Avoid reinitializing other auth methods.
This commit is contained in:
Todd C. Miller
@@ -60,6 +60,10 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
static struct bsdauth_state state;
|
static struct bsdauth_state state;
|
||||||
debug_decl(bsdauth_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(bsdauth_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
/* Get login class based on auth user, which may not be invoking user. */
|
/* Get login class based on auth user, which may not be invoking user. */
|
||||||
if (pw->pw_class && *pw->pw_class)
|
if (pw->pw_class && *pw->pw_class)
|
||||||
state.lc = login_getclass(pw->pw_class);
|
state.lc = login_getclass(pw->pw_class);
|
||||||
|
|||||||
@@ -50,6 +50,10 @@ sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
char resp[128]; /* Response from the server */
|
char resp[128]; /* Response from the server */
|
||||||
debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
|
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
|
||||||
sudo_warnx("%s", U_("unable to read fwtk config"));
|
sudo_warnx("%s", U_("unable to read fwtk config"));
|
||||||
debug_return_int(AUTH_FATAL);
|
debug_return_int(AUTH_FATAL);
|
||||||
@@ -69,6 +73,7 @@ sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
sudo_warnx(U_("authentication server error:\n%s"), resp);
|
sudo_warnx(U_("authentication server error:\n%s"), resp);
|
||||||
debug_return_int(AUTH_FATAL);
|
debug_return_int(AUTH_FATAL);
|
||||||
}
|
}
|
||||||
|
auth->data = (void *) confp;
|
||||||
|
|
||||||
debug_return_int(AUTH_SUCCESS);
|
debug_return_int(AUTH_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -135,7 +135,9 @@ sudo_krb5_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
char cache_name[64], *pname = pw->pw_name;
|
char cache_name[64], *pname = pw->pw_name;
|
||||||
debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
if (sudo_krb5_instance != NULL) {
|
if (sudo_krb5_instance != NULL) {
|
||||||
int len = asprintf(&pname, "%s%s%s", pw->pw_name,
|
int len = asprintf(&pname, "%s%s%s", pw->pw_name,
|
||||||
@@ -171,6 +173,8 @@ sudo_krb5_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
|
||||||
|
|
||||||
done:
|
done:
|
||||||
if (sudo_krb5_instance != NULL)
|
if (sudo_krb5_instance != NULL)
|
||||||
free(pname);
|
free(pname);
|
||||||
|
|||||||
@@ -45,6 +45,10 @@ sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
{
|
{
|
||||||
debug_decl(sudo_passwd_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(sudo_passwd_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
#ifdef HAVE_SKEYACCESS
|
#ifdef HAVE_SKEYACCESS
|
||||||
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
|
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
|
||||||
debug_return_int(AUTH_FAILURE);
|
debug_return_int(AUTH_FAILURE);
|
||||||
|
|||||||
@@ -55,6 +55,10 @@ sudo_secureware_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
{
|
{
|
||||||
debug_decl(sudo_secureware_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(sudo_secureware_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
#ifdef __alpha
|
#ifdef __alpha
|
||||||
if (crypt_type == INT_MAX)
|
if (crypt_type == INT_MAX)
|
||||||
debug_return_int(AUTH_FAILURE); /* no shadow */
|
debug_return_int(AUTH_FAILURE); /* no shadow */
|
||||||
|
|||||||
@@ -63,16 +63,21 @@ sudo_securid_init(struct passwd *pw, sudo_auth *auth)
|
|||||||
static SDI_HANDLE sd_dat; /* SecurID handle */
|
static SDI_HANDLE sd_dat; /* SecurID handle */
|
||||||
debug_decl(sudo_securid_init, SUDOERS_DEBUG_AUTH);
|
debug_decl(sudo_securid_init, SUDOERS_DEBUG_AUTH);
|
||||||
|
|
||||||
auth->data = (void *) &sd_dat; /* For method-specific data */
|
/* Only initialize once. */
|
||||||
|
if (auth->data != NULL)
|
||||||
/* Start communications */
|
|
||||||
if (AceInitialize() != SD_FALSE)
|
|
||||||
debug_return_int(AUTH_SUCCESS);
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
|
||||||
|
/* Start communications */
|
||||||
|
if (AceInitialize() == SD_FALSE) {
|
||||||
sudo_warnx("%s", U_("failed to initialise the ACE API library"));
|
sudo_warnx("%s", U_("failed to initialise the ACE API library"));
|
||||||
debug_return_int(AUTH_FATAL);
|
debug_return_int(AUTH_FATAL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
auth->data = (void *) &sd_dat; /* For method-specific data */
|
||||||
|
|
||||||
|
debug_return_int(AUTH_SUCCESS);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* securid_setup - Initialises a SecurID transaction and locks out other
|
* securid_setup - Initialises a SecurID transaction and locks out other
|
||||||
* ACE servers
|
* ACE servers
|
||||||
|
|||||||
Reference in New Issue
Block a user