sudo-1.7.4p4/auth/passwd.c - nest-learning-thermostat/5.1.7/sudo - Git at Google

 /*
  * Copyright (c) 1999-2005, 2010
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  *
  * Sponsored in part by the Defense Advanced Research Projects
  * Agency (DARPA) and Air Force Research Laboratory, Air Force
  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
  */

 #include <config.h>

 #include <sys/types.h>
 #include <sys/param.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
 # include <stdlib.h>
 # include <stddef.h>
 #else
 # ifdef HAVE_STDLIB_H
 #  include <stdlib.h>
 # endif
 #endif /* STDC_HEADERS */
 #ifdef HAVE_STRING_H
 # include <string.h>
 #endif /* HAVE_STRING_H */
 #ifdef HAVE_STRINGS_H
 # include <strings.h>
 #endif /* HAVE_STRINGS_H */
 #ifdef HAVE_UNISTD_H
 # include <unistd.h>
 #endif /* HAVE_UNISTD_H */
 #include <pwd.h>

 #include "sudo.h"
 #include "sudo_auth.h"

 #define DESLEN			13
 #define HAS_AGEINFO(p, l)	(l == 18 && p[DESLEN] == ',')

 int
 passwd_init(pw, promptp, auth)
     struct passwd *pw;
     char **promptp;
     sudo_auth *auth;
 {
 #ifdef HAVE_SKEYACCESS
     if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
 	return(AUTH_FAILURE);
 #endif
     return(AUTH_SUCCESS);
 }

 int
 passwd_verify(pw, pass, auth)
     struct passwd *pw;
     char *pass;
     sudo_auth *auth;
 {
     char sav, *epass;
     size_t pw_len;
     int error;

     pw_len = strlen(pw->pw_passwd);

 #ifdef HAVE_GETAUTHUID
     /* Ultrix shadow passwords may use crypt16() */
     error = strcmp(pw->pw_passwd, (char *) crypt16(pass, pw->pw_passwd));
     if (!error)
 	return(AUTH_SUCCESS);
 #endif /* HAVE_GETAUTHUID */

     /*
      * Truncate to 8 chars if standard DES since not all crypt()'s do this.
      * If this turns out not to be safe we will have to use OS #ifdef's (sigh).
      */
     sav = pass[8];
     if (pw_len == DESLEN || HAS_AGEINFO(pw->pw_passwd, pw_len))
 	pass[8] = '\0';

     /*
      * Normal UN*X password check.
      * HP-UX may add aging info (separated by a ',') at the end so
      * only compare the first DESLEN characters in that case.
      */
     epass = (char *) crypt(pass, pw->pw_passwd);
     pass[8] = sav;
     if (HAS_AGEINFO(pw->pw_passwd, pw_len) && strlen(epass) == DESLEN)
 	error = strncmp(pw->pw_passwd, epass, DESLEN);
     else
 	error = strcmp(pw->pw_passwd, epass);

     return(error ? AUTH_FAILURE : AUTH_SUCCESS);
 }
	/*
	* Copyright (c) 1999-2005, 2010
	* Todd C. Miller <Todd.Miller@courtesan.com>
	*
	* Permission to use, copy, modify, and distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	*
	* Sponsored in part by the Defense Advanced Research Projects
	* Agency (DARPA) and Air Force Research Laboratory, Air Force
	* Materiel Command, USAF, under agreement number F39502-99-1-0512.
	*/

	#include <config.h>

	#include <sys/types.h>
	#include <sys/param.h>
	#include <stdio.h>
	#ifdef STDC_HEADERS
	# include <stdlib.h>
	# include <stddef.h>
	#else
	# ifdef HAVE_STDLIB_H
	# include <stdlib.h>
	# endif
	#endif /* STDC_HEADERS */
	#ifdef HAVE_STRING_H
	# include <string.h>
	#endif /* HAVE_STRING_H */
	#ifdef HAVE_STRINGS_H
	# include <strings.h>
	#endif /* HAVE_STRINGS_H */
	#ifdef HAVE_UNISTD_H
	# include <unistd.h>
	#endif /* HAVE_UNISTD_H */
	#include <pwd.h>

	#include "sudo.h"
	#include "sudo_auth.h"

	#define DESLEN 13
	#define HAS_AGEINFO(p, l) (l == 18 && p[DESLEN] == ',')

	int
	passwd_init(pw, promptp, auth)
	struct passwd *pw;
	char **promptp;
	sudo_auth *auth;
	{
	#ifdef HAVE_SKEYACCESS
	if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
	return(AUTH_FAILURE);
	#endif
	return(AUTH_SUCCESS);
	}

	int
	passwd_verify(pw, pass, auth)
	struct passwd *pw;
	char *pass;
	sudo_auth *auth;
	{
	char sav, *epass;
	size_t pw_len;
	int error;

	pw_len = strlen(pw->pw_passwd);

	#ifdef HAVE_GETAUTHUID
	/* Ultrix shadow passwords may use crypt16() */
	error = strcmp(pw->pw_passwd, (char *) crypt16(pass, pw->pw_passwd));
	if (!error)
	return(AUTH_SUCCESS);
	#endif /* HAVE_GETAUTHUID */

	/*
	* Truncate to 8 chars if standard DES since not all crypt()'s do this.
	* If this turns out not to be safe we will have to use OS #ifdef's (sigh).
	*/
	sav = pass[8];
	if (pw_len == DESLEN \|\| HAS_AGEINFO(pw->pw_passwd, pw_len))
	pass[8] = '\0';

	/*
	* Normal UN*X password check.
	* HP-UX may add aging info (separated by a ',') at the end so
	* only compare the first DESLEN characters in that case.
	*/
	epass = (char *) crypt(pass, pw->pw_passwd);
	pass[8] = sav;
	if (HAS_AGEINFO(pw->pw_passwd, pw_len) && strlen(epass) == DESLEN)
	error = strncmp(pw->pw_passwd, epass, DESLEN);
	else
	error = strcmp(pw->pw_passwd, epass);

	return(error ? AUTH_FAILURE : AUTH_SUCCESS);
	}