| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: pam_ksu.c,v 1.5 2011/04/25 22:01:04 christos Exp $ */ | | 1 | /* $NetBSD: pam_ksu.c,v 1.6 2011/04/25 22:03:20 christos Exp $ */ |
2 | | | 2 | |
3 | /*- | | 3 | /*- |
4 | * Copyright (c) 2002 Jacques A. Vidrine <nectar@FreeBSD.org> | | 4 | * Copyright (c) 2002 Jacques A. Vidrine <nectar@FreeBSD.org> |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
| @@ -19,27 +19,27 @@ | | | @@ -19,27 +19,27 @@ |
19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | | 19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
20 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 20 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 21 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 22 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 23 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 24 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 25 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
26 | * SUCH DAMAGE. | | 26 | * SUCH DAMAGE. |
27 | */ | | 27 | */ |
28 | #include <sys/cdefs.h> | | 28 | #include <sys/cdefs.h> |
29 | #ifdef __FreeBSD__ | | 29 | #ifdef __FreeBSD__ |
30 | __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ksu/pam_ksu.c,v 1.5 2004/02/10 10:13:21 des Exp $"); | | 30 | __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ksu/pam_ksu.c,v 1.5 2004/02/10 10:13:21 des Exp $"); |
31 | #else | | 31 | #else |
32 | __RCSID("$NetBSD: pam_ksu.c,v 1.5 2011/04/25 22:01:04 christos Exp $"); | | 32 | __RCSID("$NetBSD: pam_ksu.c,v 1.6 2011/04/25 22:03:20 christos Exp $"); |
33 | #endif | | 33 | #endif |
34 | | | 34 | |
35 | #include <sys/param.h> | | 35 | #include <sys/param.h> |
36 | #include <errno.h> | | 36 | #include <errno.h> |
37 | #include <stdio.h> | | 37 | #include <stdio.h> |
38 | #include <stdlib.h> | | 38 | #include <stdlib.h> |
39 | #include <string.h> | | 39 | #include <string.h> |
40 | #include <unistd.h> | | 40 | #include <unistd.h> |
41 | | | 41 | |
42 | #include <krb5/krb5.h> | | 42 | #include <krb5/krb5.h> |
43 | | | 43 | |
44 | #define PAM_SM_AUTH | | 44 | #define PAM_SM_AUTH |
45 | #define PAM_SM_CRED | | 45 | #define PAM_SM_CRED |
| @@ -170,27 +170,27 @@ log_krb5(krb5_context ctx, krb5_error_co | | | @@ -170,27 +170,27 @@ log_krb5(krb5_context ctx, krb5_error_co |
170 | va_list ap; | | 170 | va_list ap; |
171 | | | 171 | |
172 | va_start(ap, fmt); | | 172 | va_start(ap, fmt); |
173 | vsnprintf(b1, sizeof(b1), fmt, ap); | | 173 | vsnprintf(b1, sizeof(b1), fmt, ap); |
174 | va_end(ap); | | 174 | va_end(ap); |
175 | if (ctx) | | 175 | if (ctx) |
176 | errtxt = krb5_get_error_message(ctx, err); | | 176 | errtxt = krb5_get_error_message(ctx, err); |
177 | else | | 177 | else |
178 | errtxt = NULL; | | 178 | errtxt = NULL; |
179 | if (errtxt != NULL) { | | 179 | if (errtxt != NULL) { |
180 | krb5_free_error_message(ctx, errtxt); | | 180 | krb5_free_error_message(ctx, errtxt); |
181 | snprintf(b2, sizeof(b2), "%s (%s)", b1, errtxt); | | 181 | snprintf(b2, sizeof(b2), "%s (%s)", b1, errtxt); |
182 | } else { | | 182 | } else { |
183 | snprintf(b2, sizeof(b1), "%s (unknown %d)", b1, (int)err); | | 183 | snprintf(b2, sizeof(b2), "%s (unknown %d)", b1, (int)err); |
184 | } | | 184 | } |
185 | PAM_LOG(b2); | | 185 | PAM_LOG(b2); |
186 | } | | 186 | } |
187 | | | 187 | |
188 | /* Determine the target principal given the current user and the target user. | | 188 | /* Determine the target principal given the current user and the target user. |
189 | * context -- An initialized krb5_context. | | 189 | * context -- An initialized krb5_context. |
190 | * target_user -- The target username. | | 190 | * target_user -- The target username. |
191 | * current_user -- The current username. | | 191 | * current_user -- The current username. |
192 | * su_principal_name -- (out) The target principal name. | | 192 | * su_principal_name -- (out) The target principal name. |
193 | * su_principal -- (out) The target krb5_principal. | | 193 | * su_principal -- (out) The target krb5_principal. |
194 | * When the target user is `root', the target principal will be a `root | | 194 | * When the target user is `root', the target principal will be a `root |
195 | * instance', e.g. `luser/root@REA.LM'. Otherwise, the target principal | | 195 | * instance', e.g. `luser/root@REA.LM'. Otherwise, the target principal |
196 | * will simply be the current user's default principal name. Note that | | 196 | * will simply be the current user's default principal name. Note that |