Added support for "userPassword: {UNIX}uid". getpwnam("uid") is

used to fetch the pw_passwd which is than passwd to crypt(). getspnam() is used instead of getpwnam() when available. Added configration detection of pw_passwd, shadow.h, getpwnam() and getspnam().
2024-12-03 02:41:24 +08:00 · 1999-06-26 20:52:59 +00:00 · 1999-06-26 20:52:59 +00:00 · ab10099fc1
commit ab10099fc1
parent fcaddb60b4
5 changed files with 996 additions and 1016 deletions
--- a/build/openldap.m4
+++ b/build/openldap.m4
@ -197,6 +197,23 @@ if test $ol_cv_struct_passwd_pw_gecos = yes ; then
 fi
 ])
 dnl
+dnl --------------------------------------------------------------------
+dnl Check if struct passwd has pw_gecos
+AC_DEFUN([OL_STRUCT_PASSWD_PW_PASSWD], [# test for pw_passwd in struct passwd
+AC_MSG_CHECKING([struct passwd for pw_passwd])
+AC_CACHE_VAL(ol_cv_struct_passwd_pw_passwd,[
+	AC_TRY_COMPILE([#include <pwd.h>],[
+	struct passwd pwd;
+	pwd.pw_passwd = pwd.pw_name;
+],
+	[ol_cv_struct_passwd_pw_passwd=yes],
+	[ol_cv_struct_passwd_pw_passwd=no])])
+AC_MSG_RESULT($ol_cv_struct_passwd_pw_passwd)
+if test $ol_cv_struct_passwd_pw_passwd = yes ; then
+	AC_DEFINE(HAVE_PW_PASSWD,1, [define if struct passwd has pw_passwd])
+fi
+])
+dnl
 dnl ====================================================================
 dnl Check if db.h is Berkeley DB2
 dnl
--- a/1949
+++ b/1949
--- a/configure.in
+++ b/configure.in
@ -1643,6 +1643,7 @@ AC_CHECK_HEADERS(	\
 	pwd.h			\
 	resolv.h		\
 	sgtty.h			\
+	shadow.h		\
 	stdarg.h		\
 	stddef.h		\
 	string.h		\
@ -1678,6 +1679,7 @@ AC_STRUCT_ST_BLKSIZE
 AC_HEADER_TIME
 AC_STRUCT_TM
 OL_STRUCT_PASSWD_PW_GECOS
+OL_STRUCT_PASSWD_PW_PASSWD

 OL_C_UPPER_LOWER
 AC_C_CONST
@ -1738,6 +1740,8 @@ AC_CHECK_FUNCS(		\
 	gethostname		\
 	getpass			\
 	getpwuid		\
+	getpwnam		\
+	getspnam		\
 	gettimeofday	\
 	initgroups		\
 	lockf			\
--- a/include/portable.h.in
+++ b/include/portable.h.in
@ -293,9 +293,15 @@
 /* Define if you have the getpass function.  */
 #undef HAVE_GETPASS

+/* Define if you have the getpwnam function.  */
+#undef HAVE_GETPWNAM
+
 /* Define if you have the getpwuid function.  */
 #undef HAVE_GETPWUID

+/* Define if you have the getspnam function.  */
+#undef HAVE_GETSPNAM
+
 /* Define if you have the gettimeofday function.  */
 #undef HAVE_GETTIMEOFDAY

@ -536,6 +542,9 @@
 /* Define if you have the <sgtty.h> header file.  */
 #undef HAVE_SGTTY_H

+/* Define if you have the <shadow.h> header file.  */
+#undef HAVE_SHADOW_H
+
 /* Define if you have the <ssl.h> header file.  */
 #undef HAVE_SSL_H

@ -773,6 +782,9 @@
 /* define if struct passwd has pw_gecos */
 #undef HAVE_PW_GECOS

+/* define if struct passwd has pw_passwd */
+#undef HAVE_PW_PASSWD
+
 /* define if toupper() requires islower() */
 #undef C_UPPER_LOWER

--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@ -19,6 +19,13 @@
 #include "lutil_sha1.h"
 #include "lutil.h"

+#ifdef HAVE_SHADOW_H
+#	include <shadow.h>
+#endif
+#ifdef HAVE_PWD_H
+#	include <pwd.h>
+#endif
+
 /*
 * Return 0 if creds are good.
 */
@ -138,6 +145,29 @@ lutil_passwd(

 		return( strcmp(p, crypt(cred, p)) );

+# if defined( HAVE_GETSPNAM ) \
+  || ( defined( HAVE_GETPWNAM ) && defined( HAVE_PW_PASSWD ) )
+	} else if (strncasecmp(passwd, "{UNIX}", sizeof("{UNIX}") - 1) == 0 ) {
+		const char *u = passwd + (sizeof("{UNIX}") - 1);
+
+#  ifdef HAVE_GETSPNAM
+		struct spwd *spwd = getspnam(u);
+
+		if(spwd == NULL) {
+			return 1;	/* not found */
+		}
+
+		return strcmp(spwd->sp_pwdp, crypt(cred, spwd->sp_pwdp));
+#  else
+		struct passwd *pwd = getpwnam(u);
+
+		if(pwd == NULL) {
+			return 1;	/* not found */
+		}
+
+		return strcmp(pwd->pw_passwd, crypt(cred, pwd->pw_passwd));
+#  endif
+# endif
 #endif
 	}