1997-12-04 01:34:01 +01:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
1999-02-14 00:22:53 +01:00
|
|
|
* crypt.c
|
2001-11-01 19:10:48 +01:00
|
|
|
* Look into the password file and check the encrypted password with
|
|
|
|
* the one passed in from the frontend.
|
1997-12-04 01:34:01 +01:00
|
|
|
*
|
2001-11-01 19:10:48 +01:00
|
|
|
* Original coding by Todd A. Brandys
|
1997-12-30 03:26:56 +01:00
|
|
|
*
|
2001-11-01 19:10:48 +01:00
|
|
|
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
1997-12-30 03:26:56 +01:00
|
|
|
*
|
Commit to match discussed elog() changes. Only update is that LOG is
now just below FATAL in server_min_messages. Added more text to
highlight ordering difference between it and client_min_messages.
---------------------------------------------------------------------------
REALLYFATAL => PANIC
STOP => PANIC
New INFO level the prints to client by default
New LOG level the prints to server log by default
Cause VACUUM information to print only to the client
NOTICE => INFO where purely information messages are sent
DEBUG => LOG for purely server status messages
DEBUG removed, kept as backward compatible
DEBUG5, DEBUG4, DEBUG3, DEBUG2, DEBUG1 added
DebugLvl removed in favor of new DEBUG[1-5] symbols
New server_min_messages GUC parameter with values:
DEBUG[5-1], INFO, NOTICE, ERROR, LOG, FATAL, PANIC
New client_min_messages GUC parameter with values:
DEBUG[5-1], LOG, INFO, NOTICE, ERROR, FATAL, PANIC
Server startup now logged with LOG instead of DEBUG
Remove debug_level GUC parameter
elog() numbers now start at 10
Add test to print error message if older elog() values are passed to elog()
Bootstrap mode now has a -d that requires an argument, like postmaster
2002-03-02 22:39:36 +01:00
|
|
|
* $Header: /cvsroot/pgsql/src/backend/libpq/crypt.c,v 1.43 2002/03/02 21:39:26 momjian Exp $
|
1997-12-04 01:34:01 +01:00
|
|
|
*
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
2001-11-01 19:10:48 +01:00
|
|
|
#include "postgres.h"
|
1997-12-04 01:34:01 +01:00
|
|
|
|
2000-08-27 23:50:18 +02:00
|
|
|
#include <errno.h>
|
1997-12-04 01:34:01 +01:00
|
|
|
#include <unistd.h>
|
2001-11-02 19:39:57 +01:00
|
|
|
#ifdef HAVE_CRYPT_H
|
|
|
|
#include <crypt.h>
|
|
|
|
#endif
|
1997-12-04 01:34:01 +01:00
|
|
|
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "libpq/crypt.h"
|
2001-08-17 04:59:20 +02:00
|
|
|
#include "libpq/libpq.h"
|
1997-12-12 17:26:36 +01:00
|
|
|
#include "miscadmin.h"
|
1997-12-09 04:11:25 +01:00
|
|
|
#include "storage/fd.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "utils/nabstime.h"
|
1997-12-30 03:26:56 +01:00
|
|
|
|
1998-01-26 02:42:53 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
#define CRYPT_PWD_FILE "pg_pwd"
|
|
|
|
|
|
|
|
|
2001-11-05 18:46:40 +01:00
|
|
|
static char **pwd_cache = NULL;
|
|
|
|
static int pwd_cache_count = 0;
|
1997-12-30 03:26:56 +01:00
|
|
|
|
2001-02-08 00:31:38 +01:00
|
|
|
/*
|
2001-11-02 19:39:57 +01:00
|
|
|
* crypt_getpwdfilename --- get full pathname of password file
|
2001-02-08 00:31:38 +01:00
|
|
|
*
|
|
|
|
* Note that result string is palloc'd, and should be freed by the caller.
