Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sudo-project
GitHub Repository: sudo-project/sudo
 Path: blob/main/plugins/sudoers/getspwuid.c
1532 views
1
/*

2
 * SPDX-License-Identifier: ISC

3
 *

4
 * Copyright (c) 1996, 1998-2005, 2010-2012, 2014-2015

5
 *	Todd C. Miller <[email protected]>

6
 *

7
 * Permission to use, copy, modify, and distribute this software for any

8
 * purpose with or without fee is hereby granted, provided that the above

9
 * copyright notice and this permission notice appear in all copies.

10
 *

11
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

12
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

13
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

14
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

15
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

16
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

17
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

18
 *

19
 * Sponsored in part by the Defense Advanced Research Projects

20
 * Agency (DARPA) and Air Force Research Laboratory, Air Force

21
 * Materiel Command, USAF, under agreement number F39502-99-1-0512.

22
 */

23


24
#include <config.h>

25


26
#include <stdio.h>

27
#include <stdlib.h>

28
#include <string.h>

29
#include <unistd.h>

30
#include <pwd.h>

31
#ifdef HAVE_GETSPNAM

32
# include <shadow.h>

33
#endif /* HAVE_GETSPNAM */

34
#ifdef HAVE_GETPRPWNAM

35
# ifdef __hpux

36
#  undef MAXINT

37
#  include <hpsecurity.h>

38
# else

39
#  include <sys/security.h>

40
# endif /* __hpux */

41
# include <prot.h>

42
#endif /* HAVE_GETPRPWNAM */

43


44
#include <sudoers.h>

45


46
/*

47
 * Exported for auth/secureware.c

48
 */

49
#if defined(HAVE_GETPRPWNAM) && defined(__alpha)

50
int crypt_type = INT_MAX;

51
#endif /* HAVE_GETPRPWNAM && __alpha */

52


53
/*

54
 * Return a copy of the encrypted password for the user described by pw.

55
 * If shadow passwords are in use, look in the shadow file.

56
 */

57
char *

58
sudo_getepw(const struct passwd *pw)

59
{

60
    char *epw = NULL;

61
    debug_decl(sudo_getepw, SUDOERS_DEBUG_AUTH);

62


63
    /* If there is a function to check for shadow enabled, use it... */

64
#ifdef HAVE_ISCOMSEC

65
    if (!iscomsec())

66
	goto done;

67
#endif /* HAVE_ISCOMSEC */

68


69
#ifdef HAVE_GETPWNAM_SHADOW

70
    {

71
	struct passwd *spw;

72


73
	/* On OpenBSD we need to closed the non-shadow passwd db first. */

74
	endpwent();

75
	if ((spw = getpwnam_shadow(pw->pw_name)) != NULL)

76
	    epw = spw->pw_passwd;

77
	setpassent(1);

78
    }

79
#endif /* HAVE_GETPWNAM_SHADOW */

80
#ifdef HAVE_GETPRPWNAM

81
    {

82
	struct pr_passwd *spw;

83


84
	if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {

85
# ifdef __alpha

86
	    crypt_type = spw->ufld.fd_oldcrypt;

87
# endif /* __alpha */

88
	    epw = spw->ufld.fd_encrypt;

89
	}

90
    }

91
#endif /* HAVE_GETPRPWNAM */

92
#ifdef HAVE_GETSPNAM

93
    {

94
	struct spwd *spw;

95


96
	if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)

97
	    epw = spw->sp_pwdp;

98
    }

99
#endif /* HAVE_GETSPNAM */

100


101
#if defined(HAVE_ISCOMSEC)

102
done:

103
#endif

104
    /* If no shadow password, fall back on regular password. */

105
    debug_return_str(strdup(epw ? epw : pw->pw_passwd));

106
}

107


108
void

109
sudo_setspent(void)

110
{

111
    debug_decl(sudo_setspent, SUDOERS_DEBUG_AUTH);

112


113
#ifdef HAVE_GETPRPWNAM

114
    setprpwent();

115
#endif

116
#ifdef HAVE_GETSPNAM

117
    setspent();

118
#endif

119
    debug_return;

120
}

121


122
void

123
sudo_endspent(void)

124
{

125
    debug_decl(sudo_endspent, SUDOERS_DEBUG_AUTH);

126


127
#ifdef HAVE_GETPRPWNAM

128
    endprpwent();

129
#endif

130
#ifdef HAVE_GETSPNAM

131
    endspent();

132
#endif

133
    debug_return;

134
}

135


136