Mercurial > dovecot > original-hg > dovecot-1.2

view src/auth/passdb-passwd.c @ 3474:9096b7957413 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Removed direct config.h including. I'm not sure why it was done before, probably to reduce compile times a few milliseconds. Ugly anyway..
author Timo Sirainen <tss@iki.fi>
date Tue, 12 Jul 2005 15:58:47 +0300
parents 92c16e82b806
children c12df370e1b2
line wrap: on
line source

/* Copyright (C) 2002-2003 Timo Sirainen */

#include "common.h"

#ifdef PASSDB_PASSWD

#include "safe-memset.h"
#include "passdb.h"
#include "mycrypt.h"

#include <pwd.h>

static void
passwd_verify_plain(struct auth_request *request, const char *password,
		    verify_plain_callback_t *callback)
{
	struct passwd *pw;
	int result;

	pw = getpwnam(request->user);
	if (pw == NULL) {
		auth_request_log_info(request, "passwd", "unknown user");
		callback(PASSDB_RESULT_USER_UNKNOWN, request);
		return;
	}

	if (!IS_VALID_PASSWD(pw->pw_passwd)) {
		auth_request_log_info(request, "passwd",
			"invalid password field '%s'", pw->pw_passwd);
		callback(PASSDB_RESULT_USER_DISABLED, request);
		return;
	}

	/* check if the password is valid */
	result = strcmp(mycrypt(password, pw->pw_passwd), pw->pw_passwd) == 0;

	/* clear the passwords from memory */
	safe_memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));

	if (!result) {
		auth_request_log_info(request, "passwd", "password mismatch");
		callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
		return;
	}

	/* make sure we're using the username exactly as it's in the database */
	request->user = p_strdup(request->pool, pw->pw_name);

	callback(PASSDB_RESULT_OK, request);
}

static void passwd_deinit(void)
{
	endpwent();
}

struct passdb_module passdb_passwd = {
	"passwd",
	"%u", "CRYPT", FALSE,

	NULL, NULL,
	passwd_deinit,

	passwd_verify_plain,
	NULL
};

#endif