Prefix authentication functions with a "sudo_" prefix to avoid
namespace problems.
This commit is contained in:
Todd C. Miller
@@ -50,11 +50,11 @@
|
|||||||
#include "sudo_auth.h"
|
#include "sudo_auth.h"
|
||||||
|
|
||||||
int
|
int
|
||||||
afs_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_afs_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
struct ktc_encryptionKey afs_key;
|
struct ktc_encryptionKey afs_key;
|
||||||
struct ktc_token afs_token;
|
struct ktc_token afs_token;
|
||||||
debug_decl(afs_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_afs_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Try to just check the password */
|
/* Try to just check the password */
|
||||||
ka_StringToKey(pass, NULL, &afs_key);
|
ka_StringToKey(pass, NULL, &afs_key);
|
||||||
|
|||||||
@@ -51,12 +51,12 @@
|
|||||||
* http://publib16.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/basetrf1/authenticate.htm
|
* http://publib16.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/basetrf1/authenticate.htm
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
aixauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
sudo_aix_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
char *pass, *message = NULL;
|
char *pass, *message = NULL;
|
||||||
int result = 1, reenter = 0;
|
int result = 1, reenter = 0;
|
||||||
int rval = AUTH_SUCCESS;
|
int rval = AUTH_SUCCESS;
|
||||||
debug_decl(aixauth_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_aix_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
do {
|
do {
|
||||||
pass = auth_getpass(prompt, def_passwd_timeout * 60,
|
pass = auth_getpass(prompt, def_passwd_timeout * 60,
|
||||||
@@ -89,9 +89,9 @@ aixauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
aixauth_cleanup(struct passwd *pw, sudo_auth *auth)
|
sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
debug_decl(aixauth_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_aix_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Unset AUTHSTATE as it may not be correct for the runas user. */
|
/* Unset AUTHSTATE as it may not be correct for the runas user. */
|
||||||
unsetenv("AUTHSTATE");
|
unsetenv("AUTHSTATE");
|
||||||
|
|||||||
@@ -67,7 +67,7 @@
|
|||||||
static int check_dce_status(error_status_t, char *);
|
static int check_dce_status(error_status_t, char *);
|
||||||
|
|
||||||
int
|
int
|
||||||
dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
|
sudo_dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
struct passwd temp_pw;
|
struct passwd temp_pw;
|
||||||
sec_passwd_rec_t password_rec;
|
sec_passwd_rec_t password_rec;
|
||||||
@@ -75,7 +75,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
|
|||||||
boolean32 reset_passwd;
|
boolean32 reset_passwd;
|
||||||
sec_login_auth_src_t auth_src;
|
sec_login_auth_src_t auth_src;
|
||||||
error_status_t status;
|
error_status_t status;
|
||||||
debug_decl(dce_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Create the local context of the DCE principal necessary
|
* Create the local context of the DCE principal necessary
|
||||||
|
|||||||
@@ -50,11 +50,11 @@
|
|||||||
#include "sudo_auth.h"
|
#include "sudo_auth.h"
|
||||||
|
|
||||||
int
|
int
|
||||||
fwtk_init(struct passwd *pw, sudo_auth *auth)
|
sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
static Cfg *confp; /* Configuration entry struct */
|
static Cfg *confp; /* Configuration entry struct */
|
||||||
char resp[128]; /* Response from the server */
|
char resp[128]; /* Response from the server */
|
||||||
debug_decl(fwtk_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
|
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
|
||||||
warningx(_("unable to read fwtk config"));
|
warningx(_("unable to read fwtk config"));
|
||||||
@@ -80,13 +80,13 @@ fwtk_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
char *pass; /* Password from the user */
|
char *pass; /* Password from the user */
|
||||||
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
||||||
char resp[128]; /* Response from the server */
|
char resp[128]; /* Response from the server */
|
||||||
int error;
|
int error;
|
||||||
debug_decl(fwtk_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Send username to authentication server. */
|
/* Send username to authentication server. */
|
||||||
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
|
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
|
||||||
@@ -146,9 +146,9 @@ done:
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
|
sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
debug_decl(fwtk_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
auth_close();
|
auth_close();
|
||||||
debug_return_int(AUTH_SUCCESS);
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|||||||
@@ -88,10 +88,10 @@ krb5_get_init_creds_opt_free(krb5_get_init_creds_opt *opts)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
int
|
int
|
||||||
kerb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
sudo_krb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
static char *krb5_prompt;
|
