New resource destroyTickets with corresponding option -nodestroytickets.
First try local authentication and if it fails press on with kerberos. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1905 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Björn Groenvall
@@ -96,6 +96,7 @@ struct appres_t {
|
|||||||
Boolean accept_root;
|
Boolean accept_root;
|
||||||
char *text, *text_prog, *file, *logoutPasswd;
|
char *text, *text_prog, *file, *logoutPasswd;
|
||||||
Boolean no_screensaver;
|
Boolean no_screensaver;
|
||||||
|
Boolean destroytickets;
|
||||||
} appres;
|
} appres;
|
||||||
|
|
||||||
static XtResource resources[] = {
|
static XtResource resources[] = {
|
||||||
@@ -129,6 +130,9 @@ static XtResource resources[] = {
|
|||||||
|
|
||||||
{ "noScreenSaver", "NoScreenSaver", XtRBoolean, sizeof(Boolean),
|
{ "noScreenSaver", "NoScreenSaver", XtRBoolean, sizeof(Boolean),
|
||||||
XtOffsetOf(struct appres_t,no_screensaver), XtRImmediate, (XtPointer)True },
|
XtOffsetOf(struct appres_t,no_screensaver), XtRImmediate, (XtPointer)True },
|
||||||
|
|
||||||
|
{ "destroyTickets", "DestroyTickets", XtRBoolean, sizeof(Boolean),
|
||||||
|
XtOffsetOf(struct appres_t,destroytickets), XtRImmediate, (XtPointer)True },
|
||||||
};
|
};
|
||||||
|
|
||||||
static XrmOptionDescRec options[] = {
|
static XrmOptionDescRec options[] = {
|
||||||
@@ -141,6 +145,7 @@ static XrmOptionDescRec options[] = {
|
|||||||
{ "-ar", ".acceptRootPasswd", XrmoptionNoArg, "True" },
|
{ "-ar", ".acceptRootPasswd", XrmoptionNoArg, "True" },
|
||||||
{ "-noar", ".acceptRootPasswd", XrmoptionNoArg, "False" },
|
{ "-noar", ".acceptRootPasswd", XrmoptionNoArg, "False" },
|
||||||
{ "-nonoscreensaver", ".noScreenSaver", XrmoptionNoArg, "False" },
|
{ "-nonoscreensaver", ".noScreenSaver", XrmoptionNoArg, "False" },
|
||||||
|
{ "-nodestroytickets", ".destroyTickets", XrmoptionNoArg, "False" },
|
||||||
};
|
};
|
||||||
|
|
||||||
static char*
|
static char*
|
||||||
@@ -187,6 +192,7 @@ usage(void)
|
|||||||
fprintf(stderr, "-nar don't accept root's passwd\n");
|
fprintf(stderr, "-nar don't accept root's passwd\n");
|
||||||
fprintf(stderr, "-f [file] message is read from file or ~/.msgfile\n");
|
fprintf(stderr, "-f [file] message is read from file or ~/.msgfile\n");
|
||||||
fprintf(stderr, "-prog program text is gotten from executing `program'\n");
|
fprintf(stderr, "-prog program text is gotten from executing `program'\n");
|
||||||
|
fprintf(stderr, "-nodestroytickets keep kerberos tickets\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -560,22 +566,7 @@ verify(char *password)
|
|||||||
* continue */
|
* continue */
|
||||||
signal(SIGHUP, SIG_DFL);
|
signal(SIGHUP, SIG_DFL);
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
* Try to verify as user with kerberos.
|
|
||||||
*/
|
|
||||||
|
|
||||||
ret = krb_verify_user(name, inst, realm, password, 0, NULL);
|
|
||||||
|
|
||||||
if(ret == KSUCCESS){
|
|
||||||
if(k_hasafs())
|
|
||||||
k_afsklog(0, 0);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(ret != INTK_BADPW)
|
|
||||||
warnx ("warning: %s",
|
|
||||||
(ret < 0) ? strerror(ret) : krb_get_err_text(ret));
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Try copy of users password.
|
* Try copy of users password.
|
||||||
*/
|
*/
|
||||||
@@ -585,8 +576,22 @@ verify(char *password)
|
|||||||
/*
|
/*
|
||||||
* Try to verify as user in case password change.
|
* Try to verify as user in case password change.
|
||||||
*/
|
*/
|
||||||
if(unix_verify_user(name, password) == 0)
|
if (unix_verify_user(name, password) == 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Try to verify as user with kerberos.
|
||||||
|
*/
|
||||||
|
ret = krb_verify_user(name, inst, realm, password, 0, NULL);
|
||||||
|
if (ret == KSUCCESS){
|
||||||
|
if (k_hasafs())
|
||||||
|
k_afsklog(0, 0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (ret != INTK_BADPW)
|
||||||
|
warnx ("warning: %s",
|
||||||
|
(ret < 0) ? strerror(ret) : krb_get_err_text(ret));
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -887,7 +892,6 @@ main (int argc, char **argv)
|
|||||||
locked_at = time(0);
|
locked_at = time(0);
|
||||||
|
|
||||||
krb_get_default_principal(name, inst, realm);
|
krb_get_default_principal(name, inst, realm);
|
||||||
|
|
||||||
|
|
||||||
override = XtVaAppInitialize(&app, "XNlock", options, XtNumber(options),
|
override = XtVaAppInitialize(&app, "XNlock", options, XtNumber(options),
|
||||||
(Cardinal*)&argc, argv, NULL,
|
(Cardinal*)&argc, argv, NULL,
|
||||||
@@ -901,6 +905,11 @@ main (int argc, char **argv)
|
|||||||
Black = appres.bg;
|
Black = appres.bg;
|
||||||
White = appres.fg;
|
White = appres.fg;
|
||||||
|
|
||||||
|
if (appres.destroytickets) {
|
||||||
|
dest_tkt(); /* Nuke old ticket file */
|
||||||
|
creat(TKT_FILE, 0600); /* but keep a place holder */
|
||||||
|
}
|
||||||
|
|
||||||
dpy = XtDisplay(override);
|
dpy = XtDisplay(override);
|
||||||
|
|
||||||
if (dpy == 0)
|
if (dpy == 0)
|
||||||
|
|||||||
Reference in New Issue
Block a user