* 3. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by Paul Mackerras
* 3. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by Paul Mackerras
*
* THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
*
* THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
* THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
#define SET_MSG(var, msg) if (var != NULL) { var[0] = msg; }
#define COPY_STRING(s) ((s) ? strdup(s) : NULL)
#define SET_MSG(var, msg) if (var != NULL) { var[0] = msg; }
#define COPY_STRING(s) ((s) ? strdup(s) : NULL)
/*
* Static variables used to communicate between the conversation function
* and the server_login function
/*
* Static variables used to communicate between the conversation function
* and the server_login function
-session_start(flags, user, passwd, ttyName, msg)
- const int flags;
- const char *user;
- const char *passwd;
- const char *ttyName;
- char **msg;
+session_start(const int flags, const char *user, const char *passwd, const char *ttyName, char **msg)
/* Find the '\\' in the username */
/* This needs to be fixed to support different username schemes */
if ((usr = strchr(user, '\\')) == NULL)
/* Find the '\\' in the username */
/* This needs to be fixed to support different username schemes */
if ((usr = strchr(user, '\\')) == NULL)
/* If our PAM checks have already failed, then we must return a failure */
if (!ok) return SESSION_FAILED;
/* If our PAM checks have already failed, then we must return a failure */
if (!ok) return SESSION_FAILED;
/* We have a valid shadow entry, keep the password */
pw->pw_passwd = spwd->sp_pwdp;
/* We have a valid shadow entry, keep the password */
pw->pw_passwd = spwd->sp_pwdp;
- if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2
- || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0)
+ if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2)
+ return SESSION_FAILED;
+#ifdef HAVE_CRYPT_H
+ cbuf = crypt(passwd, pw->pw_passwd);
+ if (!cbuf || strcmp(cbuf, pw->pw_passwd) != 0)
+#endif
-#if defined(_PATH_LASTLOG) && !defined(USE_PAM)
- {
+#if defined(_PATH_LASTLOG) && !defined(PPP_WITH_PAM)
+ /*
+ * Enter the user in lastlog only if he has been authenticated using
+ * local system services. If he has not, then we don't know what his
+ * UID might be, and lastlog is indexed by UID.
+ */
+ if (pw != NULL) {
if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) {
(void)lseek(fd, (off_t)(pw->pw_uid * sizeof(ll)), SEEK_SET);
memset((void *)&ll, 0, sizeof(ll));
if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) {
(void)lseek(fd, (off_t)(pw->pw_uid * sizeof(ll)), SEEK_SET);
memset((void *)&ll, 0, sizeof(ll));
- (void)time(&ll.ll_time);
- (void)strncpy(ll.ll_line, ttyName, sizeof(ll.ll_line));
- (void)strncpy(ll.ll_host, ifname, sizeof(ll.ll_host));
+ (void)time(&tnow);
+ ll.ll_time = tnow;
+ strlcpy(ll.ll_line, ttyName, sizeof(ll.ll_line));
+ strlcpy(ll.ll_host, ifname, sizeof(ll.ll_host));
info("user %s logged in on tty %s intf %s", user, ttyName, ifname);
}
info("user %s logged in on tty %s intf %s", user, ttyName, ifname);
}