summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--server/responder/pam/pamsrv_cmd.c26
-rw-r--r--sss_client/pam_sss.c4
-rw-r--r--sss_client/sss_cli.h2
3 files changed, 28 insertions, 4 deletions
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index 62cd2a501..671dc0873 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -167,6 +167,26 @@ static int pam_parse_in_data_v2(struct sss_names_ctx *snctx,
}
+static int pam_parse_in_data_v3(struct sss_names_ctx *snctx,
+ struct pam_data *pd,
+ uint8_t *body, size_t blen)
+{
+ int ret;
+
+ ret = pam_parse_in_data_v2(snctx, pd, body, blen);
+ if (ret != EOK) {
+ DEBUG(1, ("pam_parse_in_data_v2 failed.\n"));
+ return ret;
+ }
+
+ if (pd->cli_pid == 0) {
+ DEBUG(1, ("Missing client PID.\n"));
+ return EINVAL;
+ }
+
+ return EOK;
+}
+
static int pam_parse_in_data(struct sss_names_ctx *snctx,
struct pam_data *pd,
uint8_t *body, size_t blen)
@@ -440,6 +460,9 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
case 2:
ret = pam_parse_in_data_v2(cctx->rctx->names, pd, body, blen);
break;
+ case 3:
+ ret = pam_parse_in_data_v3(cctx->rctx->names, pd, body, blen);
+ break;
default:
DEBUG(1, ("Illegal protocol version [%d].\n",
cctx->cli_protocol_version->version));
@@ -843,8 +866,9 @@ static int pam_cmd_chauthtok(struct cli_ctx *cctx) {
struct cli_protocol_version *register_cli_protocol_version(void)
{
static struct cli_protocol_version pam_cli_protocol_version[] = {
- {1, "2008-09-05", "initial version, \\0 terminated strings"},
+ {3, "2009-09-14", "make cli_pid mandatory"},
{2, "2009-05-12", "new format <type><size><data>"},
+ {1, "2008-09-05", "initial version, \\0 terminated strings"},
{0, NULL, NULL}
};
diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c
index be22fd353..9a1d44186 100644
--- a/sss_client/pam_sss.c
+++ b/sss_client/pam_sss.c
@@ -158,7 +158,7 @@ static size_t add_string_item(enum pam_item_type type, const char *str,
return rp;
}
-static int pack_message_v2(struct pam_items *pi, size_t *size,
+static int pack_message_v3(struct pam_items *pi, size_t *size,
uint8_t **buffer) {
int len;
uint8_t *buf;
@@ -526,7 +526,7 @@ static int send_and_receive(pam_handle_t *pamh, struct pam_items *pi,
print_pam_items(pi);
- ret = pack_message_v2(pi, &rd.len, &buf);
+ ret = pack_message_v3(pi, &rd.len, &buf);
if (ret != 0) {
D(("pack_message failed."));
pam_status = PAM_SYSTEM_ERR;
diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h
index 2b4e5027e..b036aec31 100644
--- a/sss_client/sss_cli.h
+++ b/sss_client/sss_cli.h
@@ -21,7 +21,7 @@ typedef int errno_t;
#endif
#define SSS_NSS_PROTOCOL_VERSION 1
-#define SSS_PAM_PROTOCOL_VERSION 2
+#define SSS_PAM_PROTOCOL_VERSION 3
enum sss_cli_command {
/* null */