aboutsummaryrefslogtreecommitdiff
path: root/lib/libskey/skey_crypt.c
diff options
context:
space:
mode:
authorGuido van Rooij <guido@FreeBSD.org>1994-05-19 18:13:11 +0000
committerGuido van Rooij <guido@FreeBSD.org>1994-05-19 18:13:11 +0000
commit110af3d672597c7d44e65f81538e132126eaf6cd (patch)
treebea6080606e2fc5fcfcff2cb5a12f3acd66bde2e /lib/libskey/skey_crypt.c
parent9eb28b5fdec65b0956d71b947179aa8f03b93c1b (diff)
downloadsrc-110af3d672597c7d44e65f81538e132126eaf6cd.tar.gz
src-110af3d672597c7d44e65f81538e132126eaf6cd.zip
1) Added s/key support .
2 Added optional excessive login logging. 3) Added login acces control on a per host/tty base. 4) See skey(1) for skey descriptions and src/usr.bin/login/README for the logging and access control features. -Guido
Notes
Notes: svn path=/head/; revision=1519
Diffstat (limited to 'lib/libskey/skey_crypt.c')
-rw-r--r--lib/libskey/skey_crypt.c38
1 files changed, 38 insertions, 0 deletions
diff --git a/lib/libskey/skey_crypt.c b/lib/libskey/skey_crypt.c
new file mode 100644
index 000000000000..ca1024f77418
--- /dev/null
+++ b/lib/libskey/skey_crypt.c
@@ -0,0 +1,38 @@
+/* Author: Wietse Venema, Eindhoven University of Technology. */
+
+#include <string.h>
+#include <stdio.h>
+#include <pwd.h>
+
+#include "skey.h"
+
+/* skey_crypt - return encrypted UNIX passwd if s/key or regular password ok */
+
+char *skey_crypt(pp, salt, pwd, pwok)
+char *pp;
+char *salt;
+struct passwd *pwd;
+int pwok;
+{
+ struct skey skey;
+ char *p;
+ char *crypt();
+
+ /* Try s/key authentication even when the UNIX password is permitted. */
+
+ if (pwd != 0 && skeylookup(&skey, pwd->pw_name) == 0
+ && skeyverify(&skey, pp) == 0) {
+ /* s/key authentication succeeded */
+ return (pwd->pw_passwd);
+ }
+
+ /* When s/key authentication does not work, always invoke crypt(). */
+
+ p = crypt(pp, salt);
+ if (pwok && pwd != 0 && strcmp(p, pwd->pw_passwd) == 0)
+ return (pwd->pw_passwd);
+
+ /* The user does not exist or entered bad input. */
+
+ return (":");
+}