|
|
|
|
*/
|
1998-02-26 05:46:47 +01:00
|
|
|
char *
|
2000-08-27 23:50:18 +02:00
|
|
|
crypt_getpwdfilename(void)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
1999-05-25 18:15:34 +02:00
|
|
|
int bufsize;
|
2000-08-27 23:50:18 +02:00
|
|
|
char *pfnam;
|
1997-12-04 01:34:01 +01:00
|
|
|
|
2000-07-03 22:48:46 +02:00
|
|
|
bufsize = strlen(DataDir) + 8 + strlen(CRYPT_PWD_FILE) + 1;
|
1998-12-14 07:50:32 +01:00
|
|
|
pfnam = (char *) palloc(bufsize);
|
2000-07-03 22:48:46 +02:00
|
|
|
snprintf(pfnam, bufsize, "%s/global/%s", DataDir, CRYPT_PWD_FILE);
|
1997-12-04 01:34:01 +01:00
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
return pfnam;
|
1997-12-30 03:26:56 +01:00
|
|
|
}
|
|
|
|
|
2001-02-08 00:31:38 +01:00
|
|
|
/*
|
2001-11-02 19:39:57 +01:00
|
|
|
* Open the password file if possible (return NULL if not)
|
2001-02-08 00:31:38 +01:00
|
|
|
*/
|
2000-08-27 23:50:18 +02:00
|
|
|
static FILE *
|
|
|
|
crypt_openpwdfile(void)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
|
|
|
char *filename;
|
|
|
|
FILE *pwdfile;
|
1997-12-04 01:34:01 +01:00
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
filename = crypt_getpwdfilename();
|
2001-06-24 01:26:17 +02:00
|
|
|
pwdfile = AllocateFile(filename, "r");
|
1997-12-30 03:26:56 +01:00
|
|
|
|
2001-06-24 01:26:17 +02:00
|
|
|
if (pwdfile == NULL && errno != ENOENT)
|
Commit to match discussed elog() changes. Only update is that LOG is
now just below FATAL in server_min_messages. Added more text to
highlight ordering difference between it and client_min_messages.
---------------------------------------------------------------------------
REALLYFATAL => PANIC
STOP => PANIC
New INFO level the prints to client by default
New LOG level the prints to server log by default
Cause VACUUM information to print only to the client
NOTICE => INFO where purely information messages are sent
DEBUG => LOG for purely server status messages
DEBUG removed, kept as backward compatible
DEBUG5, DEBUG4, DEBUG3, DEBUG2, DEBUG1 added
DebugLvl removed in favor of new DEBUG[1-5] symbols
New server_min_messages GUC parameter with values:
DEBUG[5-1], INFO, NOTICE, ERROR, LOG, FATAL, PANIC
New client_min_messages GUC parameter with values:
DEBUG[5-1], LOG, INFO, NOTICE, ERROR, FATAL, PANIC
Server startup now logged with LOG instead of DEBUG
Remove debug_level GUC parameter
elog() numbers now start at 10
Add test to print error message if older elog() values are passed to elog()
Bootstrap mode now has a -d that requires an argument, like postmaster
2002-03-02 22:39:36 +01:00
|
|
|
elog(LOG, "could not open %s: %m", filename);
|
2000-08-27 23:50:18 +02:00
|
|
|
|
2001-02-08 00:31:38 +01:00
|
|
|
pfree(filename);
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
return pwdfile;
|
1997-12-04 01:34:01 +01:00
|
|
|
}
|
|
|
|
|
2001-11-01 19:10:48 +01:00
|
|
|
/*
|
|
|
|
* Compare two password-file lines on the basis of their usernames.
|
|
|
|
*
|
|
|
|
* Can also be used to compare just a username against a password-file
|
|
|
|
* line (for bsearch).
|
|
|
|
*/
|
2000-08-27 23:50:18 +02:00
|
|
|
static int
|
1998-02-26 05:46:47 +01:00
|
|
|
compar_user(const void *user_a, const void *user_b)
|
|
|
|
{
|
|
|
|
char *login_a;
|
|
|
|
char *login_b;
|
2001-11-01 19:10:48 +01:00
|
|
|
int len_a,
|
|
|
|
len_b,
|
|
|
|
result;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
login_a = *((char **) user_a);
|
|
|
|
login_b = *((char **) user_b);
|
|
|
|
|
|
|
|
/*
|
2001-11-05 18:46:40 +01:00
|
|
|
* We only really want to compare the user logins which are first and
|
|
|
|
* are terminated by CRYPT_PWD_FILE_SEPSTR. (NB: this code
|
2001-11-01 19:10:48 +01:00
|
|
|
* effectively assumes that CRYPT_PWD_FILE_SEPSTR is just one char.)
