s3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.

Guenther

diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index 3dceb52c7db29c590bb5c0971d2c1a89e0476895..b5a6a473b6aa1d9caa61319e676a071e0f9da31f 100644 (file)
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -179,7 +179,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags,
 
        retval = PAM_SUCCESS;
 
-       pam_get_data(pamh, "smb_setcred_return", (const void **) &pretval);
+       _pam_get_data(pamh, "smb_setcred_return", &pretval);
        if(pretval) {
                retval = *pretval;
                SAFE_FREE(pretval);
@@ -199,7 +199,7 @@ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
        int retval;
 
        /* Get the authtok; if we don't have one, silently fail. */
-       retval = pam_get_item( pamh, PAM_AUTHTOK, (const void **) &pass );
+       retval = _pam_get_item( pamh, PAM_AUTHTOK, &pass );
 
        if (retval != PAM_SUCCESS) {
                _log_err( LOG_ALERT

diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index b6de43ff9750ead3c98e253b9b10186051cfd33d..dce6e01ae93dfbd8edf012b20db8cc64c6736faf 100644 (file)
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -229,11 +229,11 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
          */
 
         if (off( SMB_NOT_SET_PASS, ctrl )) {
-            retval = pam_get_item( pamh, PAM_OLDAUTHTOK,
-                                   (const void **)&pass_old );
+            retval = _pam_get_item( pamh, PAM_OLDAUTHTOK,
+                                   &pass_old );
         } else {
-            retval = pam_get_data( pamh, _SMB_OLD_AUTHTOK,
-                                   (const void **)&pass_old );
+            retval = _pam_get_data( pamh, _SMB_OLD_AUTHTOK,
+                                   &pass_old );
             if (retval == PAM_NO_MODULE_DATA) {
                pass_old = NULL;
                 retval = PAM_SUCCESS;

diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c
index 1e66f4036313154332eb84425bb4f4e7bb0c0c95..b6cf3a886d2e6481812e8bf2e44215be97de8ce4 100644 (file)
--- a/source3/pam_smbpass/support.c
+++ b/source3/pam_smbpass/support.c
@@ -85,7 +85,7 @@ int converse( pam_handle_t * pamh, int ctrl, int nargs
        int retval;
        struct pam_conv *conv;
 
-       retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
+       retval = _pam_get_item(pamh, PAM_CONV, &conv);
        if (retval == PAM_SUCCESS) {
 
                retval = conv->conv(nargs, (const struct pam_message **) message
@@ -278,7 +278,7 @@ void _cleanup_failures( pam_handle_t * pamh, void *fl, int err )
 
             /* log the number of authentication failures */
             if (failure->count != 0) {
-                pam_get_item( pamh, PAM_SERVICE, (const void **) &service );
+                _pam_get_item( pamh, PAM_SERVICE, &service );
                 _log_err( LOG_NOTICE
                           , "%d authentication %s "
                             "from %s for service %s as %s(%d)"
@@ -334,7 +334,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
         } else {
             const char *service;
 
-            pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+            _pam_get_item( pamh, PAM_SERVICE, &service );
             _log_err( LOG_NOTICE, "failed auth request by %s for service %s as %s",
                       uidtoname(getuid()), service ? service : "**unknown**", name);
             return PAM_AUTH_ERR;
@@ -369,7 +369,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
 
         const char *service;
 
-        pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+        _pam_get_item( pamh, PAM_SERVICE, &service );
 
         if (data_name != NULL) {
             struct _pam_failed_auth *newauth = NULL;
@@ -382,7 +382,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
             if (newauth != NULL) {
 
                 /* any previous failures for this user ? */
-                pam_get_data(pamh, data_name, (const void **) &old);
+                _pam_get_data(pamh, data_name, &old);
 
                 if (old != NULL) {
                     newauth->count = old->count + 1;
@@ -487,7 +487,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
     /* should we obtain the password from a PAM item ? */
 
     if (on(SMB_TRY_FIRST_PASS, ctrl) || on(SMB_USE_FIRST_PASS, ctrl)) {
-        retval = pam_get_item( pamh, authtok_flag, (const void **) &item );
+        retval = _pam_get_item( pamh, authtok_flag, &item );
         if (retval != PAM_SUCCESS) {
             /* very strange. */
             _log_err( LOG_ALERT
@@ -580,8 +580,8 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
         retval = pam_set_item( pamh, authtok_flag, (const void *)token );
         _pam_delete( token );          /* clean it up */
         if (retval != PAM_SUCCESS
-            || (retval = pam_get_item( pamh, authtok_flag
-                            ,(const void **)&item )) != PAM_SUCCESS)
+            || (retval = _pam_get_item( pamh, authtok_flag
+                            ,&item )) != PAM_SUCCESS)
         {
             _log_err( LOG_CRIT, "error manipulating password" );
             return retval;
@@ -594,7 +594,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
 
         retval = pam_set_data( pamh, data_name, (void *) token, _cleanup );
         if (retval != PAM_SUCCESS
-            || (retval = pam_get_data( pamh, data_name, (const void **)&item ))
+            || (retval = _pam_get_data( pamh, data_name, &item ))
                              != PAM_SUCCESS)
         {
             _log_err( LOG_CRIT, "error manipulating password data [%s]"
@@ -632,3 +632,23 @@ int _pam_smb_approve_pass(pam_handle_t * pamh,
 
     return PAM_SUCCESS;
 }
+
+/*
+ * Work around the pam API that has functions with void ** as parameters
+ * These lead to strict aliasing warnings with gcc.
+ */
+int _pam_get_item(const pam_handle_t *pamh,
+                 int item_type,
+                 const void *_item)
+{
+       const void **item = (const void **)_item;
+       return pam_get_item(pamh, item_type, item);
+}
+
+int _pam_get_data(const pam_handle_t *pamh,
+                 const char *module_data_name,
+                 const void *_data)
+{
+       const void **data = (const void **)_data;
+       return pam_get_data(pamh, module_data_name, data);
+}

diff --git a/source3/pam_smbpass/support.h b/source3/pam_smbpass/support.h
index 5ac48c3afa0c49b56724fa2dbfaaa023eb6188ae..87f1690a6084a7d63c58e30fa65f5e48d6234e92 100644 (file)
--- a/source3/pam_smbpass/support.h
+++ b/source3/pam_smbpass/support.h
@@ -48,3 +48,10 @@ extern int _smb_read_password( pam_handle_t *, unsigned int, const char*,
 
 extern int _pam_smb_approve_pass(pam_handle_t *, unsigned int, const char *,
                                 const char *);
+
+int _pam_get_item(const pam_handle_t *pamh,
+                 int item_type,
+                 const void *_item);
+int _pam_get_data(const pam_handle_t *pamh,
+                 const char *module_data_name,
+                 const void *_data);