2 * Copyright (c) 1996, 1998-2005, 2010-2012
3 * Todd C. Miller <Todd.Miller@courtesan.com>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * Sponsored in part by the Defense Advanced Research Projects
18 * Agency (DARPA) and Air Force Research Laboratory, Air Force
19 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
24 #include <sys/types.h>
34 #endif /* STDC_HEADERS */
37 #endif /* HAVE_STRING_H */
40 #endif /* HAVE_STRINGS_H */
43 #endif /* HAVE_UNISTD_H */
48 #endif /* HAVE_GETSPNAM */
49 #ifdef HAVE_GETPRPWNAM
52 # include <hpsecurity.h>
54 # include <sys/security.h>
57 #endif /* HAVE_GETPRPWNAM */
59 # include <sys/label.h>
60 # include <sys/audit.h>
62 #endif /* HAVE_GETPWANAM */
63 #ifdef HAVE_GETAUTHUID
65 #endif /* HAVE_GETAUTHUID */
70 * Exported for auth/secureware.c
72 #if defined(HAVE_GETPRPWNAM) && defined(__alpha)
73 int crypt_type = INT_MAX;
74 #endif /* HAVE_GETPRPWNAM && __alpha */
77 * Return a copy of the encrypted password for the user described by pw.
78 * If shadow passwords are in use, look in the shadow file.
81 sudo_getepw(const struct passwd *pw)
84 debug_decl(sudo_getepw, SUDO_DEBUG_AUTH)
86 /* If there is a function to check for shadow enabled, use it... */
90 #endif /* HAVE_ISCOMSEC */
94 #endif /* HAVE_ISSECURE */
96 #ifdef HAVE_GETPRPWNAM
98 struct pr_passwd *spw;
100 if ((spw = getprpwnam(pw->pw_name)) && spw->ufld.fd_encrypt) {
102 crypt_type = spw->ufld.fd_oldcrypt;
103 # endif /* __alpha */
104 epw = spw->ufld.fd_encrypt;
107 #endif /* HAVE_GETPRPWNAM */
112 if ((spw = getspnam(pw->pw_name)) && spw->sp_pwdp)
115 #endif /* HAVE_GETSPNAM */
116 #ifdef HAVE_GETSPWUID
118 struct s_passwd *spw;
120 if ((spw = getspwuid(pw->pw_uid)) && spw->pw_passwd)
121 epw = spw->pw_passwd;
123 #endif /* HAVE_GETSPWUID */
124 #ifdef HAVE_GETPWANAM
126 struct passwd_adjunct *spw;
128 if ((spw = getpwanam(pw->pw_name)) && spw->pwa_passwd)
129 epw = spw->pwa_passwd;
131 #endif /* HAVE_GETPWANAM */
132 #ifdef HAVE_GETAUTHUID
136 if ((spw = getauthuid(pw->pw_uid)) && spw->a_password)
137 epw = spw->a_password;
139 #endif /* HAVE_GETAUTHUID */
141 #if defined(HAVE_ISCOMSEC) || defined(HAVE_ISSECURE)
144 /* If no shadow password, fall back on regular password. */
145 debug_return_str(estrdup(epw ? epw : pw->pw_passwd));
151 debug_decl(sudo_setspent, SUDO_DEBUG_AUTH)
153 #ifdef HAVE_GETPRPWNAM
159 #ifdef HAVE_GETSPWUID
162 #ifdef HAVE_GETPWANAM
165 #ifdef HAVE_GETAUTHUID
174 debug_decl(sudo_endspent, SUDO_DEBUG_AUTH)
176 #ifdef HAVE_GETPRPWNAM
182 #ifdef HAVE_GETSPWUID
185 #ifdef HAVE_GETPWANAM
188 #ifdef HAVE_GETAUTHUID