static char *krb5_prompt;
|
||||||
debug_decl(kerb5_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (krb5_prompt == NULL) {
|
if (krb5_prompt == NULL) {
|
||||||
krb5_context sudo_context;
|
krb5_context sudo_context;
|
||||||
@@ -125,14 +125,14 @@ kerb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
kerb5_init(struct passwd *pw, sudo_auth *auth)
|
sudo_krb5_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
krb5_context sudo_context;
|
krb5_context sudo_context;
|
||||||
krb5_ccache ccache;
|
krb5_ccache ccache;
|
||||||
krb5_principal princ;
|
krb5_principal princ;
|
||||||
krb5_error_code error;
|
krb5_error_code error;
|
||||||
char cache_name[64];
|
char cache_name[64];
|
||||||
debug_decl(kerb5_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
|
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
|
||||||
|
|
||||||
@@ -170,13 +170,13 @@ kerb5_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
|
|
||||||
#ifdef HAVE_KRB5_VERIFY_USER
|
#ifdef HAVE_KRB5_VERIFY_USER
|
||||||
int
|
int
|
||||||
kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
krb5_context sudo_context;
|
krb5_context sudo_context;
|
||||||
krb5_principal princ;
|
krb5_principal princ;
|
||||||
krb5_ccache ccache;
|
krb5_ccache ccache;
|
||||||
krb5_error_code error;
|
krb5_error_code error;
|
||||||
debug_decl(kerb5_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
||||||
princ = ((sudo_krb5_datap) auth->data)->princ;
|
princ = ((sudo_krb5_datap) auth->data)->princ;
|
||||||
@@ -187,7 +187,7 @@ kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
int
|
int
|
||||||
kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
krb5_context sudo_context;
|
krb5_context sudo_context;
|
||||||
krb5_principal princ;
|
krb5_principal princ;
|
||||||
@@ -195,7 +195,7 @@ kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
|||||||
krb5_ccache ccache;
|
krb5_ccache ccache;
|
||||||
krb5_error_code error;
|
krb5_error_code error;
|
||||||
krb5_get_init_creds_opt *opts = NULL;
|
krb5_get_init_creds_opt *opts = NULL;
|
||||||
debug_decl(kerb5_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
||||||
princ = ((sudo_krb5_datap) auth->data)->princ;
|
princ = ((sudo_krb5_datap) auth->data)->princ;
|
||||||
@@ -257,12 +257,12 @@ done:
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
int
|
int
|
||||||
kerb5_cleanup(struct passwd *pw, sudo_auth *auth)
|
sudo_krb5_cleanup(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
krb5_context sudo_context;
|
krb5_context sudo_context;
|
||||||
krb5_principal princ;
|
krb5_principal princ;
|
||||||
krb5_ccache ccache;
|
krb5_ccache ccache;
|
||||||
debug_decl(kerb5_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_krb5_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
|
||||||
princ = ((sudo_krb5_datap) auth->data)->princ;
|
princ = ((sudo_krb5_datap) auth->data)->princ;
|
||||||
|
|||||||
@@ -80,11 +80,11 @@ static int gotintr;
|
|||||||
static pam_handle_t *pamh;
|
static pam_handle_t *pamh;
|
||||||
|
|
||||||
int
|
int
|
||||||
pam_init(struct passwd *pw, sudo_auth *auth)
|
sudo_pam_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
static struct pam_conv pam_conv;
|
static struct pam_conv pam_conv;
|
||||||
static int pam_status;
|
static int pam_status;
|
||||||
debug_decl(pam_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_pam_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Initial PAM setup */
|
/* Initial PAM setup */
|
||||||
if (auth != NULL)
|
if (auth != NULL)
|
||||||
@@ -124,11 +124,11 @@ pam_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
const char *s;
|
const char *s;
|
||||||
int *pam_status = (int *) auth->data;
|
int *pam_status = (int *) auth->data;
|
||||||
debug_decl(pam_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_pam_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
def_prompt = prompt; /* for converse */
|
def_prompt = prompt; /* for converse */
|
||||||
|
|
||||||
@@ -181,10 +181,10 @@ pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
pam_cleanup(struct passwd *pw, sudo_auth *auth)
|
sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
int *pam_status = (int *) auth->data;
|
int *pam_status = (int *) auth->data;
|
||||||
debug_decl(pam_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_pam_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* If successful, we can't close the session until pam_end_session() */
|
/* If successful, we can't close the session until pam_end_session() */
|
||||||
if (*pam_status == AUTH_SUCCESS)
|
if (*pam_status == AUTH_SUCCESS)
|
||||||
@@ -196,10 +196,10 @@ pam_cleanup(struct passwd *pw, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
pam_begin_session(struct passwd *pw, sudo_auth *auth)
|
sudo_pam_begin_session(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
int status = PAM_SUCCESS;
|
int status = PAM_SUCCESS;
|
||||||
debug_decl(pam_begin_session, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_pam_begin_session, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If there is no valid user we cannot open a PAM session.
