/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
*/
-#include <stdio.h>
-#include <assert.h>
-#include <unistd.h>
-#include <errno.h>
-#include <syslog.h>
-#include <security/pam_appl.h>
#include <afsconfig.h>
#include <afs/param.h>
+
+#include <roken.h>
+
+#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
-#include <limits.h>
-#ifdef HAVE_STRING_H
-#include <string.h>
-#else
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
#endif
-#include <stdlib.h>
+
+#include <limits.h>
+
#ifdef AFS_AIX51_ENV
#include <sys/cred.h>
+#ifdef HAVE_SYS_PAG_H
+#include <sys/pag.h>
+#endif
#endif
-RCSID
- ("$Header$");
+#include <security/pam_appl.h>
+
+#include <afs/auth.h>
#include "afs_util.h"
return;
}
-/* The PAM module needs to be free from libucb dependency. Otherwise,
-dynamic linking is a problem, the AFS PAM library refuses to coexist
-with the DCE library. The sigvec() and sigsetmask() are the only two
-calls that neccesiate the inclusion of libucb.a. There are used by
-the lwp library to support premeptive threads and signalling between
-threads. Since the lwp support used by the PAM module uses none of
-these facilities, we can safely define these to be null functions */
-
-#if !defined(AFS_HPUX110_ENV)
-/* For HP 11.0, this function is in util/hputil.c */
-int
-sigvec(int sig, const struct sigvec *vec, struct sigvec *ovec)
-{
- assert(0);
-}
-
-int
-sigsetmask(int mask)
-{
- assert(0);
-}
-#endif /* AFS_HPUX110_ENV */
-
/* converts string to integer */
char *
-cv2string(register char *ttp, register unsigned long aval)
+cv2string(char *ttp, unsigned long aval)
{
- register char *tp = ttp;
- register int i;
+ char *tp = ttp;
+ int i;
int any = 0;
*(--tp) = 0;
char *argv[32];
int argc = 0;
char *klog_prog;
- int ret = 1;
+ int ret = 1; /* ret different than zero means failure */
+ int fd, nbytes;
#if defined(AFS_KERBEROS_ENV)
klog_prog = KLOGKRB;
goto out;
case (0): /* child */
close(0);
- dup(pipedes[0]);
+ fd = dup(pipedes[0]);
close(pipedes[0]);
+ if (fd == -1) {
+ syslog(LOG_ERR, "do_klog: dup failed for pipedes[0]: %s",
+ strerror(errno));
+ exit(1);
+ }
close(1);
- dup(pipedes[1]);
+ fd = dup(pipedes[1]);
close(pipedes[1]);
+ if (fd == -1) {
+ close(0);
+ syslog(LOG_ERR, "do_klog: dup failed for pipedes[1]: %s",
+ strerror(errno));
+ exit(1);
+ }
execv(klog_prog, argv);
/* notreached */
syslog(LOG_ERR, "execv failed: %s", strerror(errno));
close(1);
goto out;
default:
- write(pipedes[1], password, strlen(password));
- write(pipedes[1], "\n", 1);
+ nbytes = write(pipedes[1], password, strlen(password));
+ if (nbytes == -1) {
+ syslog(LOG_ERR,
+ "do_klog: could not write the password into the input of the pipe: %s",
+ strerror(errno));
+ }
+ nbytes = write(pipedes[1], "\n", 1);
+ if (nbytes == -1) {
+ syslog(LOG_ERR,
+ "do_klog: could not write the end-of-line code into the input of the pipe: %s",
+ strerror(errno));
+ }
close(pipedes[0]);
close(pipedes[1]);
if (pid != wait(&status))
return (ret);
}
-/* get the current AFS pag for the calling process */
-static afs_int32
-curpag(void)
-{
- gid_t groups[NGROUPS_MAX];
- afs_uint32 g0, g1;
- afs_uint32 h, l, ret;
-
- if (getgroups(sizeof groups / sizeof groups[0], groups) < 2)
- return 0;
-
- g0 = groups[0] & 0xffff;
- g1 = groups[1] & 0xffff;
- g0 -= 0x3f00;
- g1 -= 0x3f00;
- if (g0 < 0xc000 && g1 < 0xc000) {
- l = ((g0 & 0x3fff) << 14) | (g1 & 0x3fff);
- h = (g0 >> 14);
- h = (g1 >> 14) + h + h + h;
- ret = ((h << 28) | l);
- /* Additional testing */
- if (((ret >> 24) & 0xff) == 'A')
- return ret;
- else
- return -1;
- }
- return -1;
-}
-
/* Returns the AFS pag number, if any, otherwise return -1 */
afs_int32
getPAG(void)
{
afs_int32 pag;
- pag = curpag();
+ pag = ktc_curpag();
if (pag == 0 || pag == -1)
return -1;