From 6e52969c0dc8ac0dfb81e800bd2ef5228b8fea29 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Thu, 7 Jan 2010 10:26:50 +0100
Subject: Add sysdb request to authenticate against a cached password

The code for authentication against a cached password is moved from the
pam responder to a generic sysdb tevent request. The new code can be
used by other components of sssd to verify passwords on their own.

Tests for the sysdb_cache_password and sysdb_cache_auth request are
added and some unneeded or unused code and variables are removed.
---
 server/responder/pam/pam_LOCAL_domain.c | 31 ++++++++-----------------------
 1 file changed, 8 insertions(+), 23 deletions(-)

(limited to 'server/responder/pam/pam_LOCAL_domain.c')

diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c
index b98459d69..9d3738c53 100644
--- a/server/responder/pam/pam_LOCAL_domain.c
+++ b/server/responder/pam/pam_LOCAL_domain.c
@@ -58,23 +58,6 @@ struct LOCAL_request {
     struct pam_auth_req *preq;
 };
 
-static int authtok2str(const void *mem_ctx, uint8_t *src, const int src_size, char **dest)
-{
-    if ((src == NULL && src_size != 0) ||
-        (src != NULL && *src != '\0' && src_size == 0)) {
-        return EINVAL;
-    }
-
-    *dest = talloc_size(mem_ctx, src_size + 1);
-    if (*dest == NULL) {
-        return ENOMEM;
-    }
-    memcpy(*dest, src, src_size);
-    (*dest)[src_size]='\0';
-
-    return EOK;
-}
-
 static void prepare_reply(struct LOCAL_request *lreq)
 {
     struct pam_data *pd;
@@ -273,9 +256,10 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq)
 
     pd = lreq->preq->pd;
 
-    ret = authtok2str(lreq, pd->newauthtok, pd->newauthtok_size, &newauthtok);
-    NEQ_CHECK_OR_JUMP(ret, EOK, ("authtok2str failed.\n"),
-                      lreq->error, ret, done);
+    newauthtok = talloc_strndup(lreq, (char *) pd->newauthtok,
+                                pd->newauthtok_size);
+    NULL_CHECK_OR_JUMP(newauthtok, ("talloc_strndup failed.\n"), lreq->error,
+                       ENOMEM, done);
     memset(pd->newauthtok, 0, pd->newauthtok_size);
 
     if (strlen(newauthtok) == 0) {
@@ -375,9 +359,10 @@ static void local_handler_callback(void *pvt, int ldb_status,
                 DEBUG(4, ("allowing root to reset a password.\n"));
                 break;
             }
-            ret = authtok2str(lreq, pd->authtok, pd->authtok_size, &authtok);
-            NEQ_CHECK_OR_JUMP(ret, EOK, ("authtok2str failed.\n"),
-                              lreq->error, ret, done);
+            authtok = talloc_strndup(lreq, (char *) pd->authtok,
+                                     pd->authtok_size);
+            NULL_CHECK_OR_JUMP(authtok, ("talloc_strndup failed.\n"),
+                               lreq->error, ENOMEM, done);
             memset(pd->authtok, 0, pd->authtok_size);
 
             password = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL);
-- 
cgit