Changeset 100 in openpam


Ignore:
Timestamp:
Apr 6, 2002, 5:05:21 PM (16 years ago)
Author:
Dag-Erling Smørgrav
Message:

Change pam_get_authtok()'s prototype so the caller can specify
what token it wants. Also introduce PAM_OLDAUTHTOK_PROMPT.

Sponsored by: DARPA, NAI Labs

Location:
trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/include/security/openpam.h

    r93 r100  
    3232 * SUCH DAMAGE.
    3333 *
    34  * $P4: //depot/projects/openpam/include/security/openpam.h#12 $
     34 * $P4: //depot/projects/openpam/include/security/openpam.h#13 $
    3535 */
    3636
     
    6666int
    6767pam_get_authtok(pam_handle_t *_pamh,
     68        int _item,
    6869        const char **_authtok,
    6970        const char *_prompt);
  • trunk/include/security/pam_constants.h

    r93 r100  
    3232 * SUCH DAMAGE.
    3333 *
    34  * $P4: //depot/projects/openpam/include/security/pam_constants.h#12 $
     34 * $P4: //depot/projects/openpam/include/security/pam_constants.h#13 $
    3535 */
    3636
     
    120120        PAM_USER_PROMPT                 =   9,
    121121        PAM_AUTHTOK_PROMPT              =  10,          /* OpenPAM extension */
     122        PAM_OLDAUTHTOK_PROMPT           =  11,          /* OpenPAM extension */
    122123        PAM_NUM_ITEMS                                   /* OpenPAM extension */
    123124};
  • trunk/lib/pam_get_authtok.c

    r93 r100  
    3232 * SUCH DAMAGE.
    3333 *
    34  * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#12 $
     34 * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#13 $
    3535 */
    3636
     
    4242#include "openpam_impl.h"
    4343
     44const char authtok_prompt[] = "Password:";
     45const char oldauthtok_prompt[] = "Old Password:";
     46
    4447/*
    4548 * OpenPAM extension
     
    5053int
    5154pam_get_authtok(pam_handle_t *pamh,
     55        int item,
    5256        const char **authtok,
    5357        const char *prompt)
    5458{
    55         char *p, *resp;
    56         int r, style;
     59        const char *default_prompt;
     60        char *resp;
     61        int pitem, r, style;
    5762
    5863        if (pamh == NULL || authtok == NULL)
    5964                return (PAM_SYSTEM_ERR);
    6065
     66        *authtok = NULL;
     67        switch (item) {
     68        case PAM_AUTHTOK:
     69                pitem = PAM_AUTHTOK_PROMPT;
     70                default_prompt = authtok_prompt;
     71                break;
     72        case PAM_OLDAUTHTOK:
     73                pitem = PAM_OLDAUTHTOK_PROMPT;
     74                default_prompt = oldauthtok_prompt;
     75                break;
     76        default:
     77                return (PAM_SYMBOL_ERR);
     78        }
     79
    6180        if (openpam_get_option(pamh, "try_first_pass") ||
    6281            openpam_get_option(pamh, "use_first_pass")) {
    63                 r = pam_get_item(pamh, PAM_AUTHTOK, (const void **)authtok);
     82                r = pam_get_item(pamh, item, (const void **)authtok);
    6483                if (r == PAM_SUCCESS && *authtok != NULL)
    6584                        return (PAM_SUCCESS);
     
    6786                        return (r == PAM_SUCCESS ? PAM_AUTH_ERR : r);
    6887        }
    69         if (pam_get_item(pamh, PAM_AUTHTOK_PROMPT,
    70             (const void **)&p) != PAM_SUCCESS || p == NULL)
    71                 if (prompt == NULL)
    72                         prompt = "Password:";
     88        if (prompt == NULL) {
     89                r = pam_get_item(pamh, pitem, (const void **)&prompt);
     90                if (r != PAM_SUCCESS || prompt == NULL)
     91                        prompt = default_prompt;
     92        }
    7393        style = openpam_get_option(pamh, "echo_pass") ?
    7494            PAM_PROMPT_ECHO_ON : PAM_PROMPT_ECHO_OFF;
    75         r = pam_prompt(pamh, style, &resp, "%s", p ? p : prompt);
     95        r = pam_prompt(pamh, style, &resp, "%s", prompt);
    7696        if (r != PAM_SUCCESS)
    7797                return (r);
    7898        *authtok = resp;
    79         return (pam_set_item(pamh, PAM_AUTHTOK, *authtok));
     99        return (pam_set_item(pamh, item, *authtok));
    80100}
    81101
     
    88108 *      !PAM_SYMBOL_ERR
    89109 */
     110
     111/**
     112 * The =pam_get_authtok function returns the cached authentication token,
     113 * or prompts the user if no token is currently cached.  Either way, a
     114 * pointer to the authentication token is stored in the location pointed
     115 * to by the =authtok argument.
     116 *
     117 * The =item argument must have one of the following values:
     118 *
     119 *      =PAM_AUTHTOK
     120 *              Returns the current authentication token, or the new token
     121 *              when changing authentication tokens.
     122 *      =PAM_OLDAUTHTOK
     123 *              Returns the previous authentication token when changing
     124 *              authentication tokens.
     125 *
     126 * The =prompt argument specifies a prompt to use if no token is cached.
     127 * If =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item, as
     128 * appropriate, will be used.  If that item is also =NULL, a hardcoded
     129 * default prompt will be used.
     130 *
     131 * >pam_get_item
     132 */
  • trunk/lib/pam_get_item.c

    r93 r100  
    3232 * SUCH DAMAGE.
    3333 *
    34  * $P4: //depot/projects/openpam/lib/pam_get_item.c#10 $
     34 * $P4: //depot/projects/openpam/lib/pam_get_item.c#11 $
    3535 */
    3636
     
    6767        case PAM_USER_PROMPT:
    6868        case PAM_AUTHTOK_PROMPT:
     69        case PAM_OLDAUTHTOK_PROMPT:
    6970                *item = pamh->item[item_type];
    7071                return (PAM_SUCCESS);
     
    113114 *              The prompt to use when asking the applicant for an
    114115 *              authentication token.
     116 *      =PAM_OLDAUTHTOK_PROMPT:
     117 *              The prompt to use when asking the applicant for an
     118 *              expired authentication token prior to changing it.
    115119 *
    116120 * See =pam_start for a description of =struct pam_conv.
  • trunk/lib/pam_set_item.c

    r93 r100  
    3232 * SUCH DAMAGE.
    3333 *
    34  * $P4: //depot/projects/openpam/lib/pam_set_item.c#12 $
     34 * $P4: //depot/projects/openpam/lib/pam_set_item.c#13 $
    3535 */
    3636
     
    7474        case PAM_USER_PROMPT:
    7575        case PAM_AUTHTOK_PROMPT:
     76        case PAM_OLDAUTHTOK_PROMPT:
    7677                if (*slot != NULL)
    7778                        size = strlen(*slot) + 1;
Note: See TracChangeset for help on using the changeset viewer.