|
* If there is no valid user we cannot open a PAM session.
|
||||||
@@ -243,10 +243,10 @@ done:
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
pam_end_session(struct passwd *pw, sudo_auth *auth)
|
sudo_pam_end_session(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
int status = PAM_SUCCESS;
|
int status = PAM_SUCCESS;
|
||||||
debug_decl(pam_end_session, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_pam_end_session, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (pamh != NULL) {
|
if (pamh != NULL) {
|
||||||
#ifndef NO_PAM_SESSION
|
#ifndef NO_PAM_SESSION
|
||||||
|
|||||||
@@ -49,9 +49,9 @@
|
|||||||
#define HAS_AGEINFO(p, l) (l == 18 && p[DESLEN] == ',')
|
#define HAS_AGEINFO(p, l) (l == 18 && p[DESLEN] == ',')
|
||||||
|
|
||||||
int
|
int
|
||||||
passwd_init(struct passwd *pw, sudo_auth *auth)
|
sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
debug_decl(passwd_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_passwd_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
#ifdef HAVE_SKEYACCESS
|
#ifdef HAVE_SKEYACCESS
|
||||||
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
|
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
|
||||||
@@ -64,13 +64,13 @@ passwd_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
char sav, *epass;
|
char sav, *epass;
|
||||||
char *pw_epasswd = auth->data;
|
char *pw_epasswd = auth->data;
|
||||||
size_t pw_len;
|
size_t pw_len;
|
||||||
int error;
|
int error;
|
||||||
debug_decl(passwd_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_passwd_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
pw_len = strlen(pw_epasswd);
|
pw_len = strlen(pw_epasswd);
|
||||||
|
|
||||||
@@ -105,12 +105,12 @@ passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
passwd_cleanup(pw, auth)
|
sudo_passwd_cleanup(pw, auth)
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
char *pw_epasswd = auth->data;
|
char *pw_epasswd = auth->data;
|
||||||
debug_decl(passwd_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_passwd_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (pw_epasswd != NULL) {
|
if (pw_epasswd != NULL) {
|
||||||
zero_bytes(pw_epasswd, strlen(pw_epasswd));
|
zero_bytes(pw_epasswd, strlen(pw_epasswd));
|
||||||
|
|||||||
@@ -63,13 +63,13 @@
|
|||||||
#include "sudo_auth.h"
|
#include "sudo_auth.h"
|
||||||
|
|
||||||
int
|
int
|
||||||
rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
sudo_rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
char challenge[256];
|
char challenge[256];
|
||||||
static char *orig_prompt = NULL, *new_prompt = NULL;
|
static char *orig_prompt = NULL, *new_prompt = NULL;
|
||||||
static int op_len, np_size;
|
static int op_len, np_size;
|
||||||
static struct RFC1938 rfc1938;
|
static struct RFC1938 rfc1938;
|
||||||
debug_decl(rfc1938_setup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_rfc1938_setup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Stash a pointer to the rfc1938 struct if we have not initialized */
|
/* Stash a pointer to the rfc1938 struct if we have not initialized */
|
||||||
if (!auth->data)
|
if (!auth->data)
|
||||||
@@ -125,9 +125,9 @@ rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
debug_decl(rfc1938_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_rfc1938_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
|
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
|
||||||
debug_return_int(AUTH_SUCCESS);
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|||||||
@@ -53,11 +53,11 @@
|
|||||||
#include "sudo_auth.h"
|
#include "sudo_auth.h"
|
||||||
|
|
||||||
int
|
int
|
||||||
secureware_init(struct passwd *pw, sudo_auth *auth)
|
sudo_secureware_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
#ifdef __alpha
|
#ifdef __alpha
|
||||||
extern int crypt_type;
|
extern int crypt_type;
|
||||||
debug_decl(secureware_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_secureware_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (crypt_type == INT_MAX)
|
if (crypt_type == INT_MAX)
|
||||||
debug_return_int(AUTH_FAILURE); /* no shadow */
|
debug_return_int(AUTH_FAILURE); /* no shadow */
|
||||||
@@ -71,10 +71,10 @@ secureware_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
char *pw_epasswd = auth->data;
|
char *pw_epasswd = auth->data;
|
||||||
debug_decl(secureware_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_secureware_verify, SUDO_DEBUG_AUTH)
|
||||||
#ifdef __alpha
|
#ifdef __alpha
|
||||||
{
|
{
|
||||||
extern int crypt_type;
|
extern int crypt_type;
|
||||||
@@ -101,12 +101,12 @@ secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
secureware_cleanup(pw, auth)
|
sudo_secureware_cleanup(pw, auth)
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
char *pw_epasswd = auth->data;
|
char *pw_epasswd = auth->data;
|
||||||
debug_decl(secureware_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_secureware_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
if (pw_epasswd != NULL) {
|
if (pw_epasswd != NULL) {
|
||||||
zero_bytes(pw_epasswd, strlen(pw_epasswd));
|
zero_bytes(pw_epasswd, strlen(pw_epasswd));
|
||||||
|
|||||||
@@ -67,10 +67,10 @@
|
|||||||
* success.
