10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
50Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only
60Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance
70Sstevel@tonic-gate * with the License.
80Sstevel@tonic-gate *
90Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
100Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
110Sstevel@tonic-gate * See the License for the specific language governing permissions
120Sstevel@tonic-gate * and limitations under the License.
130Sstevel@tonic-gate *
140Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
150Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
160Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
170Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
180Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
190Sstevel@tonic-gate *
200Sstevel@tonic-gate * CDDL HEADER END
210Sstevel@tonic-gate */
220Sstevel@tonic-gate /*
230Sstevel@tonic-gate * Copyright 1992 Sun Microsystems, Inc. All rights reserved.
240Sstevel@tonic-gate * Use is subject to license terms.
250Sstevel@tonic-gate */
260Sstevel@tonic-gate
27*722Smuffin #pragma ident "%Z%%M% %I% %E% SMI"
280Sstevel@tonic-gate
290Sstevel@tonic-gate #include <stdio.h>
300Sstevel@tonic-gate #include <signal.h>
310Sstevel@tonic-gate #include <grp.h>
320Sstevel@tonic-gate #include <sys/time.h>
330Sstevel@tonic-gate #include <errno.h>
340Sstevel@tonic-gate
350Sstevel@tonic-gate /*
360Sstevel@tonic-gate * Version to go in the BCP compatibility library in SVr4 version of
370Sstevel@tonic-gate * SunOS. This does not bother talking to rpc.pwdauthd or looking for the
380Sstevel@tonic-gate * password.adjunct file on the system since they do not exist anymore.
390Sstevel@tonic-gate * They have been effectively replaced by a more robust aging security provided
400Sstevel@tonic-gate * by the combination of /etc/shadow file, shadow support in the NIS+
410Sstevel@tonic-gate * passwd table and the use of secure RPC in NIS+.
420Sstevel@tonic-gate */
430Sstevel@tonic-gate
44*722Smuffin int
grpauth(char * name,char * password)45*722Smuffin grpauth(char *name, char *password)
460Sstevel@tonic-gate {
470Sstevel@tonic-gate
480Sstevel@tonic-gate /*
490Sstevel@tonic-gate * this routine authenticates a password for the named user.
500Sstevel@tonic-gate * Assumes the adjunct file does not exist.
510Sstevel@tonic-gate * and therefore checks the group "source" using the standard
520Sstevel@tonic-gate * getgrnam(3C) routine that uses /etc/nsswitch.conf(4).
530Sstevel@tonic-gate */
540Sstevel@tonic-gate struct group gr;
550Sstevel@tonic-gate struct group *grp;
560Sstevel@tonic-gate
570Sstevel@tonic-gate if ((grp = getgrnam(name)) == NULL)
580Sstevel@tonic-gate /* group is not in main password system */
590Sstevel@tonic-gate return (-1);
600Sstevel@tonic-gate gr = *grp;
610Sstevel@tonic-gate if (gr.gr_passwd[0] == '#' && gr.gr_passwd[1] == '$') {
620Sstevel@tonic-gate /* this means that /etc/group has problems */
630Sstevel@tonic-gate fprintf(stderr, "grpauth: bad group entry for %s\n",
640Sstevel@tonic-gate gr.gr_name);
650Sstevel@tonic-gate return (-1);
660Sstevel@tonic-gate }
670Sstevel@tonic-gate if (strcmp(crypt(password, gr.gr_passwd), gr.gr_passwd) == 0)
680Sstevel@tonic-gate return (0);
690Sstevel@tonic-gate else
700Sstevel@tonic-gate return (-1);
710Sstevel@tonic-gate }
72