pam: Use &, not && for bitwise operations

[openafs.git] / src / pam / afs_auth.c

diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c
index 9051cc4..b4c220f 100644 (file)
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -16,15 +16,16 @@
 #include <sys/wait.h>
 #endif
 
+#include <afs/sys_prototypes.h>
 #include <afs/kautils.h>
 
 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
 
 #include "afs_message.h"
+#include "afs_pam_msg.h"
 #include "afs_util.h"
 
-
 #define RET(x) { retcode = (x); goto out; }
 
 extern int
@@ -53,7 +54,6 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     /* satisfy kdm 2.x
      */
     int use_klog = 0;
-    int set_expires = 0;       /* This option is only used in pam_set_cred() */
     int got_authtok = 0;       /* got PAM_AUTHTOK upon entry */
     PAM_CONST char *user = NULL, *password = NULL;
     afs_int32 password_expires = -1;
@@ -61,15 +61,18 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     int i;
     PAM_CONST struct pam_conv *pam_convp = NULL;
     int auth_ok;
-    struct passwd unix_pwd, *upwd = NULL;
-    char upwd_buf[2048];       /* size is a guess. */
+    struct passwd *upwd = NULL;
     char *reason = NULL;
     pid_t cpid, rcpid;
     int status;
     struct sigaction newAction, origAction;
+#if !(defined(AFS_LINUX20_ENV) || defined(AFS_FBSD_ENV) || defined(AFS_DFBSD_ENV) || defined(AFS_NBSD_ENV))
+    char upwd_buf[2048];       /* size is a guess. */
+    struct passwd unix_pwd;
+#endif
 
 
-#ifndef AFS_SUN56_ENV
+#ifndef AFS_SUN5_ENV
     openlog(pam_afs_ident, LOG_CONS | LOG_PID, LOG_AUTH);
 #endif
     origmask = setlogmask(logmask);
@@ -128,7 +131,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
            else
                pam_afs_syslog(LOG_ERR, PAMAFS_CONFLICTOPT, "use_klog");
        } else if (strcasecmp(argv[i], "setenv_password_expires") == 0) {
-           set_expires = 1;
+           ;
        } else {
            pam_afs_syslog(LOG_ERR, PAMAFS_UNKNOWNOPT, argv[i]);
        }
@@ -140,7 +143,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     if (use_first_pass)
        try_first_pass = 0;
 
-    if (logmask && LOG_MASK(LOG_DEBUG))
+    if (logmask & LOG_MASK(LOG_DEBUG))
        pam_afs_syslog(LOG_DEBUG, PAMAFS_OPTIONS, nowarn, use_first_pass,
                       try_first_pass, ignore_uid, ignore_uid_id,
                       refresh_token, set_token, dont_fork, use_klog);
@@ -160,7 +163,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
        RET(PAM_USER_UNKNOWN);
     }
 
-    if (logmask && LOG_MASK(LOG_DEBUG))
+    if (logmask & LOG_MASK(LOG_DEBUG))
        pam_afs_syslog(LOG_DEBUG, PAMAFS_USERNAMEDEBUG, user);
 
     /*
@@ -171,8 +174,8 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     /* enhanced: use "ignore_uid <number>" to specify the largest uid
      * which should be ignored by this module
      */
-#if    defined(AFS_HPUX_ENV) || defined(AFS_DARWIN100_ENV) || defined(AFS_SUN58_ENV)
-#if     defined(AFS_HPUX110_ENV) || defined(AFS_DARWIN100_ENV) || defined(AFS_SUN58_ENV)
+#if    defined(AFS_HPUX_ENV) || defined(AFS_DARWIN100_ENV) || defined(AFS_SUN5_ENV)
+#if     defined(AFS_HPUX110_ENV) || defined(AFS_DARWIN100_ENV) || defined(AFS_SUN5_ENV)
     i = getpwnam_r(user, &unix_pwd, upwd_buf, sizeof(upwd_buf), &upwd);
 #else /* AFS_HPUX110_ENV */
     i = getpwnam_r(user, &unix_pwd, upwd_buf, sizeof(upwd_buf));
@@ -201,14 +204,14 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
            RET(PAM_AUTH_ERR);
        }
        password = NULL;        /* In case it isn't already NULL */
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user);
     } else if (password[0] == '\0') {
        /* Actually we *did* get one but it was empty. */
        pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
        RET(PAM_NEW_AUTHTOK_REQD);
     } else {
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
        got_authtok = 1;
     }
@@ -269,7 +272,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
 #ifdef AFS_KERBEROS_ENV
        ktc_newpag();
 #endif
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            syslog(LOG_DEBUG, "New PAG created in pam_authenticate()");
     }
 
