/* Author: Wietse Venema, Eindhoven University of Technology. */ #include <string.h> #include <stdio.h> #include <pwd.h> #include "skey.h" /* skey_crypt - return encrypted UNIX passwd if s/key or regular password ok */ char *skey_crypt(pp, salt, pwd, pwok) char *pp; char *salt; struct passwd *pwd; int pwok; { struct skey skey; char *p; char *crypt(); /* Try s/key authentication even when the UNIX password is permitted. */ if (pwd != 0 && skeylookup(&skey, pwd->pw_name) == 0 && skeyverify(&skey, pp) == 0) { /* s/key authentication succeeded */ return (pwd->pw_passwd); } /* When s/key authentication does not work, always invoke crypt(). */ p = crypt(pp, salt); if (pwok && pwd != 0 && strcmp(p, pwd->pw_passwd) == 0) return (pwd->pw_passwd); /* The user does not exist or entered bad input. */ return (":"); }