xcrypt.c revision 295367 
1/*
2 * Copyright (c) 2003 Ben Lindstrom.  All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */
24
25#include "includes.h"
26
27#include <sys/types.h>
28#include <unistd.h>
29#include <pwd.h>
30
31# if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE)
32#  include <crypt.h>
33# endif
34
35# ifdef __hpux
36#  include <hpsecurity.h>
37#  include <prot.h>
38# endif
39
40# ifdef HAVE_SECUREWARE
41#  include <sys/security.h>
42#  include <sys/audit.h>
43#  include <prot.h>
44# endif
45
46# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
47#  include <shadow.h>
48# endif
49
50# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
51#  include <sys/label.h>
52#  include <sys/audit.h>
53#  include <pwdadj.h>
54# endif
55
56# if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
57#  include "md5crypt.h"
58# endif
59
60# if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
61#  include <openssl/des.h>
62#  define crypt DES_crypt
63# endif
64
65char *
66xcrypt(const char *password, const char *salt)
67{
68	char *crypted;
69
70# ifdef HAVE_MD5_PASSWORDS
71        if (is_md5_salt(salt))
72                crypted = md5_crypt(password, salt);
73        else
74                crypted = crypt(password, salt);
75# elif defined(__hpux) && !defined(HAVE_SECUREWARE)
76	if (iscomsec())
77                crypted = bigcrypt(password, salt);
78        else
79                crypted = crypt(password, salt);
80# elif defined(HAVE_SECUREWARE)
81        crypted = bigcrypt(password, salt);
82# else
83        crypted = crypt(password, salt);
84# endif
85
86	return crypted;
87}
88
89/*
90 * Handle shadowed password systems in a cleaner way for portable
91 * version.
92 */
93
94char *
95shadow_pw(struct passwd *pw)
96{
97	char *pw_password = pw->pw_passwd;
98
99# if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW)
100	struct spwd *spw = getspnam(pw->pw_name);
101
102	if (spw != NULL)
103		pw_password = spw->sp_pwdp;
104# endif
105
106#ifdef USE_LIBIAF
107	return(get_iaf_password(pw));
108#endif
109
110# if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW)
111	struct passwd_adjunct *spw;
112	if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL)
113		pw_password = spw->pwa_passwd;
114# elif defined(HAVE_SECUREWARE)
115	struct pr_passwd *spw = getprpwnam(pw->pw_name);
116
117	if (spw != NULL)
118		pw_password = spw->ufld.fd_encrypt;
119# endif
120
121	return pw_password;
122}
123