imap/src/osdep/unix/ckp_sv4.c

   1 /* ========================================================================
   2  * Copyright 1988-2006 University of Washington
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *
  11  * ========================================================================
  12  */
  13
  14 /*
  15  * Program:     SVR4 check password
  16  *
  17  * Author:      Mark Crispin
  18  *              Networks and Distributed Computing
  19  *              Computing & Communications
  20  *              University of Washington
  21  *              Administration Building, AG-44
  22  *              Seattle, WA  98195
  23  *              Internet: MRC@CAC.Washington.EDU
  24  *
  25  * Date:        1 August 1988
  26  * Last Edited: 30 August 2006
  27  */
  28 \f
  29 /* Check password
  30  * Accepts: login passwd struct
  31  *          password string
  32  *          argument count
  33  *          argument vector
  34  * Returns: passwd struct if password validated, NIL otherwise
  35  */
  36
  37 struct passwd *checkpw (struct passwd *pw,char *pass,int argc,char *argv[])
  38 {
  39   char tmp[MAILTMPLEN];
  40   struct spwd *sp = NIL;
  41   time_t left;
  42   time_t now = time (0);
  43   struct tm *t = gmtime (&now);
  44   int zone = t->tm_hour * 60 + t->tm_min;
  45   int julian = t->tm_yday;
  46   t = localtime (&now);         /* get local time now */
  47                                 /* minus UTC minutes since midnight */
  48   zone = t->tm_hour * 60 + t->tm_min - zone;
  49   /* julian can be one of:
  50    *  36x  local time is December 31, UTC is January 1, offset -24 hours
  51    *    1  local time is 1 day ahead of UTC, offset +24 hours
  52    *    0  local time is same day as UTC, no offset
  53    *   -1  local time is 1 day behind UTC, offset -24 hours
  54    * -36x  local time is January 1, UTC is December 31, offset +24 hours
  55    */
  56   if (julian = t->tm_yday -julian)
  57     zone += ((julian < 0) == (abs (julian) == 1)) ? -24*60 : 24*60;
  58                                 /* days since 1/1/1970 local time */
  59   now = ((now /60) + zone) / (60*24);
  60                                 /* non-shadow authentication */
  61   if (!pw->pw_passwd || !pw->pw_passwd[0] || !pw->pw_passwd[1] ||
  62       strcmp (pw->pw_passwd,(char *) crypt (pass,pw->pw_passwd))) {
  63     /* As far as I've been able to determine, here is how the expiration
  64      * fields in the shadow authentication data work:
  65      *  lstchg  last password change date if non-negative.  If zero, the
  66      *          user can not log in without changing password.
  67      *  max     number of days a password is valid if positive
  68      *  warn    number of days of password expiration warning
  69      * The expiration day is the *last* day that the password is valid.
  70      */
  71                                 /* shadow authentication */
  72     if ((sp = getspnam (pw->pw_name)) && sp->sp_lstchg &&
  73         ((sp->sp_lstchg < 0) || (sp->sp_max <= 0) ||
  74          ((sp->sp_lstchg + sp->sp_max) >= now)) &&
  75         sp->sp_pwdp && sp->sp_pwdp[0] && sp->sp_pwdp[1] &&
  76         !strcmp (sp->sp_pwdp,(char *) crypt (pass,sp->sp_pwdp))) {
  77       if ((sp->sp_lstchg > 0) && (sp->sp_max > 0) &&
  78           ((left = (sp->sp_lstchg + sp->sp_max) - now) <= sp->sp_warn)) {
  79         if (left) {
  80           sprintf (tmp,"[ALERT] Password expires in %ld day(s)",(long) left);
  81           mm_notify (NIL,tmp,NIL);
  82         }
  83         else mm_notify (NIL,"[ALERT] Password expires today!",WARN);
  84       }
  85       endspent ();              /* don't need shadow password data any more */
  86     }
  87     else pw = NIL;              /* password failed */
  88   }
  89   return pw;
  90 }