static-size
(krb4_verify): add git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5632 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
@@ -40,8 +40,12 @@
|
|||||||
|
|
||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
char **env;
|
/*
|
||||||
int num_env;
|
* the environment we will sent to execle and the shell.
|
||||||
|
*/
|
||||||
|
|
||||||
|
static char **env;
|
||||||
|
static int num_env;
|
||||||
|
|
||||||
static void
|
static void
|
||||||
extend_env(char *str)
|
extend_env(char *str)
|
||||||
@@ -101,12 +105,12 @@ exec_shell(const char *shell, int fallback)
|
|||||||
err(1, "%s", shell);
|
err(1, "%s", shell);
|
||||||
}
|
}
|
||||||
|
|
||||||
int f_flag;
|
static int f_flag;
|
||||||
int p_flag;
|
static int p_flag;
|
||||||
int r_flag;
|
static int r_flag;
|
||||||
int version_flag;
|
static int version_flag;
|
||||||
int help_flag;
|
static int help_flag;
|
||||||
char *remote_host;
|
static char *remote_host;
|
||||||
|
|
||||||
struct getargs args[] = {
|
struct getargs args[] = {
|
||||||
#if 0
|
#if 0
|
||||||
@@ -244,8 +248,56 @@ krb5_verify(struct passwd *pwd, const char *password)
|
|||||||
krb5_free_context(context);
|
krb5_free_context(context);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
#endif /* KRB5 */
|
||||||
|
|
||||||
|
#ifdef KRB4
|
||||||
|
|
||||||
|
/*
|
||||||
|
* It's ugly duplicating these here but we would like it to build with
|
||||||
|
* old krb4 code.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef KRB_VERIFY_SECURE_FAIL
|
||||||
|
|
||||||
|
/* flags for krb_verify_user() */
|
||||||
|
#define KRB_VERIFY_NOT_SECURE 0
|
||||||
|
#define KRB_VERIFY_SECURE 1
|
||||||
|
#define KRB_VERIFY_SECURE_FAIL 2
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static int
|
||||||
|
krb4_verify(struct passwd *pwd, const char *password)
|
||||||
|
{
|
||||||
|
char lrealm[REALM_SZ];
|
||||||
|
int ret;
|
||||||
|
char ticket_file[MaxPathLen];
|
||||||
|
|
||||||
|
ret = krb_get_lrealm (lrealm, 1);
|
||||||
|
if (ret)
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
snprintf (ticket_file, sizeof(ticket_file),
|
||||||
|
"%s%u_%u",
|
||||||
|
TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid());
|
||||||
|
|
||||||
|
krb_set_tkt_string (ticket_file);
|
||||||
|
|
||||||
|
ret = krb_verify_user (pwd->pw_name, "", lrealm, (char *)password,
|
||||||
|
KRB_VERIFY_SECURE_FAIL, NULL);
|
||||||
|
if (ret)
|
||||||
|
return 1;
|
||||||
|
|
||||||
|
if (chown (ticket_file, pwd->pw_uid, pwd->pw_gid) < 0) {
|
||||||
|
dest_tkt();
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
add_env ("KRBTKFILE", ticket_file);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
#endif /* KRB4 */
|
||||||
|
|
||||||
static int
|
static int
|
||||||
check_password(struct passwd *pwd, const char *password)
|
check_password(struct passwd *pwd, const char *password)
|
||||||
{
|
{
|
||||||
@@ -265,6 +317,8 @@ check_password(struct passwd *pwd, const char *password)
|
|||||||
return 0;
|
return 0;
|
||||||
#endif
|
#endif
|
||||||
#ifdef KRB4
|
#ifdef KRB4
|
||||||
|
if (krb4_verify (pwd, password) == 0)
|
||||||
|
return 0;
|
||||||
#endif
|
#endif
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user