1 /* auth-shadow.c -- shadow authentification routine for vlock,
2 * the VT locking program for linux
4 * This program is copyright (C) 2007 Frank Benkstein, and is free
5 * software which is freely distributable under the terms of the
6 * GNU General Public License version 2, included as the file COPYING in this
7 * distribution. It is NOT public domain software, and any
8 * redistribution not permitted by the GNU General Public License is
9 * expressly forbidden without prior written permission from
36 GQuark
vlock_auth_error_quark(void)
38 return g_quark_from_static_string("vlock-auth-shadow-error-quark");
41 bool auth(const char *user
, struct timespec
*timeout
, GError
**error
)
49 g_return_val_if_fail(error
== NULL
|| *error
== NULL
, false);
51 /* format the prompt */
52 if (asprintf(&msg
, "%s's Password: ", user
) < 0) {
53 g_propagate_error(error
,
56 VLOCK_AUTH_ERROR_FAILED
,
61 if ((pwd
= prompt_echo_off(msg
, timeout
, error
)) == NULL
)
66 /* get the shadow password */
67 if ((spw
= getspnam(user
)) == NULL
) {
73 VLOCK_AUTH_ERROR_FAILED
,
74 "Could not get shadow record: %s",
79 /* hash the password */
80 if ((cryptpw
= crypt(pwd
, spw
->sp_pwdp
)) == NULL
) {
83 VLOCK_AUTH_ERROR_FAILED
,
89 result
= (strcmp(cryptpw
, spw
->sp_pwdp
) == 0);
94 g_propagate_error(error
,
97 VLOCK_AUTH_ERROR_DENIED
,
98 "Authentication failure"));
102 /* deallocate shadow resources */
105 /* free the password */
109 /* free the prompt */
112 g_assert(result
|| error
!= NULL
);