<sopwith@redhat.com> (see copyright below for full details)
*/
-#include "pam_winbind.h"
-#define CONST_DISCARD(type,ptr) ((type)(void *)ptr)
+#define UID_WRAPPER_NOT_REPLACE
+#include "pam_winbind.h"
static int wbc_error_to_pam_error(wbcErr status)
{
static inline void textdomain_init(void)
{
if (!initialized) {
- bindtextdomain(MODULE_NAME, dyn_LOCALEDIR);
+ bindtextdomain(MODULE_NAME, LOCALEDIR);
initialized = 1;
}
return;
config_file = PAM_WINBIND_CONFIG_FILE;
}
- d = iniparser_load(CONST_DISCARD(char *, config_file));
+ d = iniparser_load(discard_const_p(char, config_file));
if (d == NULL) {
goto config_from_pam;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:debug"), false)) {
ctrl |= WINBIND_DEBUG_ARG;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug_state"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:debug_state"), false)) {
ctrl |= WINBIND_DEBUG_STATE;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:cached_login"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:cached_login"), false)) {
ctrl |= WINBIND_CACHED_LOGIN;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:krb5_auth"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:krb5_auth"), false)) {
ctrl |= WINBIND_KRB5_AUTH;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:silent"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:silent"), false)) {
ctrl |= WINBIND_SILENT;
}
- if (iniparser_getstr(d, CONST_DISCARD(char *, "global:krb5_ccache_type")) != NULL) {
+ if (iniparser_getstring(d, discard_const_p(char, "global:krb5_ccache_type"), NULL) != NULL) {
ctrl |= WINBIND_KRB5_CCACHE_TYPE;
}
- if ((iniparser_getstr(d, CONST_DISCARD(char *, "global:require-membership-of"))
+ if ((iniparser_getstring(d, discard_const_p(char, "global:require-membership-of"), NULL)
!= NULL) ||
- (iniparser_getstr(d, CONST_DISCARD(char *, "global:require_membership_of"))
+ (iniparser_getstring(d, discard_const_p(char, "global:require_membership_of"), NULL)
!= NULL)) {
ctrl |= WINBIND_REQUIRED_MEMBERSHIP;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:try_first_pass"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:try_first_pass"), false)) {
ctrl |= WINBIND_TRY_FIRST_PASS_ARG;
}
- if (iniparser_getint(d, CONST_DISCARD(char *, "global:warn_pwd_expire"), 0)) {
+ if (iniparser_getint(d, discard_const_p(char, "global:warn_pwd_expire"), 0)) {
ctrl |= WINBIND_WARN_PWD_EXPIRE;
}
- if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:mkhomedir"), false)) {
+ if (iniparser_getboolean(d, discard_const_p(char, "global:mkhomedir"), false)) {
ctrl |= WINBIND_MKHOMEDIR;
}
textdomain_init();
#endif
- r = TALLOC_ZERO_P(NULL, struct pwb_context);
+ r = talloc_zero(NULL, struct pwb_context);
if (!r) {
return PAM_BUF_ERR;
}
{
struct pam_message msg, *pmsg;
struct pam_response *resp = NULL;
- const char *prompt;
int ret;
bool retval = false;
- prompt = _("Do you want to change your password now?");
pmsg = &msg;
msg.msg_style = PAM_RADIO_TYPE;
- msg.msg = prompt;
+ msg.msg = _("Do you want to change your password now?");
ret = converse(ctx->pamh, 1, &pmsg, &resp);
if (resp == NULL) {
if (ret == PAM_SUCCESS) {
}
_pam_log(ctx, LOG_CRIT, "Received [%s] reply from application.\n", resp->resp);
- if (strcasecmp(resp->resp, "yes") == 0) {
+ if ((resp->resp != NULL) && (strcasecmp(resp->resp, "yes") == 0)) {
retval = true;
}
char *sid_list_buffer,
int sid_list_buffer_size)
{
- const char* sid_string = NULL;
- char *sid_str = NULL;
+ char sid_string[WBC_SID_STRING_BUFLEN];
/* lookup name? */
if (IS_SID_STRING(name)) {
- sid_string = name;
+ strlcpy(sid_string, name, sizeof(sid_string));
} else {
wbcErr wbc_status;
struct wbcDomainSid sid;
return false;
}
- wbc_status = wbcSidToString(&sid, &sid_str);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- return false;
- }
-
- sid_string = sid_str;
+ wbcSidToStringBuf(&sid, sid_string, sizeof(sid_string));
}
if (!safe_append_string(sid_list_buffer, sid_string,
sid_list_buffer_size)) {
- wbcFreeMemory(sid_str);
return false;
}
-
- wbcFreeMemory(sid_str);
return true;
}
* It is malformated parameter here, overwrite the last ','.
