Blame - auth-passwd.c - platform/external/openssh

blob: a8a52ce9a7f543a391f4e9a80d07630911c7633d [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				3	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				4	* All rights reserved
				5	* Created: Sat Mar 18 05:11:38 1995 ylo
				6	* Password authentication. This file contains the functions to check whether
				7	* the password is valid for the user.
				8	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	9
				10	#include "includes.h"
Damien Miller	dd1c7ba	1999-11-19 15:53:20 +1100	[diff] [blame]	11
Damien Miller	beb4ba5	1999-12-28 15:09:35 +1100	[diff] [blame]	12	#ifndef USE_PAM
Damien Miller	dd1c7ba	1999-11-19 15:53:20 +1100	[diff] [blame]	13
Damien Miller	1808f38	2000-01-06 12:03:12 +1100	[diff] [blame]	14	RCSID("$Id: auth-passwd.c,v 1.15 2000/01/06 01:03:13 damien Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	15
				16	#include "packet.h"
				17	#include "ssh.h"
				18	#include "servconf.h"
				19	#include "xmalloc.h"
Damien Miller	2cb210f	1999-11-13 15:40:10 +1100	[diff] [blame]	20
				21	#ifdef HAVE_SHADOW_H
Damien Miller	beb4ba5	1999-12-28 15:09:35 +1100	[diff] [blame]	22	# include <shadow.h>
Damien Miller	2cb210f	1999-11-13 15:40:10 +1100	[diff] [blame]	23	#endif
Damien Miller	beb4ba5	1999-12-28 15:09:35 +1100	[diff] [blame]	24	#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
				25	# include "md5crypt.h"
				26	#endif /* defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) */
Damien Miller	dd1c7ba	1999-11-19 15:53:20 +1100	[diff] [blame]	27
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	28	/*
				29	* Tries to authenticate the user using password. Returns true if
				30	* authentication succeeds.
				31	*/
				32	int
				33	auth_password(struct passwd * pw, const char *password)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	34	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	35	extern ServerOptions options;
				36	char *encrypted_password;
Damien Miller	2e1b082	1999-12-25 10:11:29 +1100	[diff] [blame]	37	char *pw_password;
				38	char *salt;
Damien Miller	2cb210f	1999-11-13 15:40:10 +1100	[diff] [blame]	39	#ifdef HAVE_SHADOW_H
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	40	struct spwd *spw;
Damien Miller	2cb210f	1999-11-13 15:40:10 +1100	[diff] [blame]	41	#endif
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	42
Damien Miller	ece22a8	1999-12-30 09:48:15 +1100	[diff] [blame]	43	/* deny if no user. */
				44	if (pw == NULL)
				45	return 0;
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	46	if (pw->pw_uid == 0 && options.permit_root_login == 2)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	47	return 0;
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	48	if (*password == '\0' && options.permit_empty_passwd == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	49	return 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	50
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	51	#ifdef SKEY
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	52	if (options.skey_authentication == 1) {
Damien Miller	aae6c61	1999-12-06 11:47:28 +1100	[diff] [blame]	53	int ret = auth_skey_password(pw, password);
				54	if (ret == 1 \|\| ret == 0)
				55	return ret;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	56	/* Fall back to ordinary passwd authentication. */
				57	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	58	#endif
Damien Miller	aae6c61	1999-12-06 11:47:28 +1100	[diff] [blame]	59	#ifdef KRB4
				60	if (options.kerberos_authentication == 1) {
				61	int ret = auth_krb4_password(pw, password);
				62	if (ret == 1 \|\| ret == 0)
				63	return ret;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	64	/* Fall back to ordinary passwd authentication. */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	65	}
Damien Miller	aae6c61	1999-12-06 11:47:28 +1100	[diff] [blame]	66	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	67
				68	/* Check for users with no password. */
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	69	if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	70	return 1;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	71
Damien Miller	2e1b082	1999-12-25 10:11:29 +1100	[diff] [blame]	72	pw_password = pw->pw_passwd;
				73
Damien Miller	cb7e5f9	1999-12-21 21:03:09 +1100	[diff] [blame]	74	#if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	75	spw = getspnam(pw->pw_name);
Damien Miller	8eb0fd6	1999-12-31 08:49:13 +1100	[diff] [blame]	76	if (spw != NULL)
				77	{
				78	/* Check for users with no password. */
				79	if (strcmp(password, "") == 0 && strcmp(spw->sp_pwdp, "") == 0)
				80	return 1;
Damien Miller	2cb210f	1999-11-13 15:40:10 +1100	[diff] [blame]	81
Damien Miller	8eb0fd6	1999-12-31 08:49:13 +1100	[diff] [blame]	82	pw_password = spw->sp_pwdp;
				83	}
Damien Miller	cb7e5f9	1999-12-21 21:03:09 +1100	[diff] [blame]	84	#endif /* defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) */
Damien Miller	2e1b082	1999-12-25 10:11:29 +1100	[diff] [blame]	85
				86	if (pw_password[0] != '\0')
				87	salt = pw_password;
				88	else
				89	salt = "xx";
				90
				91	#ifdef HAVE_MD5_PASSWORDS
				92	if (is_md5_salt(salt))
				93	encrypted_password = md5_crypt(password, salt);
				94	else
				95	encrypted_password = crypt(password, salt);
				96	#else /* HAVE_MD5_PASSWORDS */
				97	encrypted_password = crypt(password, salt);
				98	#endif /* HAVE_MD5_PASSWORDS */
				99
				100	/* Authentication is accepted if the encrypted passwords are identical. */
				101	return (strcmp(encrypted_password, pw_password) == 0);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	102	}
Damien Miller	beb4ba5	1999-12-28 15:09:35 +1100	[diff] [blame]	103	#endif /* !USE_PAM */