|
1998-02-26 05:46:47 +01:00
|
|
|
*/
|
2001-11-01 19:10:48 +01:00
|
|
|
len_a = strcspn(login_a, CRYPT_PWD_FILE_SEPSTR);
|
|
|
|
len_b = strcspn(login_b, CRYPT_PWD_FILE_SEPSTR);
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-11-01 19:10:48 +01:00
|
|
|
result = strncmp(login_a, login_b, Min(len_a, len_b));
|
|
|
|
|
|
|
|
if (result == 0) /* one could be a prefix of the other */
|
|
|
|
result = (len_a - len_b);
|
|
|
|
|
|
|
|
return result;
|
1997-12-30 03:26:56 +01:00
|
|
|
}
|
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
/*
|
|
|
|
* Load or reload the password-file cache
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
load_password_cache(void)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
|
|
|
FILE *pwd_file;
|
2001-11-01 19:10:48 +01:00
|
|
|
char buffer[1024];
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
/*
|
2001-11-02 19:39:57 +01:00
|
|
|
* If for some reason we fail to open the password file, preserve the
|
|
|
|
* old cache contents; this seems better than dropping the cache if,
|
|
|
|
* say, we are temporarily out of filetable slots.
|
1998-02-26 05:46:47 +01:00
|
|
|
*/
|
2001-11-02 19:39:57 +01:00
|
|
|
if (!(pwd_file = crypt_openpwdfile()))
|
|
|
|
return;
|
|
|
|
|
|
|
|
/* free any old data */
|
|
|
|
if (pwd_cache)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
2001-11-02 19:39:57 +01:00
|
|
|
while (--pwd_cache_count >= 0)
|
|
|
|
pfree(pwd_cache[pwd_cache_count]);
|
|
|
|
pfree(pwd_cache);
|
|
|
|
pwd_cache = NULL;
|
|
|
|
pwd_cache_count = 0;
|
|
|
|
}
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
/*
|
2001-11-05 18:46:40 +01:00
|
|
|
* Read the file and store its lines in current memory context, which
|
|
|
|
* we expect will be PostmasterContext. That context will live as
|
|
|
|
* long as we need the cache to live, ie, until just after each
|
|
|
|
* postmaster child has completed client authentication.
|
2001-11-02 19:39:57 +01:00
|
|
|
*/
|
|
|
|
while (fgets(buffer, sizeof(buffer), pwd_file) != NULL)
|
|
|
|
{
|
|
|
|
int blen;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
/*
|
2001-11-02 19:39:57 +01:00
|
|
|
* We must remove the return char at the end of the string, as
|
|
|
|
* this will affect the correct parsing of the password entry.
|
1998-02-26 05:46:47 +01:00
|
|
|
*/
|
2001-11-02 19:39:57 +01:00
|
|
|
if (buffer[(blen = strlen(buffer) - 1)] == '\n')
|
|
|
|
buffer[blen] = '\0';
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
if (pwd_cache == NULL)
|
2001-11-01 19:10:48 +01:00
|
|
|
pwd_cache = (char **)
|
2001-11-02 19:39:57 +01:00
|
|
|
palloc(sizeof(char *) * (pwd_cache_count + 1));
|
|
|
|
else
|
|
|
|
pwd_cache = (char **)
|
|
|
|
repalloc((void *) pwd_cache,
|
|
|
|
sizeof(char *) * (pwd_cache_count + 1));
|
|
|
|
pwd_cache[pwd_cache_count++] = pstrdup(buffer);
|
1998-02-26 05:46:47 +01:00
|
|
|
}
|
1997-12-30 03:26:56 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
FreeFile(pwd_file);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now sort the entries in the cache for faster searching later.
|
|
|
|
*/
|
|
|
|
qsort((void *) pwd_cache, pwd_cache_count, sizeof(char *), compar_user);
|
|
|
|
}
|
1997-12-30 03:26:56 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
/*
|
|
|
|
* Parse a line of the password file to extract password and valid-until date.
