From 7ba4aacd85ebfc2d0c9741cfad338d17baeb528d Mon Sep 17 00:00:00 2001
From: Pavel Roskin <proski@gnu.org>
Date: Sun, 17 Nov 2002 05:38:29 +0000
Subject: [PATCH] * mcserv.c (do_classic_auth): Restore support for shadow
 passwords.  Use crypt() instead of pw_encrypt() - the later is missing on
 Slackware 8.0.  Reported by Christian Laubscher
 <christian.laubscher@tiscalinet.ch>

---
 vfs/ChangeLog |  5 +++++
 vfs/mcserv.c  | 51 +++++++++++++++++++++++++++++++++++++--------------
 2 files changed, 42 insertions(+), 14 deletions(-)

diff --git a/vfs/ChangeLog b/vfs/ChangeLog
index 9653565c9..83385febc 100644
--- a/vfs/ChangeLog
+++ b/vfs/ChangeLog
@@ -1,5 +1,10 @@
 2002-11-16  Pavel Roskin  <proski@gnu.org>
 
+	* mcserv.c (do_classic_auth): Restore support for shadow
+	passwords.  Use crypt() instead of pw_encrypt() - the later is
+	missing on Slackware 8.0.  Reported by
+	Christian Laubscher <christian.laubscher@tiscalinet.ch>
+
 	* Makefile.am: Consolidate mcserv libraries into MCSERVLIBS.
 
 2002-11-15  Pavel Roskin  <proski@gnu.org>
diff --git a/vfs/mcserv.c b/vfs/mcserv.c
index 4503d5008..0107586d2 100644
--- a/vfs/mcserv.c
+++ b/vfs/mcserv.c
@@ -80,12 +80,19 @@
 #        define PAM_ESTABLISH_CRED PAM_CRED_ESTABLISH
 #    endif
 #else
+#endif				/* !HAVE_PAM */
+
 #ifdef HAVE_CRYPT_H
 #    include <crypt.h>
-#else
-extern char *crypt (const char *, const char *);
 #endif				/* !HAVE_CRYPT_H */
-#endif				/* !HAVE_PAM */
+
+#ifdef HAVE_SHADOW_H
+#    include <shadow.h>
+#else
+#    ifdef HAVE_SHADOW_SHADOW_H
+#        include <shadow/shadow.h>
+#    endif
+#endif
 
 #include "utilvfs.h"
 
@@ -881,20 +888,33 @@ do_ftp_auth (char *username, char *password)
 static int
 do_classic_auth (char *username, char *password)
 {
-    struct passwd *this;
-    int ret;
+    int ret = 0;
+    char *encr_pwd = NULL;
+    struct passwd *pw;
+#ifdef HAVE_SHADOW
+    struct spwd *spw;
+#endif
 
-    if ((this = getpwnam (username)) == 0)
+    if ((pw = getpwnam (username)) == 0)
 	return 0;
 
-#ifdef HAVE_CRYPT
-    if (strcmp (crypt (password, this->pw_passwd), this->pw_passwd) == 0) {
-	ret = 1;
-    } else
+#ifdef HAVE_SHADOW
+    setspent ();
+
+    /* Password expiration is not checked! */
+    if ((spw = getspnam (username)) == NULL)
+	encr_pwd = "*";
+    else
+	encr_pwd = spw->sp_pwdp;
+
+    endspent ();
+#else
+    encr_pwd = pw->pw_passwd;
 #endif
-    {
-	ret = 0;
-    }
+
+    if (strcmp (crypt (password, encr_pwd), encr_pwd) == 0)
+	ret = 1;
+
     endpwent ();
     return ret;
 }
@@ -924,9 +944,12 @@ do_auth (char *username, char *password)
 	auth = 1;
     else
 #endif
+#ifdef HAVE_CRYPT
     if (do_classic_auth (username, password))
 	auth = 1;
-    else if (ftp)
+    else
+#endif
+    if (ftp)
 	auth = do_ftp_auth (username, password);
 #endif				/* not pam */