Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | #include "includes.h" | - |
26 | | - |
27 | #include <sys/types.h> | - |
28 | #include <string.h> | - |
29 | #include <unistd.h> | - |
30 | #include <pwd.h> | - |
31 | | - |
32 | # if defined(HAVE_CRYPT_H) && !defined(HAVE_SECUREWARE) | - |
33 | # include <crypt.h> | - |
34 | # endif | - |
35 | | - |
36 | # ifdef __hpux | - |
37 | # include <hpsecurity.h> | - |
38 | # include <prot.h> | - |
39 | # endif | - |
40 | | - |
41 | # ifdef HAVE_SECUREWARE | - |
42 | # include <sys/security.h> | - |
43 | # include <sys/audit.h> | - |
44 | # include <prot.h> | - |
45 | # endif | - |
46 | | - |
47 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | - |
48 | # include <shadow.h> | - |
49 | # endif | - |
50 | | - |
51 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | - |
52 | # include <sys/label.h> | - |
53 | # include <sys/audit.h> | - |
54 | # include <pwdadj.h> | - |
55 | # endif | - |
56 | | - |
57 | # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT) | - |
58 | # include "md5crypt.h" | - |
59 | # endif | - |
60 | | - |
61 | # if defined(WITH_OPENSSL) && !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT) | - |
62 | # include <openssl/des.h> | - |
63 | # define crypt DES_crypt | - |
64 | # endif | - |
65 | | - |
66 | | - |
67 | | - |
68 | | - |
69 | | - |
70 | | - |
71 | | - |
72 | static const char * | - |
73 | pick_salt(void) | - |
74 | { | - |
75 | struct passwd *pw; | - |
76 | char *passwd, *p; | - |
77 | size_t typelen; | - |
78 | static char salt[32]; | - |
79 | | - |
80 | if (salt[0] != '\0')TRUE | never evaluated | FALSE | never evaluated |
| 0 |
81 | return salt; never executed: return salt; | 0 |
82 | strlcpy(salt, "xx", sizeof(salt)); | - |
83 | setpwent(); | - |
84 | while ((pw = getpwent()) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
85 | passwd = shadow_pw(pw); | - |
86 | if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
87 | typelen = p - passwd + 1; | - |
88 | strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); | - |
89 | explicit_bzero(passwd, strlen(passwd)); | - |
90 | goto out; never executed: goto out; | 0 |
91 | } | - |
92 | } never executed: end of block | 0 |
93 | out: code before this statement never executed: out: | 0 |
94 | endpwent(); | - |
95 | return salt; never executed: return salt; | 0 |
96 | } | - |
97 | | - |
98 | char * | - |
99 | xcrypt(const char *password, const char *salt) | - |
100 | { | - |
101 | char *crypted; | - |
102 | | - |
103 | | - |
104 | | - |
105 | | - |
106 | | - |
107 | if (salt == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
108 | salt = pick_salt(); never executed: salt = pick_salt(); | 0 |
109 | | - |
110 | # ifdef HAVE_MD5_PASSWORDS | - |
111 | if (is_md5_salt(salt)) | - |
112 | crypted = md5_crypt(password, salt); | - |
113 | else | - |
114 | crypted = crypt(password, salt); | - |
115 | # elif defined(__hpux) && !defined(HAVE_SECUREWARE) | - |
116 | if (iscomsec()) | - |
117 | crypted = bigcrypt(password, salt); | - |
118 | else | - |
119 | crypted = crypt(password, salt); | - |
120 | # elif defined(HAVE_SECUREWARE) | - |
121 | crypted = bigcrypt(password, salt); | - |
122 | # else | - |
123 | crypted = crypt(password, salt); | - |
124 | # endif | - |
125 | | - |
126 | return crypted; never executed: return crypted; | 0 |
127 | } | - |
128 | | - |
129 | | - |
130 | | - |
131 | | - |
132 | | - |
133 | | - |
134 | char * | - |
135 | shadow_pw(struct passwd *pw) | - |
136 | { | - |
137 | char *pw_password = pw->pw_passwd; | - |
138 | | - |
139 | # if defined(HAVE_SHADOW_H) && !defined(DISABLE_SHADOW) | - |
140 | struct spwd *spw = getspnam(pw->pw_name); | - |
141 | | - |
142 | if (spw != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
143 | pw_password = spw->sp_pwdp; never executed: pw_password = spw->sp_pwdp; | 0 |
144 | # endif | - |
145 | | - |
146 | #ifdef USE_LIBIAF | - |
147 | return(get_iaf_password(pw)); | - |
148 | #endif | - |
149 | | - |
150 | # if defined(HAVE_GETPWANAM) && !defined(DISABLE_SHADOW) | - |
151 | struct passwd_adjunct *spw; | - |
152 | if (issecure() && (spw = getpwanam(pw->pw_name)) != NULL) | - |
153 | pw_password = spw->pwa_passwd; | - |
154 | # elif defined(HAVE_SECUREWARE) | - |
155 | struct pr_passwd *spw = getprpwnam(pw->pw_name); | - |
156 | | - |
157 | if (spw != NULL) | - |
158 | pw_password = spw->ufld.fd_encrypt; | - |
159 | # endif | - |
160 | | - |
161 | return pw_password; never executed: return pw_password; | 0 |
162 | } | - |
| | |