diff options
author | Sumit Bose <sbose@redhat.com> | 2010-01-07 10:26:50 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-01-20 08:55:59 -0500 |
commit | 6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29 (patch) | |
tree | aff7df3dfbe8ba78134c298395c96fac16cfb011 /server/responder/pam/pam_LOCAL_domain.c | |
parent | 30dcfad596af29830cd45adaebeb174a24151a34 (diff) | |
download | sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.tar.gz sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.tar.xz sssd-6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29.zip |
Add sysdb request to authenticate against a cached password
The code for authentication against a cached password is moved from the
pam responder to a generic sysdb tevent request. The new code can be
used by other components of sssd to verify passwords on their own.
Tests for the sysdb_cache_password and sysdb_cache_auth request are
added and some unneeded or unused code and variables are removed.
Diffstat (limited to 'server/responder/pam/pam_LOCAL_domain.c')
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.c | 31 |
1 files changed, 8 insertions, 23 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c index b98459d..9d3738c 100644 --- a/server/responder/pam/pam_LOCAL_domain.c +++ b/server/responder/pam/pam_LOCAL_domain.c @@ -58,23 +58,6 @@ struct LOCAL_request { struct pam_auth_req *preq; }; -static int authtok2str(const void *mem_ctx, uint8_t *src, const int src_size, char **dest) -{ - if ((src == NULL && src_size != 0) || - (src != NULL && *src != '\0' && src_size == 0)) { - return EINVAL; - } - - *dest = talloc_size(mem_ctx, src_size + 1); - if (*dest == NULL) { - return ENOMEM; - } - memcpy(*dest, src, src_size); - (*dest)[src_size]='\0'; - - return EOK; -} - static void prepare_reply(struct LOCAL_request *lreq) { struct pam_data *pd; @@ -273,9 +256,10 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) pd = lreq->preq->pd; - ret = authtok2str(lreq, pd->newauthtok, pd->newauthtok_size, &newauthtok); - NEQ_CHECK_OR_JUMP(ret, EOK, ("authtok2str failed.\n"), - lreq->error, ret, done); + newauthtok = talloc_strndup(lreq, (char *) pd->newauthtok, + pd->newauthtok_size); + NULL_CHECK_OR_JUMP(newauthtok, ("talloc_strndup failed.\n"), lreq->error, + ENOMEM, done); memset(pd->newauthtok, 0, pd->newauthtok_size); if (strlen(newauthtok) == 0) { @@ -375,9 +359,10 @@ static void local_handler_callback(void *pvt, int ldb_status, DEBUG(4, ("allowing root to reset a password.\n")); break; } - ret = authtok2str(lreq, pd->authtok, pd->authtok_size, &authtok); - NEQ_CHECK_OR_JUMP(ret, EOK, ("authtok2str failed.\n"), - lreq->error, ret, done); + authtok = talloc_strndup(lreq, (char *) pd->authtok, + pd->authtok_size); + NULL_CHECK_OR_JUMP(authtok, ("talloc_strndup failed.\n"), + lreq->error, ENOMEM, done); memset(pd->authtok, 0, pd->authtok_size); password = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL); |