|
* success.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
securid_init(struct passwd *pw, sudo_auth *auth)
|
sudo_securid_init(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
static SDI_HANDLE sd_dat; /* SecurID handle */
|
static SDI_HANDLE sd_dat; /* SecurID handle */
|
||||||
debug_decl(securid_init, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_securid_init, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
auth->data = (void *) &sd_dat; /* For method-specific data */
|
auth->data = (void *) &sd_dat; /* For method-specific data */
|
||||||
|
|
||||||
@@ -96,11 +96,11 @@ securid_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
* otherwise
|
* otherwise
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
|
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
|
||||||
int retval;
|
int retval;
|
||||||
debug_decl(securid_setup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_securid_setup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Re-initialize SecurID every time. */
|
/* Re-initialize SecurID every time. */
|
||||||
if (SD_Init(sd) != ACM_OK) {
|
if (SD_Init(sd) != ACM_OK) {
|
||||||
@@ -147,11 +147,11 @@ securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
|||||||
* incorrect authentication, fatal on errors
|
* incorrect authentication, fatal on errors
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
securid_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
|
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
|
||||||
int rval;
|
int rval;
|
||||||
debug_decl(securid_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_securid_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
pass = auth_getpass("Enter your PASSCODE: ",
|
pass = auth_getpass("Enter your PASSCODE: ",
|
||||||
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);
|
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);
|
||||||
|
|||||||
@@ -87,13 +87,13 @@ sudo_collect(int timeout, int rendition, uchar_t *title, int nprompts,
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
SIAENTITY *siah = NULL;
|
SIAENTITY *siah = NULL;
|
||||||
int i;
|
int i;
|
||||||
extern int NewArgc;
|
extern int NewArgc;
|
||||||
extern char **NewArgv;
|
extern char **NewArgv;
|
||||||
debug_decl(sia_setup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
/* Rebuild argv for sia_ses_init() */
|
/* Rebuild argv for sia_ses_init() */
|
||||||
sudo_argc = NewArgc + 1;
|
sudo_argc = NewArgc + 1;
|
||||||
@@ -115,10 +115,10 @@ sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
SIAENTITY *siah = (SIAENTITY *) auth->data;
|
SIAENTITY *siah = (SIAENTITY *) auth->data;
|
||||||
debug_decl(sia_verify, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_sia_verify, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
def_prompt = prompt; /* for sudo_collect */
|
def_prompt = prompt; /* for sudo_collect */
|
||||||
|
|
||||||
@@ -130,10 +130,10 @@ sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
sia_cleanup(struct passwd *pw, sudo_auth *auth)
|
sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth)
|
||||||
{
|
{
|
||||||
SIAENTITY *siah = (SIAENTITY *) auth->data;
|
SIAENTITY *siah = (SIAENTITY *) auth->data;
|
||||||
debug_decl(sia_cleanup, SUDO_DEBUG_AUTH)
|
debug_decl(sudo_sia_cleanup, SUDO_DEBUG_AUTH)
|
||||||
|
|
||||||
(void) sia_ses_release(&siah);
|
(void) sia_ses_release(&siah);
|
||||||
efree(sudo_argv);
|
efree(sudo_argv);
|
||||||
|
|||||||
@@ -51,19 +51,19 @@
|
|||||||
static sudo_auth auth_switch[] = {
|
static sudo_auth auth_switch[] = {
|
||||||
/* Standalone entries first */
|
/* Standalone entries first */
|
||||||
#ifdef HAVE_PAM
|
#ifdef HAVE_PAM
|
||||||
AUTH_ENTRY("pam", FLAG_STANDALONE, pam_init, NULL, pam_verify, pam_cleanup, pam_begin_session, pam_end_session)
|
AUTH_ENTRY("pam", FLAG_STANDALONE, sudo_pam_init, NULL, sudo_pam_verify, sudo_pam_cleanup, sudo_pam_begin_session, sudo_pam_end_session)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_SECURID
|
#ifdef HAVE_SECURID
|
||||||
