diff options
author | Simo Sorce <simo@redhat.com> | 2012-10-18 18:43:56 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-01-10 12:24:59 -0500 |
commit | 64af76e2bef2565caa9738f675c108a4b3789237 (patch) | |
tree | fa24e7f17f07136494a4c515c63b8795be7130e4 /src/providers/dp_auth_util.c | |
parent | 918b2a5a91f1c551d48f4bffed2a28c36fdb4be1 (diff) | |
download | sssd-64af76e2bef2565caa9738f675c108a4b3789237.tar.gz sssd-64af76e2bef2565caa9738f675c108a4b3789237.tar.xz sssd-64af76e2bef2565caa9738f675c108a4b3789237.zip |
Change pam data auth tokens.
Use the new authtok abstraction and interfaces throught the code.
Diffstat (limited to 'src/providers/dp_auth_util.c')
-rw-r--r-- | src/providers/dp_auth_util.c | 76 |
1 files changed, 48 insertions, 28 deletions
diff --git a/src/providers/dp_auth_util.c b/src/providers/dp_auth_util.c index 9a67564b7..54f0ee8ed 100644 --- a/src/providers/dp_auth_util.c +++ b/src/providers/dp_auth_util.c @@ -24,30 +24,43 @@ bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd) { dbus_bool_t db_ret; + const char *service; + const char *tty; + const char *ruser; + const char *rhost; + uint32_t authtok_type; + uint32_t authtok_length; + uint8_t *authtok_data; + uint32_t new_authtok_type; + uint32_t new_authtok_length; + uint8_t *new_authtok_data; if (pd->user == NULL) return false; - if (pd->service == NULL) pd->service = talloc_strdup(pd, ""); - if (pd->tty == NULL) pd->tty = talloc_strdup(pd, ""); - if (pd->ruser == NULL) pd->ruser = talloc_strdup(pd, ""); - if (pd->rhost == NULL) pd->rhost = talloc_strdup(pd, ""); - + service = pd->service ? pd->service : ""; + tty = pd->tty ? pd->tty : ""; + ruser = pd->ruser ? pd->ruser : ""; + rhost = pd->rhost ? pd->rhost : ""; + authtok_type = (uint32_t)sss_authtok_get_type(&pd->authtok); + authtok_data = sss_authtok_get_data(&pd->authtok); + authtok_length = sss_authtok_get_size(&pd->authtok); + new_authtok_type = (uint32_t)sss_authtok_get_type(&pd->newauthtok); + new_authtok_data = sss_authtok_get_data(&pd->newauthtok); + new_authtok_length = sss_authtok_get_size(&pd->newauthtok); db_ret = dbus_message_append_args(msg, DBUS_TYPE_INT32, &(pd->cmd), DBUS_TYPE_STRING, &(pd->user), DBUS_TYPE_STRING, &(pd->domain), - DBUS_TYPE_STRING, &(pd->service), - DBUS_TYPE_STRING, &(pd->tty), - DBUS_TYPE_STRING, &(pd->ruser), - DBUS_TYPE_STRING, &(pd->rhost), - DBUS_TYPE_UINT32, &(pd->authtok_type), + DBUS_TYPE_STRING, &service, + DBUS_TYPE_STRING, &tty, + DBUS_TYPE_STRING, &ruser, + DBUS_TYPE_STRING, &rhost, + DBUS_TYPE_UINT32, &authtok_type, DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->authtok), - (pd->authtok_size), - DBUS_TYPE_UINT32, &(pd->newauthtok_type), + &authtok_data, authtok_length, + DBUS_TYPE_UINT32, &new_authtok_type, DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->newauthtok), - pd->newauthtok_size, + &new_authtok_data, new_authtok_length, DBUS_TYPE_INT32, &(pd->priv), DBUS_TYPE_UINT32, &(pd->cli_pid), DBUS_TYPE_INVALID); @@ -61,6 +74,12 @@ bool dp_unpack_pam_request(DBusMessage *msg, TALLOC_CTX *mem_ctx, dbus_bool_t db_ret; int ret; struct pam_data pd; + uint32_t authtok_type; + uint32_t authtok_length; + uint8_t *authtok_data; + uint32_t new_authtok_type; + uint32_t new_authtok_length; + uint8_t *new_authtok_data; memset(&pd, 0, sizeof(pd)); @@ -72,14 +91,12 @@ bool dp_unpack_pam_request(DBusMessage *msg, TALLOC_CTX *mem_ctx, DBUS_TYPE_STRING, &(pd.tty), DBUS_TYPE_STRING, &(pd.ruser), DBUS_TYPE_STRING, &(pd.rhost), - DBUS_TYPE_UINT32, &(pd.authtok_type), + DBUS_TYPE_UINT32, &authtok_type, DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd.authtok), - &(pd.authtok_size), - DBUS_TYPE_UINT32, &(pd.newauthtok_type), + &authtok_data, &authtok_length, + DBUS_TYPE_UINT32, &new_authtok_type, DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd.newauthtok), - &(pd.newauthtok_size), + &new_authtok_data, &new_authtok_length, DBUS_TYPE_INT32, &(pd.priv), DBUS_TYPE_UINT32, &(pd.cli_pid), DBUS_TYPE_INVALID); @@ -95,14 +112,17 @@ bool dp_unpack_pam_request(DBusMessage *msg, TALLOC_CTX *mem_ctx, return false; } - if (pd.authtok_size != 0 && pd.authtok != NULL) { - memset(pd.authtok, 0, pd.authtok_size); - pd.authtok_size = 0; + ret = sss_authtok_set(*new_pd, &((*new_pd)->authtok), authtok_type, + authtok_data, authtok_length); + if (ret) { + DEBUG(1, ("Failed to set auth token: %d [%s]\n", ret, strerror(ret))); + return false; } - - if (pd.newauthtok_size != 0 && pd.newauthtok != NULL) { - memset(pd.newauthtok, 0, pd.newauthtok_size); - pd.newauthtok_size = 0; + ret = sss_authtok_set(*new_pd, &((*new_pd)->newauthtok), new_authtok_type, + new_authtok_data, new_authtok_length); + if (ret) { + DEBUG(1, ("Failed to set auth token: %d [%s]\n", ret, strerror(ret))); + return false; } return true; |