SUMMARY [AMMENDED] How to check password with C2 Security. from Michael H. Martel on 1999-04-17 (tru64-unix-managers)

From: Michael H. Martel <martelm_at_quark.vsc.edu>
Date: Fri, 16 Apr 1999 11:08:50 -0400

After posting my Summary I got a message from John Ferlan --

Well technically that works, it may not work for all cases....The problem
with
the above code is that an enhanced security profile could use one of at
least 3
different algorithms to encrypt the password and it may not necessarily be
bigcrypt()...

If all you are doing is validating the password is correct when wanting to
authenticate a user or start a session you could use:

sia_validate_user(3)

the sia_validate_user() routine knows how to determine which algorithm was
used
and to "do the right thing".

--
John Ferlan   DTN: 264-0854  Office: ZKO3-3/Y26
Compaq Computer Corporation
110 Spit Brook Rd.
M/S: ZKO3-3/W20
Nashua, NH 03062-2698
---
So the modified file looks like this. You still need the set_auth_params()
in main.
-- In main.c --
	     set_auth_parameters( argc,argv );
-- end main.c --
Then the login_unix_shadow.c file looks like the one below.
sia_validate_user needs an argv and argv combo for logging, so I'm just
passing it the daemon's name (imspd).
-- login_unix_shadow.c --
#include <stdio.h>
#include <stdlib.h>
#include </usr/include/prot.h>
#include <sia.h>
#include <siad.h>
/*
        #include <sysexits.h>
        #include <acte.h>
*/
/*
 * Unix passwd-authenticated login
 */
int
login_plaintext(user, pass, reply)
char *user;
char *pass;
char **reply;
{
	int auth_status;
        int myargc;
        char *myargv[2];
        myargc = 1;
        myargv[0] = "imspd";
        myargv[1] = NULL;
	auth_status
=sia_validate_user(NULL,myargc,myargv,NULL,user,NULL,0,NULL,pass);
        if( auth_status )!=SIASUCCESS){
                *reply = "wrong password";
                return(1);
        }
        return 0;
}
  
int
login_authenticate(authtype, mech, authproc)
char *authtype;
struct acte_server **mech;
int (**authproc)();
{
    return 1;
}
-- end login_unix_shadow.c --
Michael
-- 
   -------------------------------o--------------------------------
   Michael H. Martel              | Vermont State Colleges        
   mailto:martelm_at_quark.vsc.edu   | Technical Support Specialist
   http://probe.vsc.edu/~michael  | PH:802-241-2535 FX:802-241-3363

Received on Fri Apr 16 1999 - 15:11:20 NZST

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:39 NZDT