jfh@rpp386.Dallas.TX.US (The Beach Bum) (11/18/88)
In article <1337@tmpmbx.UUCP>, pengo@tmpmbx.UUCP (Hans H. Huebner) writes: > Hello, > > developers interested in a library which confirms to the AT&T shadow password > file scheme as described by Dennis, send me a short note. I have hacked > together what Dennis specified in his earlier note, but I can't guarantee > that it works *exactly* the same way AT&T does it. > > If there's enough interest, I'll post the stuff to rsalz and alt.sources as > soon as I have the manual pages finished. I got impatient. Attached is my clone which I'll be including in the soon to be released login clone. The routines were all very simple, I didn't see any point in holding out ... This was all written straight off of Dennis' article. You may do with it as you please. So much for security by obscurity [ Thanks James ... ] It is as simple minded as possible, your suggestions, as always, are more than welcome. - John. -- #! /bin/sh # This is a shell archive, meaning: # 1. Remove everything above the #! /bin/sh line. # 2. Save the resulting text in a file. # 3. Execute the file with /bin/sh (not csh) to create: # shadow.c # shadow.h # This archive created: Fri Nov 18 00:07:19 1988 export PATH; PATH=/bin:/usr/bin:$PATH if test -f 'shadow.c' then echo shar: "will not over-write existing file 'shadow.c'" else cat << \SHAR_EOF > 'shadow.c' #include "shadow.h" #include <stdio.h> #include <string.h> static FILE *shadow; void setspent () { if (shadow) rewind (shadow); else shadow = fopen (SHADOW, "r"); } void endspent () { if (shadow) fclose (shadow); } struct spwd *fgetspent (fp) FILE *fp; { static struct spwd spwd; static char name[32]; static char pass[32]; char buf[BUFSIZ]; char *cp; int atoi (); long atol (); if (! fp) return (0); if (fgets (buf, BUFSIZ, fp) == (char *) 0) return (0); if ((cp = strtok (buf, ":")) && *cp) strcpy (name, cp); else return (0); if ((cp = strtok ((char *) 0, ":")) && *cp) strcpy (pass, cp); else return (0); if ((cp = strtok ((char *) 0, ":")) && *cp) spwd.sp_lstchg = atol (cp); else return (0); if ((cp = strtok ((char *) 0, ":")) && *cp) spwd.sp_min = atoi (cp); else return (0); if ((cp = strtok ((char *) 0, ":")) && *cp) spwd.sp_max = atoi (cp); else return (0); spwd.sp_namp = name; spwd.sp_pwdp = pass; return (&spwd); } struct spwd *getspent () { return (fgetspent (shadow)); } struct spwd *getspnam (name) char *name; { struct spwd *spwd; setspent (); while ((spwd = getspent ()) != (struct spwd *) 0) { if (strcmp (name, spwd->sp_namp) == 0) return (spwd); } return (0); } int putspent (spwd, fp) struct spwd *spwd; FILE *fp; { if (! fp) return (0); return (fprintf (fp, "%s:%s:%ld:%d:%d\n", spwd->sp_namp, spwd->sp_pwdp, spwd->sp_lstchg, spwd->sp_min, spwd->sp_max) > 0); } SHAR_EOF fi if test -f 'shadow.h' then echo shar: "will not over-write existing file 'shadow.h'" else cat << \SHAR_EOF > 'shadow.h' /* * This information is not derived from AT&T licensed sources. Posted * to the USENET 11/88. */ /* * Shadow password security file structure. */ struct spwd { char *sp_namp; /* login name */ char *sp_pwdp; /* encrypted password */ long sp_lstchg; /* date of last change */ int sp_max; /* maximum number of days between changes */ int sp_min; /* minimum number of days between changes */ }; /* * Shadow password security file functions. */ struct spwd *getspent (); struct spwd *getspnam (); void setspent (); void endspent (); struct spwd *fgetspent (); int putspent (); #define SHADOW "/etc/shadow" SHAR_EOF fi exit 0 # End of shell archive -- John F. Haugh II +----------Quote of the Week:---------- VoiceNet: (214) 250-3311 Data: -6272 | "Okay, so maybe Berkeley is in north- InterNet: jfh@rpp386.Dallas.TX.US | ern California." -- Henry Spencer UucpNet : <backbone>!killer!rpp386!jfh +--------------------------------------
dlm@cuuxb.ATT.COM (Dennis L. Mumaugh) (11/29/88)
In article <8693@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US (The Beach Bum) writes: I got impatient. Attached is my clone which I'll be including in the soon to be released login clone. The routines were all very simple, I didn't see any point in holding out ... This was all written straight off of Dennis' article. You may do with it as you please. So much for security by obscurity [ Thanks James ... ] It is as simple minded as possible, your suggestions, as always, are more than welcome. - John. A colleague contacted me and expressed concern that the implementation of /etc/shadow might not exactly reflect that of AT&T. I checked John's version of shadow.h and discovered a small difference over the "Official" shadow.h. For those with sizeof(int) == sizeof(long) there is no problem but "All's the world is not a VAX [or 3B2]." Here is the changed shadow.h: #! /bin/sh # This is a shell archive. Remove anything before this line, then unpack # it by saving it into a file and typing "sh file". To overwrite existing # files, type "sh file -c". You can also feed this as standard input via # unshar, or by typing "sh <file", e.g.. if test -f 'shadow.h' then echo shar: "will not over-write existing file 'shadow.h'" else cat << \SHAR_EOF > 'shadow.h' /* * This information is not derived from AT&T licensed sources. Posted * to the USENET 11/88. */ /* * Shadow password security file structure. */ struct spwd { char *sp_namp; /* login name */ char *sp_pwdp; /* encrypted password */ long sp_lstchg; /* date of last change */ long sp_max; /* maximum number of days between changes */ long sp_min; /* minimum number of days between changes */ }; /* * Shadow password security file functions. */ struct spwd *getspent (); struct spwd *getspnam (); void setspent (); void endspent (); struct spwd *fgetspent (); int putspent (); #define SHADOW "/etc/shadow" SHAR_EOF fi echo "End of shell archive shadow.h" exit 0 # End of shell archive -- =Dennis L. Mumaugh Lisle, IL ...!{att,lll-crg}!cuuxb!dlm OR cuuxb!dlm@arpa.att.com