t prev_context=NULL;
945 oldmask = umask(077);
948 if (SELINUX_ENABLED) {
949 security_context_t shadow_context=NULL;
950 if (getfilecon("/etc/shadow",&shadow_context)<0) {
951 return PAM_AUTHTOK_ERR;
953 if (getfscreatecon(&prev_context)<0) {
954 freecon(shadow_context);
955 return PAM_AUTHTOK_ERR;
957 if (setfscreatecon(shadow_context)) {
958 freecon(shadow_context);
959 freecon(prev_context);
960 return PAM_AUTHTOK_ERR;
962 freecon(shadow_context);
965 pwfile = fopen(SH_TMPFILE, "w");
967 if (pwfile == NULL) {
972 opwfile = fopen("/etc/shadow", "r");
973 if (opwfile == NULL) {
979 if (fstat(fileno(opwfile), &st) == -1) {
986 if (fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) {
992 if (fchmod(fileno(pwfile), st.st_mode) == -1) {
999 stmpent = fgetspent(opwfile);
1002 if (!strcmp(stmpent->sp_namp, forwho)) {
1003 stmpent->sp_pwdp = towhat;
1004 stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
1005 if (stmpent->sp_lstchg == 0)
1006 stmpent->sp_lstchg = -1; /* Don't request passwort change
1007 only because time isn't set yet. */
1009 D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
1012 if (putspent(stmpent, pwfile)) {
1013 D(("error writing entry to shadow file: %m"));
1018 stmpent = fgetspent(opwfile);
1023 if (!wroteentry && !err) {
1024 spwdent.sp_namp = (char *)forwho;
1025 spwdent.sp_pwdp = towhat;
1026 spwdent.sp_lstchg = time(NULL) / (60 * 60 * 24);
1027 if (spwdent.sp_lstchg == 0)
1028 spwdent.sp_lstchg = -1; /* Don't request passwort change
1029 only because time isn't set yet. */
1030 spwdent.sp_min = spwdent.sp_max = spwdent.sp_warn = spwdent.sp_inact =
1031 spwdent.sp_expire = -1;
1032 spwdent.sp_flag = (unsigned long)-1l;
1033 if (putspent(&spwdent, pwfile)) {
1034 D(("error writing entry to shadow file: %m"));
1039 if (fflush(pwfile) || fsync(fileno(pwfile))) {
1040 D(("fflush or fsync error writing entries to shadow file: %m"));
1044 if (fclose(pwfile)) {
1045 D(("fclose error writing entries to shadow file: %m"));
1051 if (!rename(SH_TMPFILE, "/etc/shadow"))
1053 LOG_NOTICE, "password changed for %s", forwho);
1059 if (SELINUX_ENABLED) {
1060 if (setfscreatecon(prev_context)) {
1064 freecon(prev_context);
1073 return PAM_AUTHTOK_ERR;
1077 #ifdef HELPER_COMPILE
1080 helper_verify_password(const char *name, const char *p, int nullok)
1082 struct passwd *pwd = NULL;
1086 retval = get_pwd_hash(name, &pwd, &salt);
1088 if (pwd == NULL || salt == NULL) {
1089 helper_log_err(LOG_NOTICE, "check pass; user unknown");
1090 retval = PAM_USER_UNKNOWN;
1092 retval = verify_pwd_hash(p, salt, nullok);
1096 _pam_overwrite(salt);
1100 p = NULL; /* no longer needed here */
1106 helper_log_err(int err, const char *format, ...)
1110 va_start(args, format);
1111 openlog(HELPER_COMPILE, LOG_CONS | LOG_PID, LOG_AUTHPRIV);
1112 vsyslog(err, format, args);
1118 su_sighandler(int sig)
1120 #ifndef SA_RESETHAND
1121 /* emulate the behaviour of the SA_RESETHAND flag */
1122 if ( sig == SIGILL || sig == SIGTRAP || sig == SIGBUS || sig = SIGSERV ) {
1123 struct sigaction sa;
1124 memset(&sa, '\0', sizeof(sa));
1125 sa.sa_handler = SIG_DFL;
1126 sigaction(sig, &sa, NULL);
1137 struct sigaction action; /* posix signal structure */
1140 * Setup signal handlers
1142 (void) memset((void *) &action, 0, sizeof(action));
1143 action.sa_handler = su_sighandler;
1145 action.sa_flags = SA_RESETHAND;
1147 (void) sigaction(SIGILL, &action, NULL);
1148 (void) sigaction(SIGTRAP, &action, NULL);
1149 (void) sigaction(SIGBUS, &action, NULL);
1150 (void) sigaction(SIGSEGV, &action, NULL);
1151 action.sa_handler = SIG_IGN;
1152 action.sa_flags = 0;
1153 (void) sigaction(SIGTERM, &action, NULL);
1154 (void) sigaction(SIGHUP, &action, NULL);
1155 (void) sigaction(SIGINT, &action, NULL);
1156 (void) sigaction(SIGQUIT, &action, NULL);
1160 getuidname(uid_t uid)
1163 static char username[256];
1169 strncpy(username, pw->pw_name, sizeof(username));
1170 username[sizeof(username) - 1] = '\0';
1176 read_passwords(int fd, int npass, char **passwords)
1178 /* The passwords array must contain npass preallocated
1179 * buffers of length MAXPASS + 1
1186 rbytes = read(fd, passwords[i]+offset, MAXPASS+1-offset);
1189 if (errno == EINTR) continue;
1195 while (npass > 0 && (pptr=memchr(passwords[i]+offset, '\0', rbytes))
1197 rbytes -= pptr - (passwords[i]+offset) + 1;
1203 memcpy(passwords[i], pptr+1, rbytes);
1204 memset(pptr+1, '\0', rbytes);
1211 if (offset > 0 && npass > 0) {
1212 memset(passwords[i], '\0', offset);
1219 /* ****************************************************************** *
1220 * Copyright (c) Jan Rękorajski 1999.
1221 * Copyright (c) Andrew G. Morgan 1996-8.
1222 * Copyright (c) Alex O. Yuriev, 1996.
1223 * Copyright (c) Cristian Gafton 1996.
1224 * Copyright (c) Red Hat, Inc. 1996, 2007, 2008.
1226 * Redistribution and use in source and binary forms, with or without
1227 * modification, are permitted provided that the following conditions
1229 * 1. Redistributions of source code must retain the above copyright
1230 * notice, and the entire permission notice in its entirety,
1231 * including the disclaimer of warranties.
1232 * 2. Redistributions in binary form must reproduce the above copyright
1233 * notice, this list of conditions and the following disclaimer in the
1234 * documentation and/or other materials provided with the distribution.
1235 * 3. The name of the author may not be used to endorse or promote
1236 * products derived from this software without specific prior
1237 * written permission.
1239 * ALTERNATIVELY, this product may be distributed under the terms of
1240 * the GNU Public License, in which case the provisions of the GPL are
1241 * required INSTEAD OF the above restrictions. (This clause is
1242 * necessary due to a potential bad interaction between the GPL and
1243 * the restrictions contained in a BSD-style copyright.)
1245 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
1246 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
1247 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
1248 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
1249 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1250 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1251 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1252 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1253 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
1254 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
1255 * OF THE POSSIBILITY OF SUCH DAMAGE.