oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(verify_krb5): remove krb5_kuserok. use krb5_verify_user_lrealm

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7051 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-09-28 02:35:02 +00:00
parent a5ea5cf66d
commit 9031c3150c
1 changed files with 16 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
lib/auth/afskauthlib/verify.c
View File

@@ -127,17 +127,16 @@ verify_krb5(struct passwd *pwd,
krb5_error_code ret; krb5_error_code ret;
krb5_ccache ccache; krb5_ccache ccache;
krb5_principal principal; krb5_principal principal;
krb5_realm realm;
krb5_init_context(&context); krb5_init_context(&context);
krb5_get_default_realm(context, &realm); ret = krb5_parse_name (context, pwd->pw_name, &principal);
krb5_make_principal(context, &principal, realm, pwd->pw_name, NULL); if (ret) {
syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s",
if(!krb5_kuserok(context, principal, pwd->pw_name)) { krb5_get_err_text(context, ret));
syslog(LOG_AUTH|LOG_DEBUG, "krb5_kuserok failed");
goto out; goto out;
} }
set_krb5ccname(pwd->pw_uid); set_krb5ccname(pwd->pw_uid);
ret = krb5_cc_resolve(context, krb5ccname, &ccache); ret = krb5_cc_resolve(context, krb5ccname, &ccache);
if(ret) { if(ret) {
@@ -146,17 +145,18 @@ verify_krb5(struct passwd *pwd,
goto out; goto out;
} }
ret = krb5_verify_user(context, ret = krb5_verify_user_lrealm(context,
principal, principal,
ccache, ccache,
password, password,
TRUE, TRUE,
NULL); NULL);
if(ret) { if(ret) {
syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s",
krb5_get_err_text(context, ret)); krb5_get_err_text(context, ret));
goto out; goto out;
} }
if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) {
syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", syslog(LOG_AUTH|LOG_DEBUG, "chown: %s",
krb5_get_err_text(context, errno)); krb5_get_err_text(context, errno));
@@ -164,10 +164,10 @@ verify_krb5(struct passwd *pwd,
} }
#ifdef KRB4 #ifdef KRB4
if (krb5_config_get_bool(context, NULL, if (krb5_config_get_bool(context, NULL,
"libdefaults", "libdefaults",
"krb4_get_tickets", "krb4_get_tickets",
NULL)) { NULL)) {
CREDENTIALS c; CREDENTIALS c;
krb5_creds mcred, cred; krb5_creds mcred, cred;
@@ -199,7 +199,6 @@ verify_krb5(struct passwd *pwd,
pwd->pw_uid, pwd->pw_dir); pwd->pw_uid, pwd->pw_dir);
} }
#endif #endif
out: out:
if(ret && !quiet) if(ret && !quiet)
printf ("%s\n", krb5_get_err_text (context, ret)); printf ("%s\n", krb5_get_err_text (context, ret));