TDE
/
tdebase
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/tdebase
0
0
Fork 0
Code Issues Releases Wiki Activity

kcheckpass: fix shadow support when not building tdm

Browse Source 
1. If not building with PAM, kcheckpass relies on HAVE_SHADOW to decide
whether to support shadow passwords. However, this was only set if also
building tdm.

Consolidate all PAM/shadow configure checks at the top level so these are
always set correctly.

2. Consolidate /etc/passwd and shadow password handling

The shadow password handler already completely handles /etc/passwd
passwords as well, so having a separate handler for just /etc/passwd is
pure code duplication.

Signed-off-by: Bobby Bingham <koorogi@koorogi.info>
pull/354/head
Bobby Bingham 1 year ago committed by Michele Calgaro
parent 950f0ce736
commit 8c543e26ec
Signed by: MicheleC
GPG Key ID: 2A75B7CA8ADED5CF
6 changed files with 28 additions and 99 deletions
Show Stats Download Patch File Download Diff File

26
ConfigureChecks.cmake
Unescape View File

@ -103,16 +103,22 @@ if( BUILD_TDEIOSLAVES )
endif( ) endif( )
# pam # pam and shadow
if( WITH_PAM AND (BUILD_KCHECKPASS OR BUILD_TDM) ) if( BUILD_KCHECKPASS OR BUILD_TDM )
check_library_exists( pam pam_start "" HAVE_PAM ) if ( WITH_PAM )
if( HAVE_PAM ) check_library_exists( pam pam_start "" HAVE_PAM )
check_include_file( "security/pam_appl.h" SECURITY_PAM_APPL_H ) if( HAVE_PAM )
endif( ) set( USEPAM 1 CACHE INTERNAL "" FORCE )
if( HAVE_PAM AND SECURITY_PAM_APPL_H ) check_include_file( "security/pam_appl.h" SECURITY_PAM_APPL_H )
set( PAM_LIBRARY pam ${DL_LIBRARIES} ) endif( )
else( ) if( HAVE_PAM AND SECURITY_PAM_APPL_H )
tde_message_fatal( "pam are requested, but not found on your system" ) set( PAM_LIBRARY pam ${DL_LIBRARIES} )
else( )
tde_message_fatal( "pam are requested, but not found on your system" )
endif( )
elseif( WITH_SHADOW )
set( HAVE_SHADOW 1 CACHE INTERNAL "" FORCE )
set( USESHADOW 1 CACHE INTERNAL "" FORCE )
endif( ) endif( )
endif( ) endif( )

2
kcheckpass/CMakeLists.txt
Unescape View File

@ -24,7 +24,7 @@ include_directories(
tde_add_executable( kcheckpass AUTOMOC tde_add_executable( kcheckpass AUTOMOC
SOURCES SOURCES
kcheckpass.c checkpass_etcpasswd.c checkpass_pam.c kcheckpass.c checkpass_pam.c
checkpass_shadow.c checkpass_osfc2passwd.c checkpass_aix.c checkpass_shadow.c checkpass_osfc2passwd.c checkpass_aix.c
LINK tdefakes-shared ${CRYPT_LIBRARY} ${PAM_LIBRARY} LINK tdefakes-shared ${CRYPT_LIBRARY} ${PAM_LIBRARY}
DESTINATION ${BIN_INSTALL_DIR} DESTINATION ${BIN_INSTALL_DIR}

60
kcheckpass/checkpass_etcpasswd.c
Unescape View File

@ -1,60 +0,0 @@
/*
* Copyright (c) 1998 Christian Esken <esken@kde.org>
* Copyright (c) 2003 Oswald Buddenhagen <ossi@kde.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* Copyright (C) 1998, Christian Esken <esken@kde.org>
*/
#include "kcheckpass.h"
#ifdef HAVE_ETCPASSWD
/*******************************************************************
* This is the authentication code for /etc/passwd passwords
*******************************************************************/
#include <string.h>
#include <stdlib.h>
AuthReturn Authenticate(const char *method,
const char *login, char *(*conv) (ConvRequest, const char *))
{
struct passwd *pw;
char *passwd;
if (strcmp(method, "classic"))
return AuthError;
/* Get the password entry for the user we want */
if (!(pw = getpwnam(login)))
return AuthBad;
if (!*pw->pw_passwd)
return AuthOk;
if (!(passwd = conv(ConvGetHidden, 0)))
return AuthAbort;
if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
dispose(passwd);
return AuthOk; /* Success */
}
dispose(passwd);
return AuthBad; /* Password wrong or account locked */
}
#endif

