head	1.2;
access;
symbols
	RELEASE_4_3_0:1.1
	RELEASE_4_2_0:1.1;
locks; strict;
comment	@# @;


1.2
date	2001.07.24.17.14.44;	author nectar;	state dead;
branches;
next	1.1;

1.1
date	2000.11.06.19.01.43;	author nectar;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update pam_krb5 1.0 -> 1.0.1.
Change MASTER_SITES.

NB: This  versioning is  bogus.  Unfortunately,  there is  no official
release of  pam_krb5 yet,  but it has  substantially changed.   I made
this release based on what is in CVS.
@
text
@--- pam_krb5_pass.c.orig	Tue Jan  4 19:08:51 2000
+++ pam_krb5_pass.c	Mon Nov  6 10:21:49 2000
@@@@ -7,10 +7,14 @@@@
 
 static const char rcsid[] = "$Id: pam_krb5_pass.c,v 1.3 1999/01/19 23:43:11 fcusack Exp $";
 
+#include <errno.h>
+#include <stdio.h>	/* sprintf */
+#include <stdlib.h>	/* malloc */
 #include <syslog.h>	/* syslog */
 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
 #include <krb5.h>
+#include <com_err.h>
 #include "pam_krb5.h"
 
 /* A useful logging macro */
@@@@ -27,7 +31,6 @@@@
     krb5_context	pam_context;
     krb5_creds		creds;
     krb5_principal	princ;
-    krb5_ccache		ccache;
     krb5_get_init_creds_opt opts;
 
     int		result_code;
@@@@ -54,23 +57,23 @@@@
     }
 
     /* Get username */
-    if (pam_get_item(pamh, PAM_USER, (void **) &name)) {
+    if ((pam_get_item(pamh, PAM_USER, (const void **) &name)) != 0) {
 	return PAM_SERVICE_ERR;
     }
 
     /* Get service name */
-    (void) pam_get_item(pamh, PAM_SERVICE, (void **) &service);
+    (void) pam_get_item(pamh, PAM_SERVICE, (const void **) &service);
     if (!service)
 	service = "unknown";
 
     DLOG("entry", "");
 
-    if (krb5_init_context(&pam_context)) {
+    if ((krbret = krb5_init_context(&pam_context)) != 0) {
 	DLOG("krb5_init_context()", error_message(krbret));
 	return PAM_SERVICE_ERR;
     }
 
-    if (krb5_init_context(&pam_context)) {
+    if ((krbret = krb5_init_context(&pam_context)) != 0) {
 	DLOG("krb5_init_context()", error_message(krbret));
 	return PAM_SERVICE_ERR;
     }
@@@@ -78,14 +81,14 @@@@
     memset(&creds, 0, sizeof(krb5_creds));
 
     /* Get principal name */
-    if (krbret = krb5_parse_name(pam_context, name, &princ)) {
+    if ((krbret = krb5_parse_name(pam_context, name, &princ)) != 0) {
 	DLOG("krb5_parse_name()", error_message(krbret));
 	pamret = PAM_USER_UNKNOWN;
 	goto cleanup3;
     }
 
     /* Now convert the principal name into something human readable */
-    if (krbret = krb5_unparse_name(pam_context, princ, &princ_name)) {
+    if ((krbret = krb5_unparse_name(pam_context, princ, &princ_name)) != 0) {
 	DLOG("krb5_unparse_name()", error_message(krbret));
 	pamret = PAM_SERVICE_ERR;
 	goto cleanup2;
@@@@ -101,18 +104,19 @@@@
     (void) sprintf(prompt, "Password for %s: ", princ_name);
 
     if (try_first_pass || use_first_pass)
-	(void) pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass);
+	(void) pam_get_item(pamh, PAM_AUTHTOK, (const void **) &pass);
 
 get_pass:
     if (!pass) {
 	try_first_pass = 0;
-	if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) {
+	if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, 
+	  &pass)) != 0) {
 	    DLOG("get_user_info()", pam_strerror(pamh, pamret));
 	    pamret = PAM_SERVICE_ERR;
 	    goto cleanup2;
 	}
 	/* We have to free pass. */
-	if (pamret = pam_set_item(pamh, PAM_AUTHTOK, pass)) {
+	if ((pamret = pam_set_item(pamh, PAM_AUTHTOK, pass)) != 0) {
 	    DLOG("pam_set_item()", pam_strerror(pamh, pamret));
 	    free(pass);
 	    pamret = PAM_SERVICE_ERR;
@@@@ -120,12 +124,11 @@@@
 	}
 	free(pass);
 	/* Now we get it back from the library. */
-	(void) pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass);
+	(void) pam_get_item(pamh, PAM_AUTHTOK, (const void **) &pass);
     }
 
-    if (krbret = krb5_get_init_creds_password(pam_context, &creds, princ,
-					      pass, pam_prompter, pamh,
-					      0, "kadmin/changepw", &opts)) {
+    if ((krbret = krb5_get_init_creds_password(pam_context, &creds, princ, 
+      pass, pam_prompter, pamh, 0, "kadmin/changepw", &opts)) != 0) {
 	DLOG("krb5_get_init_creds_password()", error_message(krbret));
 	if (try_first_pass && krbret == KRB5KRB_AP_ERR_BAD_INTEGRITY) {
 	    pass = NULL;
@@@@ -138,14 +141,16 @@@@
     /* Now get the new password */
     free(prompt);
     prompt = "Enter new password: ";
-    if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) {
+    if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass)) 
+      != 0) {
 	DLOG("get_user_info()", pam_strerror(pamh, pamret));
 	prompt = NULL;
 	pamret = PAM_SERVICE_ERR;
 	goto cleanup;
     }
     prompt = "Enter it again: ";
-    if (pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass2)) {
+    if ((pamret = get_user_info(pamh, prompt, PAM_PROMPT_ECHO_OFF, &pass2)) 
+      != 0) {
 	DLOG("get_user_info()", pam_strerror(pamh, pamret));
 	prompt = NULL;
 	pamret = PAM_SERVICE_ERR;
@@@@ -160,9 +165,8 @@@@
     }
 
     /* Change it */
-    if (krbret = krb5_change_password(pam_context, &creds, pass,
-				      &result_code, &result_code_string,
-				      &result_string)) {
+    if ((krbret = krb5_change_password(pam_context, &creds, pass,
+      &result_code, &result_code_string, &result_string)) != 0) {
 	DLOG("krb5_change_password()", error_message(krbret));
 	pamret = PAM_AUTHTOK_ERR;
 	goto cleanup;
@


1.1
log
@A Pluggable Authentication Module for Kerberos 5.
@
text
@@

