Modify the authentication API such that the init and cleanup functions

are always called, regardless of whether or not we are going to verify a password. This is needed for proper PAM session support.
2011-09-27 13:18:46 -04:00
parent c21595044d
commit bceb5df158
15 changed files with 163 additions and 116 deletions
--- a/plugins/sudoers/auth/sudo_auth.h
+++ b/plugins/sudoers/auth/sudo_auth.h
@@ -28,7 +28,7 @@ typedef struct sudo_auth {
    int status;			/* status from verify routine */
    char *name;			/* name of the method as a string */
    void *data;			/* method-specific data pointer */
-    int (*init)(struct passwd *pw, char **prompt, struct sudo_auth *auth);
+    int (*init)(struct passwd *pw, struct sudo_auth *auth);
    int (*setup)(struct passwd *pw, char **prompt, struct sudo_auth *auth);
    int (*verify)(struct passwd *pw, char *p, struct sudo_auth *auth);
    int (*cleanup)(struct passwd *pw, struct sudo_auth *auth);
@@ -55,10 +55,10 @@ char *auth_getpass(const char *prompt, int timeout, int type);
 extern sudo_conv_t sudo_conv;

 /* Prototypes for standalone methods */
-int fwtk_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int fwtk_init(struct passwd *pw, sudo_auth *auth);
 int fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
 int fwtk_cleanup(struct passwd *pw, sudo_auth *auth);
-int pam_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int pam_init(struct passwd *pw, sudo_auth *auth);
 int pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
 int pam_cleanup(struct passwd *pw, sudo_auth *auth);
 int pam_begin_session(struct passwd *pw, sudo_auth *auth);
@@ -68,27 +68,28 @@ int sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
 int sia_cleanup(struct passwd *pw, sudo_auth *auth);
 int aixauth_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int aixauth_cleanup(struct passwd *pw, sudo_auth *auth);
-int bsdauth_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int bsdauth_init(struct passwd *pw, sudo_auth *auth);
 int bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
 int bsdauth_cleanup(struct passwd *pw, sudo_auth *auth);

 /* Prototypes for normal methods */
-int passwd_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int passwd_init(struct passwd *pw, sudo_auth *auth);
 int passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int passwd_cleanup(struct passwd *pw, sudo_auth *auth);
-int secureware_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int secureware_init(struct passwd *pw, sudo_auth *auth);
 int secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int secureware_cleanup(struct passwd *pw, sudo_auth *auth);
 int rfc1938_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
 int rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int afs_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int dce_verify(struct passwd *pw, char *pass, sudo_auth *auth);
-int kerb4_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int kerb4_init(struct passwd *pw, sudo_auth *auth);
 int kerb4_verify(struct passwd *pw, char *pass, sudo_auth *auth);
-int kerb5_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int kerb5_init(struct passwd *pw, sudo_auth *auth);
+int kerb5_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
 int kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 int kerb5_cleanup(struct passwd *pw, sudo_auth *auth);
-int securid_init(struct passwd *pw, char **prompt, sudo_auth *auth);
+int securid_init(struct passwd *pw, sudo_auth *auth);
 int securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
 int securid_verify(struct passwd *pw, char *pass, sudo_auth *auth);