|
|
|
|
*/
|
|
|
|
static bool
|
1998-02-26 05:46:47 +01:00
|
|
|
crypt_parsepwdentry(char *buffer, char **pwd, char **valdate)
|
|
|
|
{
|
|
|
|
char *parse = buffer;
|
|
|
|
int count,
|
|
|
|
i;
|
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
*pwd = NULL;
|
|
|
|
*valdate = NULL;
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
/*
|
|
|
|
* skip to the password field
|
|
|
|
*/
|
|
|
|
for (i = 0; i < 6; i++)
|
2001-11-02 19:39:57 +01:00
|
|
|
{
|
|
|
|
parse += strcspn(parse, CRYPT_PWD_FILE_SEPSTR);
|
|
|
|
if (*parse == '\0')
|
|
|
|
return false;
|
|
|
|
parse++;
|
|
|
|
}
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* store a copy of user password to return
|
|
|
|
*/
|
|
|
|
count = strcspn(parse, CRYPT_PWD_FILE_SEPSTR);
|
1998-12-14 07:50:32 +01:00
|
|
|
*pwd = (char *) palloc(count + 1);
|
2001-11-02 19:39:57 +01:00
|
|
|
memcpy(*pwd, parse, count);
|
1998-02-26 05:46:47 +01:00
|
|
|
(*pwd)[count] = '\0';
|
2001-11-02 19:39:57 +01:00
|
|
|
parse += count;
|
|
|
|
if (*parse == '\0')
|
|
|
|
{
|
|
|
|
pfree(*pwd);
|
|
|
|
*pwd = NULL;
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
parse++;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
/*
|
2001-11-01 19:10:48 +01:00
|
|
|
* store a copy of the date login becomes invalid
|
1998-02-26 05:46:47 +01:00
|
|
|
*/
|
|
|
|
count = strcspn(parse, CRYPT_PWD_FILE_SEPSTR);
|
1998-12-14 07:50:32 +01:00
|
|
|
*valdate = (char *) palloc(count + 1);
|
2001-11-02 19:39:57 +01:00
|
|
|
memcpy(*valdate, parse, count);
|
1998-02-26 05:46:47 +01:00
|
|
|
(*valdate)[count] = '\0';
|
1997-12-04 01:34:01 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
return true;
|
|
|
|
}
|
1997-12-04 01:34:01 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
/*
|
|
|
|
* Lookup a username in the password-file cache,
|
|
|
|
* return his password and valid-until date.
|
|
|
|
*/
|
|
|
|
static bool
|
1998-02-26 05:46:47 +01:00
|
|
|
crypt_getloginfo(const char *user, char **passwd, char **valuntil)
|
|
|
|
{
|
2001-11-02 19:39:57 +01:00
|
|
|
*passwd = NULL;
|
|
|
|
*valuntil = NULL;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
if (pwd_cache)
|
|
|
|
{
|
1999-05-25 18:15:34 +02:00
|
|
|
char **pwd_entry;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-11-01 19:10:48 +01:00
|
|
|
pwd_entry = (char **) bsearch((void *) &user,
|
|
|
|
(void *) pwd_cache,
|
|
|
|
pwd_cache_count,
|
|
|
|
sizeof(char *),
|
|
|
|
compar_user);
|
|
|
|
if (pwd_entry)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
2001-11-02 19:39:57 +01:00
|
|
|
if (crypt_parsepwdentry(*pwd_entry, passwd, valuntil))
|
|
|
|
return true;
|
1998-02-26 05:46:47 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
return false;
|
1997-12-04 01:34:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/*-------------------------------------------------------------------------*/
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
int
|
2001-08-15 20:42:16 +02:00
|
|
|
md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
1999-05-25 18:15:34 +02:00
|
|
|
char *passwd,
|
|
|
|
*valuntil,
|
|
|
|
*crypt_pwd;
|
|
|
|
int retval = STATUS_ERROR;
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-11-02 19:39:57 +01:00
|
|
|
if (!crypt_getloginfo(user, &passwd, &valuntil))
|
1998-02-26 05:46:47 +01:00
|
|
|
return STATUS_ERROR;
|
|
|
|
|
|
|
|
if (passwd == NULL || *passwd == '\0')
|
|
|
|
{
|
|
|
|
if (passwd)
|
2001-11-01 19:10:48 +01:00
|
|
|
pfree(passwd);
|
1998-02-26 05:46:47 +01:00
|
|
|
if (valuntil)
|
2001-11-01 19:10:48 +01:00
|
|
|
pfree(valuntil);
|
1998-02-26 05:46:47 +01:00
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
|
2001-08-17 04:59:20 +02:00
|
|
|
/* If they encrypt their password, force MD5 */
|
|
|
|
if (isMD5(passwd) && port->auth_method != uaMD5)
|
|
|
|
{
|
|
|
|
snprintf(PQerrormsg, PQERRORMSG_LENGTH,
|
2001-10-25 07:50:21 +02:00
|
|
|
"Password is stored MD5 encrypted. "
|
|
|
|
"'password' and 'crypt' auth methods cannot be used.\n");
|
2001-08-17 04:59:20 +02:00
|
|
|
fputs(PQerrormsg, stderr);
|
|
|
|
pqdebug("%s", PQerrormsg);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
/*
|
|
|
|
* Compare with the encrypted or plain password depending on the
|
|
|
|
* authentication method being used for this connection.
