From 5fd83771641d15c418f747bd343ba6738d3875f7 Mon Sep 17 00:00:00 2001 From: Cameron Katri Date: Sun, 9 May 2021 14:20:58 -0400 Subject: Import macOS userland adv_cmds-176 basic_cmds-55 bootstrap_cmds-116.100.1 developer_cmds-66 diskdev_cmds-667.40.1 doc_cmds-53.60.1 file_cmds-321.40.3 mail_cmds-35 misc_cmds-34 network_cmds-606.40.1 patch_cmds-17 remote_cmds-63 shell_cmds-216.60.1 system_cmds-880.60.2 text_cmds-106 --- system_cmds/chkpasswd.tproj/pam_passwd.c | 81 ++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 system_cmds/chkpasswd.tproj/pam_passwd.c (limited to 'system_cmds/chkpasswd.tproj/pam_passwd.c') diff --git a/system_cmds/chkpasswd.tproj/pam_passwd.c b/system_cmds/chkpasswd.tproj/pam_passwd.c new file mode 100644 index 0000000..07d9919 --- /dev/null +++ b/system_cmds/chkpasswd.tproj/pam_passwd.c @@ -0,0 +1,81 @@ +/* + * Copyright (c) 1999-2016 Apple Inc. All rights reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ +#include + +#include +#include /* for openpam_ttyconv() */ + +#include "passwd.h" + +extern char* progname; +static pam_handle_t *pamh; +static struct pam_conv pamc; + +//------------------------------------------------------------------------------------- +// pam_check_passwd +//------------------------------------------------------------------------------------- + +int +pam_check_passwd(char* uname) +{ + int retval = PAM_SUCCESS; + + /* Initialize PAM. */ + pamc.conv = &openpam_ttyconv; + pam_start(progname, uname, &pamc, &pamh); + + printf("Checking password for %s.\n", uname); + + /* Authenticate. */ + if (PAM_SUCCESS != (retval = pam_authenticate(pamh, 0))) + goto pamerr; + + /* Authorize. */ + if (PAM_SUCCESS != (retval = pam_acct_mgmt(pamh, 0)) && PAM_NEW_AUTHTOK_REQD != retval) + goto pamerr; + + /* Change the password. */ + if (PAM_NEW_AUTHTOK_REQD == retval && PAM_SUCCESS != (retval = pam_chauthtok(pamh, 0))) + goto pamerr; + + /* Set the credentials. */ + if (PAM_SUCCESS != (retval = pam_setcred(pamh, PAM_ESTABLISH_CRED))) + goto pamerr; + + /* Open the session. */ + if (PAM_SUCCESS != (retval = pam_open_session(pamh, 0))) + goto pamerr; + + /* Close the session. */ + if (PAM_SUCCESS != (retval = pam_close_session(pamh, 0))) + goto pamerr; + +pamerr: + /* Print an error, if needed. */ + if (PAM_SUCCESS != retval) + fprintf(stderr, "Sorry\n"); + + /* Terminate PAM. */ + pam_end(pamh, retval); + return retval; +} -- cgit v1.2.3-56-ge451