@@ -295,15 +298,15 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
                i = do_klog(user, password, "00:00:01", cell_ptr);
                ktc_ForgetAllTokens();
            }
-           if (logmask && LOG_MASK(LOG_DEBUG))
+           if (logmask & LOG_MASK(LOG_DEBUG))
                syslog(LOG_DEBUG, "do_klog returned %d", i);
            auth_ok = i ? 0 : 1;
        } else {
-           if (logmask && LOG_MASK(LOG_DEBUG))
+           if (logmask & LOG_MASK(LOG_DEBUG))
                syslog(LOG_DEBUG, "forking ...");
            cpid = fork();
            if (cpid <= 0) {    /* The child process */
-               if (logmask && LOG_MASK(LOG_DEBUG))
+               if (logmask & LOG_MASK(LOG_DEBUG))
                    syslog(LOG_DEBUG, "in child");
                if (refresh_token || set_token)
                    code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user,        /* kerberos name */
@@ -328,13 +331,13 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
                } else {
                    auth_ok = 1;
                }
-               if (logmask && LOG_MASK(LOG_DEBUG))
+               if (logmask & LOG_MASK(LOG_DEBUG))
                    syslog(LOG_DEBUG, "child: auth_ok=%d", auth_ok);
                if (cpid == 0)
                    exit(auth_ok);
            } else {
                do {
-                   if (logmask && LOG_MASK(LOG_DEBUG))
+                   if (logmask & LOG_MASK(LOG_DEBUG))
                        syslog(LOG_DEBUG, "in parent, waiting ...");
                    rcpid = waitpid(cpid, &status, 0);
                } while ((rcpid == -1) && (errno == EINTR));
@@ -344,7 +347,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
                } else {
                    auth_ok = 0;
                }
-               if (logmask && LOG_MASK(LOG_DEBUG))
+               if (logmask & LOG_MASK(LOG_DEBUG))
                    syslog(LOG_DEBUG, "parent: auth_ok=%d", auth_ok);
            }
        }
@@ -354,7 +357,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
            pam_afs_syslog(LOG_ERR, PAMAFS_PAMERROR, errno);
        }
     } else {                   /* dont_fork, used by httpd */
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            syslog(LOG_DEBUG, "dont_fork");
        if (refresh_token || set_token)
            code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user,        /* kerberos name */
@@ -371,7 +374,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
                                         (char *)password,      /* password */
                                         0,     /* spare 2 */
                                         &reason /* error string */ );
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            syslog(LOG_DEBUG, "dont_fork, code = %d", code);
        if (code) {
            pam_afs_syslog(LOG_ERR, PAMAFS_LOGIN_FAILED, user, reason);
@@ -379,7 +382,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
        } else {
            auth_ok = 1;
        }
-       if (logmask && LOG_MASK(LOG_DEBUG))
+       if (logmask & LOG_MASK(LOG_DEBUG))
            syslog(LOG_DEBUG, "dont_fork: auth_ok=%d", auth_ok);
     }
 
@@ -398,7 +401,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
        (void)pam_set_item(pamh, PAM_AUTHTOK, password);
     }
 
-    if (logmask && LOG_MASK(LOG_DEBUG))
+    if (logmask & LOG_MASK(LOG_DEBUG))
        syslog(LOG_DEBUG, "leaving auth: auth_ok=%d", auth_ok);
     if (code == KANOENT)
        RET(PAM_USER_UNKNOWN);
@@ -413,7 +416,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
            memset(torch_password, 0, strlen(torch_password));
     }
     (void)setlogmask(origmask);
-#ifndef AFS_SUN56_ENV
+#ifndef AFS_SUN5_ENV
     closelog();
 #endif
     return retcode;