pam_krb5.c (233406) | pam_krb5.c (239062) |
---|---|
1/*- 2 * This pam_krb5 module contains code that is: 3 * Copyright (c) Derrick J. Brashear, 1996. All rights reserved. 4 * Copyright (c) Frank Cusack, 1999-2001. All rights reserved. 5 * Copyright (c) Jacques A. Vidrine, 2000-2001. All rights reserved. 6 * Copyright (c) Nicolas Williams, 2001. All rights reserved. 7 * Copyright (c) Perot Systems Corporation, 2001. All rights reserved. 8 * Copyright (c) Mark R V Murray, 2001. All rights reserved. --- 34 unchanged lines hidden (view full) --- 43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 46 * OF THE POSSIBILITY OF SUCH DAMAGE. 47 * 48 */ 49 50#include <sys/cdefs.h> | 1/*- 2 * This pam_krb5 module contains code that is: 3 * Copyright (c) Derrick J. Brashear, 1996. All rights reserved. 4 * Copyright (c) Frank Cusack, 1999-2001. All rights reserved. 5 * Copyright (c) Jacques A. Vidrine, 2000-2001. All rights reserved. 6 * Copyright (c) Nicolas Williams, 2001. All rights reserved. 7 * Copyright (c) Perot Systems Corporation, 2001. All rights reserved. 8 * Copyright (c) Mark R V Murray, 2001. All rights reserved. --- 34 unchanged lines hidden (view full) --- 43 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 44 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 45 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 46 * OF THE POSSIBILITY OF SUCH DAMAGE. 47 * 48 */ 49 50#include <sys/cdefs.h> |
51__FBSDID("$FreeBSD: head/lib/libpam/modules/pam_krb5/pam_krb5.c 233406 2012-03-24 01:02:03Z stas $"); | 51__FBSDID("$FreeBSD: head/lib/libpam/modules/pam_krb5/pam_krb5.c 239062 2012-08-05 13:40:35Z dfr $"); |
52 53#include <sys/types.h> 54#include <sys/stat.h> 55#include <errno.h> 56#include <limits.h> 57#include <pwd.h> 58#include <stdio.h> 59#include <stdlib.h> --- 26 unchanged lines hidden (view full) --- 86#define NEW_PASSWORD_PROMPT "New Password:" 87 88#define PAM_OPT_CCACHE "ccache" 89#define PAM_OPT_DEBUG "debug" 90#define PAM_OPT_FORWARDABLE "forwardable" 91#define PAM_OPT_NO_CCACHE "no_ccache" 92#define PAM_OPT_NO_USER_CHECK "no_user_check" 93#define PAM_OPT_REUSE_CCACHE "reuse_ccache" | 52 53#include <sys/types.h> 54#include <sys/stat.h> 55#include <errno.h> 56#include <limits.h> 57#include <pwd.h> 58#include <stdio.h> 59#include <stdlib.h> --- 26 unchanged lines hidden (view full) --- 86#define NEW_PASSWORD_PROMPT "New Password:" 87 88#define PAM_OPT_CCACHE "ccache" 89#define PAM_OPT_DEBUG "debug" 90#define PAM_OPT_FORWARDABLE "forwardable" 91#define PAM_OPT_NO_CCACHE "no_ccache" 92#define PAM_OPT_NO_USER_CHECK "no_user_check" 93#define PAM_OPT_REUSE_CCACHE "reuse_ccache" |
94#define PAM_OPT_NO_USER_CHECK "no_user_check" |
|
94 95#define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ 96 do { \ 97 const char *krb5msg = krb5_get_error_message(ctx, rv); \ 98 PAM_LOG(fmt ": %s", ##__VA_ARGS__, krb5msg); \ 99 krb5_free_error_message(ctx, krb5msg); \ 100 } while (0) 101 --- 111 unchanged lines hidden (view full) --- 213 214 retval = pam_set_item(pamh, PAM_USER, luser); 215 if (retval != PAM_SUCCESS) 216 goto cleanup2; 217 218 PAM_LOG("PAM_USER Redone"); 219 } 220 | 95 96#define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \ 97 do { \ 98 const char *krb5msg = krb5_get_error_message(ctx, rv); \ 99 PAM_LOG(fmt ": %s", ##__VA_ARGS__, krb5msg); \ 100 krb5_free_error_message(ctx, krb5msg); \ 101 } while (0) 102 --- 111 unchanged lines hidden (view full) --- 214 215 retval = pam_set_item(pamh, PAM_USER, luser); 216 if (retval != PAM_SUCCESS) 217 goto cleanup2; 218 219 PAM_LOG("PAM_USER Redone"); 220 } 221 |
221 pwd = getpwnam(user); 222 if (pwd == NULL) { 223 retval = PAM_USER_UNKNOWN; 224 goto cleanup2; | 222 if (!openpam_get_option(pamh, PAM_OPT_NO_USER_CHECK)) { 223 pwd = getpwnam(user); 224 if (pwd == NULL) { 225 retval = PAM_USER_UNKNOWN; 226 goto cleanup2; 227 } |
225 } 226 227 PAM_LOG("Done getpwnam()"); 228 } 229 230 /* Initialize credentials request options. */ 231 krbret = krb5_get_init_creds_opt_alloc(pam_context, &opts); 232 if (krbret != 0) { --- 781 unchanged lines hidden --- | 228 } 229 230 PAM_LOG("Done getpwnam()"); 231 } 232 233 /* Initialize credentials request options. */ 234 krbret = krb5_get_init_creds_opt_alloc(pam_context, &opts); 235 if (krbret != 0) { --- 781 unchanged lines hidden --- |