|
|
|
|
*/
|
2001-08-17 04:59:20 +02:00
|
|
|
switch (port->auth_method)
|
|
|
|
{
|
2001-08-15 20:42:16 +02:00
|
|
|
case uaMD5:
|
2001-10-25 07:50:21 +02:00
|
|
|
crypt_pwd = palloc(MD5_PASSWD_LEN + 1);
|
2001-08-15 20:42:16 +02:00
|
|
|
if (isMD5(passwd))
|
|
|
|
{
|
|
|
|
if (!EncryptMD5(passwd + strlen("md5"),
|
2001-10-25 07:50:21 +02:00
|
|
|
(char *) port->md5Salt,
|
2001-08-17 04:59:20 +02:00
|
|
|
sizeof(port->md5Salt), crypt_pwd))
|
2001-08-15 20:42:16 +02:00
|
|
|
{
|
|
|
|
pfree(crypt_pwd);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2001-10-25 07:50:21 +02:00
|
|
|
char *crypt_pwd2 = palloc(MD5_PASSWD_LEN + 1);
|
2001-08-15 20:42:16 +02:00
|
|
|
|
2001-08-17 04:59:20 +02:00
|
|
|
if (!EncryptMD5(passwd, port->user, strlen(port->user),
|
|
|
|
crypt_pwd2))
|
2001-08-15 20:42:16 +02:00
|
|
|
{
|
|
|
|
pfree(crypt_pwd);
|
|
|
|
pfree(crypt_pwd2);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
2001-08-17 04:59:20 +02:00
|
|
|
if (!EncryptMD5(crypt_pwd2 + strlen("md5"), port->md5Salt,
|
|
|
|
sizeof(port->md5Salt), crypt_pwd))
|
2001-08-15 20:42:16 +02:00
|
|
|
{
|
|
|
|
pfree(crypt_pwd);
|
|
|
|
pfree(crypt_pwd2);
|
|
|
|
return STATUS_ERROR;
|
|
|
|
}
|
|
|
|
pfree(crypt_pwd2);
|
|
|
|
}
|
|
|
|
break;
|
2001-08-17 17:40:07 +02:00
|
|
|
case uaCrypt:
|
2001-10-25 07:50:21 +02:00
|
|
|
{
|
|
|
|
char salt[3];
|
|
|
|
|
|
|
|
StrNCpy(salt, port->cryptSalt, 3);
|
|
|
|
crypt_pwd = crypt(passwd, salt);
|
|
|
|
break;
|
|
|
|
}
|
2001-08-15 20:42:16 +02:00
|
|
|
default:
|
|
|
|
crypt_pwd = passwd;
|
|
|
|
break;
|
|
|
|
}
|
1998-02-26 05:46:47 +01:00
|
|
|
|
2001-09-21 22:31:49 +02:00
|
|
|
if (strcmp(pgpass, crypt_pwd) == 0)
|
1998-02-26 05:46:47 +01:00
|
|
|
{
|
|
|
|
/*
|
2001-11-01 19:10:48 +01:00
|
|
|
* Password OK, now check to be sure we are not past valuntil
|
1998-02-26 05:46:47 +01:00
|
|
|
*/
|
2001-11-01 19:10:48 +01:00
|
|
|
AbsoluteTime vuntil,
|
|
|
|
current;
|
|
|
|
|
1998-02-26 05:46:47 +01:00
|
|
|
if (!valuntil || strcmp(valuntil, "\\N") == 0)
|
|
|
|
vuntil = INVALID_ABSTIME;
|
|
|
|
else
|
2000-06-09 03:11:16 +02:00
|
|
|
vuntil = DatumGetAbsoluteTime(DirectFunctionCall1(nabstimein,
|
2001-03-22 05:01:46 +01:00
|
|
|
CStringGetDatum(valuntil)));
|
1998-02-26 05:46:47 +01:00
|
|
|
current = GetCurrentAbsoluteTime();
|
|
|
|
if (vuntil != INVALID_ABSTIME && vuntil < current)
|
|
|
|
retval = STATUS_ERROR;
|
|
|
|
else
|
|
|
|
retval = STATUS_OK;
|
|
|
|
}
|
|
|
|
|
2001-08-15 20:42:16 +02:00
|
|
|
pfree(passwd);
|
1998-02-26 05:46:47 +01:00
|
|
|
if (valuntil)
|
2001-08-15 20:42:16 +02:00
|
|
|
pfree(valuntil);
|
|
|
|
if (port->auth_method == uaMD5)
|
|
|
|
pfree(crypt_pwd);
|
1998-02-26 05:46:47 +01:00
|
|
|
|
|
|
|
return retval;
|
1997-12-04 01:34:01 +01:00
|
|
|
}
|