19
kcheckpass/checkpass_shadow.c
Unescape View File

@ -27,10 +27,10 @@
#include "kcheckpass.h" #include "kcheckpass.h"
/******************************************************************* /*******************************************************************
* This is the authentication code for Shadow-Passwords * This is the authentication code for /etc/passwd and Shadow-Passwords
*******************************************************************/ *******************************************************************/
#ifdef HAVE_SHADOW #if defined(HAVE_SHADOW) || defined(HAVE_ETCPASSWD)
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <pwd.h> #include <pwd.h>
@ -47,7 +47,6 @@ AuthReturn Authenticate(const char *method,
char *crpt_passwd; char *crpt_passwd;
char *password; char *password;
struct passwd *pw; struct passwd *pw;
struct spwd *spw;
if (strcmp(method, "classic")) if (strcmp(method, "classic"))
return AuthError; return AuthError;
@ -55,8 +54,12 @@ AuthReturn Authenticate(const char *method,
if (!(pw = getpwnam(login))) if (!(pw = getpwnam(login)))
return AuthAbort; return AuthAbort;
spw = getspnam(login); #ifdef HAVE_SHADOW
struct spwd *spw = getspnam(login);
password = spw ? spw->sp_pwdp : pw->pw_passwd; password = spw ? spw->sp_pwdp : pw->pw_passwd;
#else
password = pw->pw_passwd;
#endif
if (!*password) if (!*password)
return AuthOk; return AuthOk;
@ -70,11 +73,11 @@ AuthReturn Authenticate(const char *method,
crpt_passwd = crypt(typed_in_password, password); crpt_passwd = crypt(typed_in_password, password);
#endif #endif
if (!strcmp(password, crpt_passwd )) {
dispose(typed_in_password);
return AuthOk; /* Success */
}
dispose(typed_in_password); dispose(typed_in_password);
if (crpt_passwd && !strcmp(password, crpt_passwd))
return AuthOk; /* Success */
return AuthBad; /* Password wrong or account locked */ return AuthBad; /* Password wrong or account locked */
} }

8
kcheckpass/kcheckpass.h
Unescape View File

@ -43,17 +43,9 @@
#include <crypt.h> #include <crypt.h>
#endif #endif
#ifdef HAVE_PATHS_H
#include <paths.h>
#endif
#include <pwd.h> #include <pwd.h>
#include <sys/types.h> #include <sys/types.h>
#ifndef _PATH_TMP
#define _PATH_TMP "/tmp/"
#endif
#ifdef ultrix #ifdef ultrix
#include <auth.h> #include <auth.h>

12
tdm/ConfigureChecks.cmake
Unescape View File

@ -122,18 +122,6 @@ if( WITH_XDMCP )
endif() endif()
if( WITH_PAM )
set( USE_PAM 1 CACHE INTERNAL "" FORCE )
elseif( WITH_SHADOW )
set( HAVE_SHADOW 1 CACHE INTERNAL "" FORCE )
set( USESHADOW 1 CACHE INTERNAL "" FORCE )
endif( )
# If a tdm.service file is wanted, find systemd, then work out which # If a tdm.service file is wanted, find systemd, then work out which
# distribution is running, select an appropriate template and create the file. # distribution is running, select an appropriate template and create the file.
# When it is not possible to identify the distribution or there is no specific # When it is not possible to identify the distribution or there is no specific

Write Preview
Loading…
Cancel
Save