rev |
line source |
yuuji@0
|
1 /* ========================================================================
|
yuuji@0
|
2 * Copyright 1988-2006 University of Washington
|
yuuji@0
|
3 *
|
yuuji@0
|
4 * Licensed under the Apache License, Version 2.0 (the "License");
|
yuuji@0
|
5 * you may not use this file except in compliance with the License.
|
yuuji@0
|
6 * You may obtain a copy of the License at
|
yuuji@0
|
7 *
|
yuuji@0
|
8 * http://www.apache.org/licenses/LICENSE-2.0
|
yuuji@0
|
9 *
|
yuuji@0
|
10 *
|
yuuji@0
|
11 * ========================================================================
|
yuuji@0
|
12 */
|
yuuji@0
|
13
|
yuuji@0
|
14 /*
|
yuuji@0
|
15 * Program: AFS check password
|
yuuji@0
|
16 *
|
yuuji@0
|
17 * Author: Mark Crispin
|
yuuji@0
|
18 * Networks and Distributed Computing
|
yuuji@0
|
19 * Computing & Communications
|
yuuji@0
|
20 * University of Washington
|
yuuji@0
|
21 * Administration Building, AG-44
|
yuuji@0
|
22 * Seattle, WA 98195
|
yuuji@0
|
23 * Internet: MRC@CAC.Washington.EDU
|
yuuji@0
|
24 *
|
yuuji@0
|
25 * Date: 1 August 1988
|
yuuji@0
|
26 * Last Edited: 30 August 2006
|
yuuji@0
|
27 */
|
yuuji@0
|
28
|
yuuji@0
|
29 /* AFS cleanup
|
yuuji@0
|
30 * Accepts: data
|
yuuji@0
|
31 */
|
yuuji@0
|
32
|
yuuji@0
|
33 void checkpw_cleanup (void *data)
|
yuuji@0
|
34 {
|
yuuji@0
|
35 ktc_ForgetAllTokens ();
|
yuuji@0
|
36 }
|
yuuji@0
|
37
|
yuuji@0
|
38
|
yuuji@0
|
39 /* Check password
|
yuuji@0
|
40 * Accepts: login passwd struct
|
yuuji@0
|
41 * password string
|
yuuji@0
|
42 * argument count
|
yuuji@0
|
43 * argument vector
|
yuuji@0
|
44 * Returns: passwd struct if password validated, NIL otherwise
|
yuuji@0
|
45 */
|
yuuji@0
|
46
|
yuuji@0
|
47 #undef INIT
|
yuuji@0
|
48 #define min AFS_MIN
|
yuuji@0
|
49 #define max AFS_MAX
|
yuuji@0
|
50 #include <afs/param.h>
|
yuuji@0
|
51 #include <afs/kautils.h>
|
yuuji@0
|
52
|
yuuji@0
|
53 struct passwd *checkpw (struct passwd *pw,char *pass,int argc,char *argv[])
|
yuuji@0
|
54 {
|
yuuji@0
|
55 char *reason;
|
yuuji@0
|
56 /* faster validation for POP servers */
|
yuuji@0
|
57 if (!strcmp ((char *) mail_parameters (NIL,GET_SERVICENAME,NIL),"pop")) {
|
yuuji@0
|
58 struct ktc_encryptionKey key;
|
yuuji@0
|
59 struct ktc_token token;
|
yuuji@0
|
60 /* just check the password */
|
yuuji@0
|
61 ka_StringToKey (pass,NIL,&key);
|
yuuji@0
|
62 if (ka_GetAdminToken (pw->pw_name,"","",&key,600,&token,1)) return NIL;
|
yuuji@0
|
63 }
|
yuuji@0
|
64 /* check password and get AFS token */
|
yuuji@0
|
65 else if (ka_UserAuthenticateGeneral
|
yuuji@0
|
66 (KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG,pw->pw_name,NIL,NIL,
|
yuuji@0
|
67 pass,0,0,0,&reason)) return NIL;
|
yuuji@0
|
68 /* arm hook to delete credentials */
|
yuuji@0
|
69 mail_parameters (NIL,SET_LOGOUTHOOK,(void *) checkpw_cleanup);
|
yuuji@0
|
70 return pw;
|
yuuji@0
|
71 }
|