the following lines are missing from authinfo.c:
43 #ifdef AUTHINFO_PIPE
44 if (strCaseEq(a, "pipe"))
45 return &pipe_authenticator;
46 #endif
and the provided unixauth.c file doesn't do any good with shadow passwords
(which is probably why you're using it). i've reworked it to support them
as well as provide a timeout for bad passwords to alleviate brute force
attacks.
/* $Id: unixauth.c,v 1.1 1999/12/18 20:19:17 proff Exp $
* $Copyright$
*/
/*
* simple setuid program to test a password; run as "unixauth user"
* and pass write the argument as input. it will exit(0) for a
* valid user and exit(1) else for invalid. run this to test a
* authentication when passwords are secret in /etc/shadow,
* /etc/master.passwd, etc.
*/
#include <sys/types.h>
#include <shadow.h>
#include <stdio.h>
#ifdef HAVE_STDLIB_H
# include <stdlib.h>
#endif
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif
int main (int argc, char **argv, char **envp)
{
char pass[256];
struct spwd *spw;
if ((argc == 2)
&& (fgets(pass, sizeof pass, stdin) != NULL)
&& pass[0]
&& ((spw = getspnam(argv[1])) != NULL)
&& (strcmp(crypt(pass, spw->sp_pwdp), spw->sp_pwdp) == 0)) {
exit(0);
}
sleep(5);
exit(1);
}
