summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-04-29 21:11:05 +0200
committerSimo Sorce <ssorce@redhat.com>2009-04-29 18:06:47 -0400
commit0cfd1b96346880cf48d74e8352e959cf67b86c4c (patch)
treef88f6db692671f62a4d65eb6136d50fb1efbdcf2
parentc11be6fe8ed5d72d7b5f9c2ab86a91e7c43d30ac (diff)
downloadsssd-0cfd1b96346880cf48d74e8352e959cf67b86c4c.tar.gz
sssd-0cfd1b96346880cf48d74e8352e959cf67b86c4c.tar.xz
sssd-0cfd1b96346880cf48d74e8352e959cf67b86c4c.zip
reuse authtok which is already in the pam stack
-rw-r--r--sss_client/pam_sss.c24
1 files changed, 22 insertions, 2 deletions
diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c
index d03407c92..b7588cabc 100644
--- a/sss_client/pam_sss.c
+++ b/sss_client/pam_sss.c
@@ -149,8 +149,14 @@ static void print_pam_items(struct pam_items pi)
D(("Tty: %s", *pi.pam_tty!='\0' ? pi.pam_tty : "(not available)"));
D(("Ruser: %s", *pi.pam_ruser!='\0' ? pi.pam_ruser : "(not available)"));
D(("Rhost: %s", *pi.pam_rhost!='\0' ? pi.pam_rhost : "(not available)"));
- D(("Authtok: %s", *pi.pamstack_authtok!='\0' ? pi.pamstack_authtok : "(not available)"));
- D(("Oldauthtok: %s", *pi.pamstack_oldauthtok!='\0' ? pi.pamstack_oldauthtok : "(not available)"));
+ D(("Pamstack_Authtok: %s", *pi.pamstack_authtok!='\0' ? pi.pamstack_authtok : "(not available)"));
+ D(("Pamstack_Oldauthtok: %s", *pi.pamstack_oldauthtok!='\0' ? pi.pamstack_oldauthtok : "(not available)"));
+ if (pi.pam_authtok != NULL) {
+ D(("Authtok: %s", *pi.pam_authtok!='\0' ? pi.pam_authtok : "(not available)"));
+ }
+ if (pi.pam_newauthtok != NULL) {
+ D(("Newauthtok: %s", *pi.pam_newauthtok!='\0' ? pi.pam_newauthtok : "(not available)"));
+ }
}
static int pam_sss(int task, pam_handle_t *pamh, int flags, int argc,
@@ -171,12 +177,15 @@ static int pam_sss(int task, pam_handle_t *pamh, int flags, int argc,
int pam_status;
char *newpwd[2];
int forward_pass = 0;
+ int use_first_pass = 0;
D(("Hello pam_sssd: %d", task));
for (; argc-- > 0; ++argv) {
if (strcmp(*argv, "forward_pass") == 0) {
forward_pass = 1;
+ } else if (strcmp(*argv, "use_first_pass") == 0) {
+ use_first_pass = 1;
} else {
D(("unknown option: %s", *argv));
}
@@ -194,6 +203,16 @@ static int pam_sss(int task, pam_handle_t *pamh, int flags, int argc,
return ret;
}
+ if (use_first_pass != 0 &&
+ (*pi.pamstack_authtok != '\0' || *pi.pamstack_oldauthtok != '\0') &&
+ (task == SSS_PAM_AUTHENTICATE || task == SSS_PAM_CHAUTHTOK)) {
+ pi.pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD;
+ pi.pam_authtok = strdup(pi.pamstack_authtok);
+ pi.pam_authtok_size = strlen(pi.pamstack_authtok);
+ pi.pam_newauthtok_type = SSS_AUTHTOK_TYPE_PASSWORD;
+ pi.pam_newauthtok = strdup(pi.pamstack_oldauthtok);
+ pi.pam_newauthtok_size = strlen(pi.pamstack_oldauthtok);
+ } else {
pi.pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY;
pi.pam_authtok = NULL;
pi.pam_authtok_size = 0;
@@ -297,6 +316,7 @@ static int pam_sss(int task, pam_handle_t *pamh, int flags, int argc,
_pam_overwrite((void *)newpwd[1]);
free(newpwd[1]);
}
+ }
print_pam_items(pi);