db0dddc6e9
and "pwauth.h" only when compiled without PAM support. * src/chfn.c, src/chsh.c: Do not include <shadow.h> * lib/commonio.c: Do not include <shadow.h>. Do not include <pwd.h>. Include "nscd.h" instead of <nscd.h>. * configure.in: Do not check if shadow.h exist, but make sure it exists. * libmisc/pwdcheck.c, src/chfn.c, src/chsh.c, lib/defines.h, lib/shadowmem.c, lib/shadowio.c, lib/commonio.c: HAVE_SHADOW_H is no more needed (shadow.h should always exist).
58 lines
1.3 KiB
C
58 lines
1.3 KiB
C
#include <config.h>
|
|
|
|
#ident "$Id$"
|
|
|
|
#include <stdio.h>
|
|
#include "prototypes.h"
|
|
#include "defines.h"
|
|
#ifdef USE_PAM
|
|
#include "pam_defs.h"
|
|
#else
|
|
#include <shadow.h>
|
|
#include "pwauth.h"
|
|
#endif
|
|
#define WRONGPWD2 "incorrect password for `%s'"
|
|
void passwd_check (const char *user, const char *passwd, const char *progname)
|
|
{
|
|
#ifdef USE_PAM
|
|
pam_handle_t *pamh = NULL;
|
|
int retcode;
|
|
|
|
if (pam_start (progname, user, &conv, &pamh)) {
|
|
bailout:
|
|
SYSLOG ((LOG_WARN, WRONGPWD2, user));
|
|
sleep (1);
|
|
fprintf (stderr, _("Incorrect password for %s.\n"), user);
|
|
exit (1);
|
|
}
|
|
if (pam_authenticate (pamh, 0))
|
|
goto bailout;
|
|
|
|
retcode = pam_acct_mgmt (pamh, 0);
|
|
if (retcode == PAM_NEW_AUTHTOK_REQD)
|
|
retcode = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
|
|
if (retcode)
|
|
goto bailout;
|
|
|
|
if (pam_setcred (pamh, 0))
|
|
goto bailout;
|
|
|
|
/* no need to establish a session; this isn't a session-oriented
|
|
* activity... */
|
|
|
|
#else /* !USE_PAM */
|
|
|
|
struct spwd *sp;
|
|
|
|
if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */
|
|
passwd = sp->sp_pwdp;
|
|
endspent ();
|
|
if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
|
|
SYSLOG ((LOG_WARN, WRONGPWD2, user));
|
|
sleep (1);
|
|
fprintf (stderr, _("Incorrect password for %s.\n"), user);
|
|
exit (1);
|
|
}
|
|
#endif /* !USE_PAM */
|
|
}
|