AUTH_ENTRY("SecurId", FLAG_STANDALONE, securid_init, securid_setup, securid_verify, NULL, NULL, NULL)
|
AUTH_ENTRY("SecurId", FLAG_STANDALONE, sudo_securid_init, sudo_securid_setup, sudo_securid_verify, NULL, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_SIA_SES_INIT
|
#ifdef HAVE_SIA_SES_INIT
|
||||||
AUTH_ENTRY("sia", FLAG_STANDALONE, NULL, sia_setup, sia_verify, sia_cleanup, NULL, NULL)
|
AUTH_ENTRY("sia", FLAG_STANDALONE, NULL, sudo_sia_setup, sudo_sia_verify, sudo_sia_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_AIXAUTH
|
#ifdef HAVE_AIXAUTH
|
||||||
AUTH_ENTRY("aixauth", FLAG_STANDALONE, NULL, NULL, aixauth_verify, aixauth_cleanup, NULL, NULL)
|
AUTH_ENTRY("aixauth", FLAG_STANDALONE, NULL, NULL, sudo_aix_verify, sudo_aix_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_FWTK
|
#ifdef HAVE_FWTK
|
||||||
AUTH_ENTRY("fwtk", FLAG_STANDALONE, fwtk_init, NULL, fwtk_verify, fwtk_cleanup, NULL, NULL)
|
AUTH_ENTRY("fwtk", FLAG_STANDALONE, sudo_fwtk_init, NULL, sudo_fwtk_verify, sudo_fwtk_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_BSD_AUTH_H
|
#ifdef HAVE_BSD_AUTH_H
|
||||||
AUTH_ENTRY("bsdauth", FLAG_STANDALONE, bsdauth_init, NULL, bsdauth_verify, bsdauth_cleanup, NULL, NULL)
|
AUTH_ENTRY("bsdauth", FLAG_STANDALONE, bsdauth_init, NULL, bsdauth_verify, bsdauth_cleanup, NULL, NULL)
|
||||||
@@ -71,25 +71,25 @@ static sudo_auth auth_switch[] = {
|
|||||||
|
|
||||||
/* Non-standalone entries */
|
/* Non-standalone entries */
|
||||||
#ifndef WITHOUT_PASSWD
|
#ifndef WITHOUT_PASSWD
|
||||||
AUTH_ENTRY("passwd", 0, passwd_init, NULL, passwd_verify, passwd_cleanup, NULL, NULL)
|
AUTH_ENTRY("passwd", 0, sudo_passwd_init, NULL, sudo_passwd_verify, sudo_passwd_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAVE_GETPRPWNAM) && !defined(WITHOUT_PASSWD)
|
#if defined(HAVE_GETPRPWNAM) && !defined(WITHOUT_PASSWD)
|
||||||
AUTH_ENTRY("secureware", 0, secureware_init, NULL, secureware_verify, secureware_cleanup, NULL, NULL)
|
AUTH_ENTRY("secureware", 0, sudo_secureware_init, NULL, sudo_secureware_verify, sudo_secureware_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_AFS
|
#ifdef HAVE_AFS
|
||||||
AUTH_ENTRY("afs", 0, NULL, NULL, afs_verify, NULL, NULL, NULL)
|
AUTH_ENTRY("afs", 0, NULL, NULL, sudo_afs_verify, NULL, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_DCE
|
#ifdef HAVE_DCE
|
||||||
AUTH_ENTRY("dce", 0, NULL, NULL, dce_verify, NULL, NULL, NULL)
|
AUTH_ENTRY("dce", 0, NULL, NULL, sudo_dce_verify, NULL, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_KERB5
|
#ifdef HAVE_KERB5
|
||||||
AUTH_ENTRY("kerb5", 0, kerb5_init, kerb5_setup, kerb5_verify, kerb5_cleanup, NULL, NULL)
|
AUTH_ENTRY("kerb5", 0, sudo_krb5_init, sudo_krb5_setup, sudo_krb5_verify, sudo_krb5_cleanup, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_SKEY
|
#ifdef HAVE_SKEY
|
||||||
AUTH_ENTRY("S/Key", 0, NULL, rfc1938_setup, rfc1938_verify, NULL, NULL, NULL)
|
AUTH_ENTRY("S/Key", 0, NULL, sudo_rfc1938_setup, sudo_rfc1938_verify, NULL, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_OPIE
|
#ifdef HAVE_OPIE
|
||||||
AUTH_ENTRY("OPIE", 0, NULL, rfc1938_setup, rfc1938_verify, NULL, NULL, NULL)
|
AUTH_ENTRY("OPIE", 0, NULL, sudo_rfc1938_setup, sudo_rfc1938_verify, NULL, NULL, NULL)
|
||||||
#endif
|
#endif
|
||||||
AUTH_ENTRY(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL)
|
AUTH_ENTRY(NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL)
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -55,41 +55,41 @@ char *auth_getpass(const char *prompt, int timeout, int type);
|
|||||||
extern sudo_conv_t sudo_conv;
|
extern sudo_conv_t sudo_conv;
|
||||||
|
|
||||||
/* Prototypes for standalone methods */
|
/* Prototypes for standalone methods */
|
||||||
int fwtk_init(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
|
||||||
int fwtk_cleanup(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int pam_init(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
|
||||||
