Mercurial > dovecot > core-2.2
view src/auth/userinfo-shadow.c @ 64:83ae914a583a HEAD
added t_strdup_noconst() which can be used instead of (char *) t_strdup().
Removed several castings that removed the const qualifier.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Wed, 28 Aug 2002 07:54:23 +0300 |
parents | a3d77e73f99b |
children | adefba58053b |
line wrap: on
line source
/* Loosely based on auth_shadow.c from popa3d by Solar Designer <solar@openwall.com> Copyright (C) 2002 Timo Sirainen */ #define _XOPEN_SOURCE 4 #define _XOPEN_SOURCE_EXTENDED #define _XPG4_2 #include "common.h" #ifdef USERINFO_SHADOW #include "userinfo.h" #include "userinfo-passwd.h" #include <unistd.h> #include <shadow.h> static int shadow_verify_plain(const char *user, const char *password, AuthCookieReplyData *reply) { struct passwd *pw; struct spwd *spw; char *passdup; int result; spw = getspnam(user); if (spw == NULL || !IS_VALID_PASSWD(spw->sp_pwdp)) return FALSE; /* check if the password is valid */ passdup = t_strdup_noconst(password); result = strcmp(crypt(passdup, spw->sp_pwdp), spw->sp_pwdp) == 0; /* clear the passwords from memory */ memset(passdup, 0, strlen(passdup)); memset(spw->sp_pwdp, 0, strlen(spw->sp_pwdp)); if (!result) return FALSE; /* password ok, save the user info */ pw = getpwnam(user); if (pw == NULL) return FALSE; passwd_fill_cookie_reply(pw, reply); return TRUE; } static void shadow_deinit(void) { endpwent(); endspent(); } UserInfoModule userinfo_shadow = { NULL, shadow_deinit, shadow_verify_plain, NULL }; #endif