try_auth:
if (password == NULL) {
+ char *prompt_password;
torch_password = 1;
RET(PAM_AUTH_ERR);
}
- errcode = pam_afs_prompt(pam_convp, &password, 0, PAMAFS_PWD_PROMPT);
- if (errcode != PAM_SUCCESS || password == NULL) {
+ errcode = pam_afs_prompt(pam_convp, &prompt_password, 0, PAMAFS_PWD_PROMPT);
+ if (errcode != PAM_SUCCESS || prompt_password == NULL) {
pam_afs_syslog(LOG_ERR, PAMAFS_GETPASS_FAILED);
RET(PAM_AUTH_ERR);
}
- if (password[0] == '\0') {
+ if (prompt_password[0] == '\0') {
pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
RET(PAM_NEW_AUTHTOK_REQD);
}
* later, and free this storage now.
*/
- strncpy(my_password_buf, password, sizeof(my_password_buf));
+ strncpy(my_password_buf, prompt_password, sizeof(my_password_buf));
my_password_buf[sizeof(my_password_buf) - 1] = '\0';
- memset(password, 0, strlen(password));
- free(password);
+ memset(prompt_password, 0, strlen(prompt_password));
+ free(prompt_password);
password = my_password_buf;
}
if (logmask && LOG_MASK(LOG_DEBUG))
syslog(LOG_DEBUG, "in child");
if (refresh_token || set_token)
- code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, user, /* kerberos name */
+ code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
- password, /* password */
+ (char *)password, /* password */
0, /* default lifetime */
&password_expires, 0, /* spare 2 */
&reason
/* error string */ );
else
- code = ka_VerifyUserPassword(KA_USERAUTH_VERSION, user, /* kerberos name */
+ code = ka_VerifyUserPassword(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
- password, /* password */
+ (char *)password, /* password */
0, /* spare 2 */
&reason /* error string */ );
if (code) {
if (logmask && LOG_MASK(LOG_DEBUG))
syslog(LOG_DEBUG, "dont_fork");
if (refresh_token || set_token)
- code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, user, /* kerberos name */
+ code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
- password, /* password */
+ (char *)password, /* password */
0, /* default lifetime */
&password_expires, 0, /* spare 2 */
&reason /* error string */ );
else
- code = ka_VerifyUserPassword(KA_USERAUTH_VERSION, user, /* kerberos name */
+ code = ka_VerifyUserPassword(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
- password, /* password */
+ (char *)password, /* password */
0, /* spare 2 */
&reason /* error string */ );
if (logmask && LOG_MASK(LOG_DEBUG))
char *tmp = strdup(password);
(void)pam_set_data(pamh, pam_afs_lh, tmp, lc_cleanup);
if (torch_password)
- memset(password, 0, strlen(password));
+ memset((char *)password, 0, strlen(password));
}
(void)setlogmask(origmask);
#ifndef AFS_SUN56_ENV
int
-pam_afs_printf(struct pam_conv *pam_convp, int error, int fmt_msgid, ...)
+pam_afs_printf(PAM_CONST struct pam_conv *pam_convp, int error, int fmt_msgid, ...)
{
va_list args;
char buf[PAM_MAX_MSG_SIZE];
int
-pam_afs_prompt(struct pam_conv *pam_convp, char **response, int echo,
+pam_afs_prompt(PAM_CONST struct pam_conv *pam_convp, char **response, int echo,
int fmt_msgid, ...)
{
va_list args;
#define AFS_PAM_MSG_H
-int pam_afs_printf(struct pam_conv *pam_convp, int error, int fmt_msgid, ...);
+int pam_afs_printf(PAM_CONST struct pam_conv *pam_convp, int error, int fmt_msgid, ...);
-int pam_afs_prompt(struct pam_conv *pam_convp, char **response, int echo,
+int pam_afs_prompt(PAM_CONST struct pam_conv *pam_convp, char **response, int echo,
int fmt_msgid, ...);
}
if (password == NULL) {
+ char *prompt_password;
torch_password = 1;
if (use_first_pass)
RET(PAM_AUTH_ERR); /* shouldn't happen */
RET(PAM_AUTH_ERR);
}
- errcode = pam_afs_prompt(pam_convp, &password, 0, PAMAFS_PWD_PROMPT);
- if (errcode != PAM_SUCCESS || password == NULL) {
+ errcode = pam_afs_prompt(pam_convp, &prompt_password, 0, PAMAFS_PWD_PROMPT);
+ if (errcode != PAM_SUCCESS || prompt_password == NULL) {
pam_afs_syslog(LOG_ERR, PAMAFS_GETPASS_FAILED);
RET(PAM_AUTH_ERR);
}
- if (password[0] == '\0') {
+ if (prompt_password[0] == '\0') {
pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
RET(PAM_NEW_AUTHTOK_REQD);
}
* this storage, copy it to a buffer that won't need to be freed
* later, and free this storage now.
*/
- strncpy(my_password_buf, password, sizeof(my_password_buf));
+ strncpy(my_password_buf, prompt_password, sizeof(my_password_buf));
my_password_buf[sizeof(my_password_buf) - 1] = '\0';
- memset(password, 0, strlen(password));
- free(password);
+ memset(prompt_password, 0, strlen(password));
+ free(prompt_password);
password = my_password_buf;
}
- if ((code = ka_VerifyUserPassword(KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, user, /* kerberos name */
+ if ((code = ka_VerifyUserPassword(KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, (char *)user, /* kerberos name */
NULL, /* instance */
NULL, /* realm */
- password, /* password */
+ (char *)password, /* password */
0, /* spare 2 */
&reason /* error string */ )) != 0) {
pam_afs_syslog(LOG_ERR, PAMAFS_LOGIN_FAILED, user, reason);
strcpy(realm, localcell);
strcpy(cell, realm);
/* oldkey is not used in ka_ChangePassword (only for ka_auth) */
- ka_StringToKey(password, realm, &oldkey);
+ ka_StringToKey((char *)password, realm, &oldkey);
ka_StringToKey(new_password, realm, &newkey);
if ((code =
- ka_GetAdminToken(user, instance, realm, &oldkey, 20, &token,
+ ka_GetAdminToken((char *)user, instance, realm, &oldkey, 20, &token,
0)) != 0) {
pam_afs_syslog(LOG_ERR, PAMAFS_KAERROR, code);
RET(PAM_AUTH_ERR);
pam_afs_syslog(LOG_ERR, PAMAFS_KAERROR, code);
RET(PAM_AUTH_ERR);
}
- if ((code = ka_ChangePassword(user, /* kerberos name */
+ if ((code = ka_ChangePassword((char *)user, /* kerberos name */
instance, /* instance */
conn, /* conn */
0, /* old password unused */
out:
if (password && torch_password) {
- memset(password, 0, strlen(password));
+ memset((char *)password, 0, strlen(password));
}
(void)setlogmask(origmask);
#ifndef AFS_SUN56_ENV
auth_ok = !do_klog(user, password, "00:00:01", cell_ptr);
ktc_ForgetAllTokens();
} else {
- if (ka_VerifyUserPassword(KA_USERAUTH_VERSION, user, /* kerberos name */
+ if (ka_VerifyUserPassword(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
password, /* password */
if (use_klog)
auth_ok = !do_klog(user, password, NULL, cell_ptr);
else {
- if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, user, /* kerberos name */
+ if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */
NULL, /* instance */
cell_ptr, /* realm */
password, /* password */
git://git.openafs.org / openafs.git / commitdiff