http://ftp.nluug.nl/pub/os/Linux/distr/pardusrepo/sources/xscreensaver-5.02.tar.gz

[xscreensaver] / driver / passwd-pwent.c

diff --git a/driver/passwd-pwent.c b/driver/passwd-pwent.c
index ba8366169ec0ca3bb762019c0817ecb56b010ff4..bb0edfc23d26076e0fb38ade9e1aa19294dfb10b 100644 (file)
--- a/driver/passwd-pwent.c
+++ b/driver/passwd-pwent.c
@@ -78,7 +78,8 @@
 #   define PWTYPE   struct s_passwd *
 #   define PWPSLOT  pw_passwd
 #   define GETPW    getspwnam
-#   define crypt    bigcrypt
+
+#   define HAVE_BIGCRYPT
 
 #endif
 
@@ -103,6 +104,11 @@ static char *encrypted_user_passwd = 0;
 # define ROOT "root"
 #endif
 
+#ifndef VMS
+Bool pwent_priv_init (int argc, char **argv, Bool verbose_p);
+Bool pwent_lock_init (int argc, char **argv, Bool verbose_p);
+Bool pwent_passwd_valid_p (const char *typed_passwd, Bool verbose_p);
+#endif
 
 
 #ifndef VMS
@@ -176,7 +182,7 @@ get_encrypted_passwd(const char *user)
        result = strdup(p->pw_passwd);
     }
 
-  /* The manual for passwd(4) says:
+  /* The manual for passwd(4) on HPUX 10.10 says:
 
          Password aging is put in effect for a particular user if his
          encrypted password in the password file is followed by a comma and
@@ -194,9 +200,15 @@ get_encrypted_passwd(const char *user)
        *s = 0;
     }
 
+#ifndef HAVE_PAM
+  /* We only issue this warning if not compiled with support for PAM.
+     If we're using PAM, it's not unheard of that normal pwent passwords
+     would be unavailable. */
+
   if (!result)
     fprintf (stderr, "%s: couldn't get password of \"%s\"\n",
             blurb(), (user ? user : "(null)"));
+#endif /* !HAVE_PAM */
 
   return result;
 }
@@ -212,7 +224,7 @@ get_encrypted_passwd(const char *user)
 #ifndef VMS
 
 Bool
-pwent_lock_init (int argc, char **argv, Bool verbose_p)
+pwent_priv_init (int argc, char **argv, Bool verbose_p)
 {
   char *u;
 
@@ -233,6 +245,43 @@ pwent_lock_init (int argc, char **argv, Bool verbose_p)
 }
 
 
+Bool
+pwent_lock_init (int argc, char **argv, Bool verbose_p)
+{
+  if (encrypted_user_passwd)
+    return True;
+  else
+    return False;
+}
+
+
+
+static Bool
+passwds_match_p (const char *cleartext, const char *ciphertext)
+{
+  char *s = 0;  /* note that on some systems, crypt() may return null */
+
+  s = (char *) crypt (cleartext, ciphertext);
+  if (s && !strcmp (s, ciphertext))
+    return True;
+
+#ifdef HAVE_BIGCRYPT
+  /* There seems to be no way to tell at runtime if an HP machine is in
+     "trusted" mode, and thereby, which of crypt() or bigcrypt() we should
+     be calling to compare passwords.  So call them both, and see which
+     one works. */
+
+  s = (char *) bigcrypt (cleartext, ciphertext);
+  if (s && !strcmp (s, ciphertext))
+    return True;
+
+#endif /* HAVE_BIGCRYPT */
+  
+  return False;
+}
+
+
+
 /* This can be called at any time, and says whether the typed password
    belongs to either the logged in user (real uid, not effective); or
    to root.
@@ -240,19 +289,17 @@ pwent_lock_init (int argc, char **argv, Bool verbose_p)
 Bool
 pwent_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
 {
-  char *s = 0;  /* note that on some systems, crypt() may return null */
-
   if (encrypted_user_passwd &&
-      (s = (char *) crypt (typed_passwd, encrypted_user_passwd)) &&
-      !strcmp (s, encrypted_user_passwd))
+      passwds_match_p (typed_passwd, encrypted_user_passwd))
     return True;
 
+#ifdef ALLOW_ROOT_PASSWD
   /* do not allow root to have a null password. */
   else if (typed_passwd[0] &&
           encrypted_root_passwd &&
-          (s = (char *) crypt (typed_passwd, encrypted_root_passwd)) &&
-          !strcmp (s, encrypted_root_passwd))
+           passwds_match_p (typed_passwd, encrypted_root_passwd))
     return True;
+#endif /* ALLOW_ROOT_PASSWD */
 
   else
     return False;