ckpasswd
Fletcher Mattox
fletcher at cs.utexas.edu
Fri Mar 17 20:21:41 UTC 2000
Is there a reason why ckpasswd will perform exactly one type of
authentication? I would like to have it do more than one. E.g.,
I'd like it to first check the shadow password file, and if that
fails, check another password file. Like this in readers.conf:
auth "outside" {
hosts: "*"
auth: "ckpasswd -s -f /news/etc/passwd"
default: "<denied>"
}
If there is some way to do this with multiple entries in readers.conf,
I wasn't smart enough to figure it out. So I modified ckpasswd.c:
Index: ckpasswd.c
===================================================================
RCS file: /v/antivenin/v0/CVSROOT/inn/authprogs/ckpasswd.c,v
retrieving revision 1.1.1.2
retrieving revision 1.2
diff -u -r1.1.1.2 -r1.2
--- ckpasswd.c 2000/01/03 19:40:52 1.1.1.2
+++ ckpasswd.c 2000/01/27 20:36:23 1.2
@@ -115,14 +115,12 @@
do_shadow = do_file = do_db = 0;
fname = 0;
+ rpass = 0;
#if HAVE_GETSPNAM
while ((opt = getopt(argc, argv, "sf:d:")) != -1) {
#else
while ((opt = getopt(argc, argv, "f:d:")) != -1) {
#endif
- /* only allow one of the three possibilities */
- if (do_shadow || do_file || do_db)
- exit(1);
switch (opt) {
case 's':
do_shadow = 1;
@@ -160,19 +158,22 @@
if (!uname[0] || !pass[0])
exit(3);
- /* got username and password, check if they're valid */
+ /*
+ * got username and password, check if they're valid
+ * if more than one option is given on the command line,
+ * try them in this order, until success:
+ * shadow,file,db,getpwname
+ */
+
#if HAVE_GETSPNAM
- if (do_shadow) {
- if ((rpass = GetShadowPass(uname)) == (char*) 0)
- rpass = GetPass(uname);
- } else
+ if (do_shadow && !rpass)
+ rpass = GetShadowPass(uname);
#endif
- if (do_file)
+ if (do_file && !rpass)
rpass = GetFilePass(uname, fname);
- else
- if (do_db)
+ if (do_db && !rpass)
rpass = GetDBPass(uname, fname);
- else
+ if (!rpass)
rpass = GetPass(uname);
if (!rpass) {
More information about the inn-workers
mailing list