*/
len = strlen(sid_list_buffer);
- if (len) {
- if (sid_list_buffer[len - 1] == ',') {
- sid_list_buffer[len - 1] = '\0';
- }
+ if ((len != 0) && (sid_list_buffer[len - 1] == ',')) {
+ sid_list_buffer[len - 1] = '\0';
}
}
static void _pam_setup_krb5_env(struct pwb_context *ctx,
struct wbcLogonUserInfo *info)
{
- char var[PATH_MAX];
+ char *var = NULL;
int ret;
uint32_t i;
const char *krb5ccname = NULL;
_pam_log_debug(ctx, LOG_DEBUG,
"request returned KRB5CCNAME: %s", krb5ccname);
- if (snprintf(var, sizeof(var), "KRB5CCNAME=%s", krb5ccname) == -1) {
+ if (asprintf(&var, "KRB5CCNAME=%s", krb5ccname) == -1) {
return;
}
"failed to set KRB5CCNAME to %s: %s",
var, pam_strerror(ctx->pamh, ret));
}
+ free(var);
}
/**
static bool _pam_check_remark_auth_err(struct pwb_context *ctx,
const struct wbcAuthErrorInfo *e,
const char *nt_status_string,
- int *pam_error)
+ int *pam_err)
{
const char *ntstatus = NULL;
const char *error_string = NULL;
- if (!e || !pam_error) {
+ if (!e || !pam_err) {
return false;
}
error_string = _get_ntstatus_error_string(nt_status_string);
if (error_string) {
_make_remark(ctx, PAM_ERROR_MSG, error_string);
- *pam_error = e->pam_error;
+ *pam_err = e->pam_error;
return true;
}
if (e->display_string) {
- _make_remark(ctx, PAM_ERROR_MSG, e->display_string);
- *pam_error = e->pam_error;
+ _make_remark(ctx, PAM_ERROR_MSG, _(e->display_string));
+ *pam_err = e->pam_error;
return true;
}
_make_remark(ctx, PAM_ERROR_MSG, nt_status_string);
- *pam_error = e->pam_error;
+ *pam_err = e->pam_error;
return true;
}
&logon.blobs,
"krb5_cc_type",
0,
- (uint8_t *)cctype,
+ discard_const_p(uint8_t, cctype),
strlen(cctype)+1);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto done;
}
done:
- if (logon.blobs) {
- wbcFreeMemory(logon.blobs);
- }
+ wbcFreeMemory(logon.blobs);
if (info && info->blobs && !p_info) {
wbcFreeMemory(info->blobs);
}
}
params.account_name = user;
- params.level = WBC_AUTH_USER_LEVEL_PLAIN;
+ params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN;
params.old_password.plaintext = oldpass;
params.new_password.plaintext = newpass;
params.flags = flags;
switch (wbc_status) {
case WBC_ERR_UNKNOWN_USER:
+ /* match other insane libwbclient return codes */
+ case WBC_ERR_WINBIND_NOT_AVAILABLE:
+ case WBC_ERR_DOMAIN_NOT_FOUND:
return 1;
case WBC_ERR_SUCCESS:
return 0;
goto out;
}
- parm_opt = iniparser_getstr(ctx->dict, key);
+ parm_opt = iniparser_getstring(ctx->dict, key, NULL);
TALLOC_FREE(key);
_pam_log_debug(ctx, LOG_INFO, "CONFIG file: %s '%s'\n",
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainSid sid;
enum wbcSidType type;
- char *domain;
+ char *domain = NULL;
char *name;
char *p;
&logoff.blobs,
"ccfilename",
0,
- (uint8_t *)ccname,
+ discard_const_p(uint8_t, ccname),
strlen(ccname)+1);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto out;
_pam_free_data_info3(pamh);
}
- _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval);
-
- TALLOC_FREE(ctx);
+ if (ctx != NULL) {
+ _PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", ctx, retval);
+ TALLOC_FREE(ctx);
+ }
return retval;
}
git.samba.org / kai / samba.git / blobdiff