int pam_cleanup(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int pam_begin_session(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int pam_end_session(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int sia_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
|
||||||
int sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
|
||||||
int sia_cleanup(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int aixauth_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
|
||||||
int aixauth_cleanup(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int bsdauth_init(struct passwd *pw, sudo_auth *auth);
|
int bsdauth_init(struct passwd *pw, sudo_auth *auth);
|
||||||
int bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
int bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
||||||
int bsdauth_cleanup(struct passwd *pw, sudo_auth *auth);
|
int bsdauth_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_aix_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
|
int sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_fwtk_init(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
||||||
|
int sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_pam_init(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
||||||
|
int sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_pam_begin_session(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_pam_end_session(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_securid_init(struct passwd *pw, sudo_auth *auth);
|
||||||
|
int sudo_securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
||||||
|
int sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
|
int sudo_sia_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
||||||
|
int sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
|
||||||
|
int sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
|
|
||||||
/* Prototypes for normal methods */
|
/* Prototypes for normal methods */
|
||||||
int passwd_init(struct passwd *pw, sudo_auth *auth);
|
int sudo_afs_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_dce_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int passwd_cleanup(struct passwd *pw, sudo_auth *auth);
|
int sudo_krb5_init(struct passwd *pw, sudo_auth *auth);
|
||||||
int secureware_init(struct passwd *pw, sudo_auth *auth);
|
int sudo_krb5_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
||||||
int secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int secureware_cleanup(struct passwd *pw, sudo_auth *auth);
|
int sudo_krb5_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
int rfc1938_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
int sudo_passwd_init(struct passwd *pw, sudo_auth *auth);
|
||||||
int rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int afs_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_passwd_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
int dce_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_rfc1938_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
||||||
int kerb5_init(struct passwd *pw, sudo_auth *auth);
|
int sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int kerb5_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
int sudo_secureware_init(struct passwd *pw, sudo_auth *auth);
|
||||||
int kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
int sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
||||||
int kerb5_cleanup(struct passwd *pw, sudo_auth *auth);
|
int sudo_secureware_cleanup(struct passwd *pw, sudo_auth *auth);
|
||||||
int securid_init(struct passwd *pw, sudo_auth *auth);
|
|
||||||
int securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
|
|
||||||
int securid_verify(struct passwd *pw, char *pass, sudo_auth *auth);
|
|
||||||
|
|
||||||
/* Fields: name, flags, init, setup, verify, cleanup, begin_sess, end_sess */
|
/* Fields: name, flags, init, setup, verify, cleanup, begin_sess, end_sess */
|
||||||
#define AUTH_ENTRY(n, f, i, s, v, c, b, e) \
|
#define AUTH_ENTRY(n, f, i, s, v, c, b, e) \
|
||||||
|
|||||||
Reference in New Issue
Block a user