diff options
-rw-r--r-- | server/responder/pam/pamsrv_cmd.c | 26 | ||||
-rw-r--r-- | sss_client/pam_sss.c | 4 | ||||
-rw-r--r-- | sss_client/sss_cli.h | 2 |
3 files changed, 28 insertions, 4 deletions
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 62cd2a501..671dc0873 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -167,6 +167,26 @@ static int pam_parse_in_data_v2(struct sss_names_ctx *snctx, } +static int pam_parse_in_data_v3(struct sss_names_ctx *snctx, + struct pam_data *pd, + uint8_t *body, size_t blen) +{ + int ret; + + ret = pam_parse_in_data_v2(snctx, pd, body, blen); + if (ret != EOK) { + DEBUG(1, ("pam_parse_in_data_v2 failed.\n")); + return ret; + } + + if (pd->cli_pid == 0) { + DEBUG(1, ("Missing client PID.\n")); + return EINVAL; + } + + return EOK; +} + static int pam_parse_in_data(struct sss_names_ctx *snctx, struct pam_data *pd, uint8_t *body, size_t blen) @@ -440,6 +460,9 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) case 2: ret = pam_parse_in_data_v2(cctx->rctx->names, pd, body, blen); break; + case 3: + ret = pam_parse_in_data_v3(cctx->rctx->names, pd, body, blen); + break; default: DEBUG(1, ("Illegal protocol version [%d].\n", cctx->cli_protocol_version->version)); @@ -843,8 +866,9 @@ static int pam_cmd_chauthtok(struct cli_ctx *cctx) { struct cli_protocol_version *register_cli_protocol_version(void) { static struct cli_protocol_version pam_cli_protocol_version[] = { - {1, "2008-09-05", "initial version, \\0 terminated strings"}, + {3, "2009-09-14", "make cli_pid mandatory"}, {2, "2009-05-12", "new format <type><size><data>"}, + {1, "2008-09-05", "initial version, \\0 terminated strings"}, {0, NULL, NULL} }; diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c index be22fd353..9a1d44186 100644 --- a/sss_client/pam_sss.c +++ b/sss_client/pam_sss.c @@ -158,7 +158,7 @@ static size_t add_string_item(enum pam_item_type type, const char *str, return rp; } -static int pack_message_v2(struct pam_items *pi, size_t *size, +static int pack_message_v3(struct pam_items *pi, size_t *size, uint8_t **buffer) { int len; uint8_t *buf; @@ -526,7 +526,7 @@ static int send_and_receive(pam_handle_t *pamh, struct pam_items *pi, print_pam_items(pi); - ret = pack_message_v2(pi, &rd.len, &buf); + ret = pack_message_v3(pi, &rd.len, &buf); if (ret != 0) { D(("pack_message failed.")); pam_status = PAM_SYSTEM_ERR; diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h index 2b4e5027e..b036aec31 100644 --- a/sss_client/sss_cli.h +++ b/sss_client/sss_cli.h @@ -21,7 +21,7 @@ typedef int errno_t; #endif #define SSS_NSS_PROTOCOL_VERSION 1 -#define SSS_PAM_PROTOCOL_VERSION 2 +#define SSS_PAM_PROTOCOL_VERSION 3 enum sss_cli_command { /* null */ |