in src/common/commonutils/UserUtils.c [258:352]
static int CheckIfUserHasPassword(SimplifiedUser* user, OsConfigLogHandle log)
{
struct spwd* shadowEntry = NULL;
char control = 0;
int status = 0;
if ((NULL == user) || (NULL == user->username))
{
OsConfigLogError(log, "CheckIfUserHasPassword: invalid argument");
return EINVAL;
}
if (true == (user->noLogin = IsUserNonLogin(user)))
{
return 0;
}
setspent();
if (NULL != (shadowEntry = getspnam(user->username)))
{
control = shadowEntry->sp_pwdp ? shadowEntry->sp_pwdp[0] : 'n';
switch (control)
{
case '$':
switch (shadowEntry->sp_pwdp[1])
{
case '1':
user->passwordEncryption = md5;
break;
case '2':
switch (shadowEntry->sp_pwdp[2])
{
case 'a':
user->passwordEncryption = blowfish;
break;
case 'y':
user->passwordEncryption = eksBlowfish;
break;
default:
user->passwordEncryption = unknownBlowfish;
}
break;
case '5':
user->passwordEncryption = sha256;
break;
case '6':
user->passwordEncryption = sha512;
break;
default:
user->passwordEncryption = unknown;
}
user->hasPassword = true;
user->lastPasswordChange = shadowEntry->sp_lstchg;
user->minimumPasswordAge = shadowEntry->sp_min;
user->maximumPasswordAge = shadowEntry->sp_max;
user->warningPeriod = shadowEntry->sp_warn;
user->inactivityPeriod = shadowEntry->sp_inact;
user->expirationDate = shadowEntry->sp_expire;
break;
case '!':
user->hasPassword = false;
user->isLocked = true;
break;
case '*':
user->hasPassword = false;
user->cannotLogin = true;
break;
case ':':
default:
OsConfigLogInfo(log, "CheckIfUserHasPassword: user %u appears to be missing password ('%c')", user->userId, control);
user->hasPassword = false;
}
}
else
{
OsConfigLogInfo(log, "CheckIfUserHasPassword: getspnam for user %u failed with %d (%s)", user->userId, errno, strerror(errno));
status = ENOENT;
}
endspent();
return status;
}