diff options
Diffstat (limited to 'security/pam_krb5/files/patch-af')
| -rw-r--r-- | security/pam_krb5/files/patch-af | 176 |
1 files changed, 176 insertions, 0 deletions
diff --git a/security/pam_krb5/files/patch-af b/security/pam_krb5/files/patch-af new file mode 100644 index 000000000000..dd164e81bddd --- /dev/null +++ b/security/pam_krb5/files/patch-af @@ -0,0 +1,176 @@ +--- support.c.orig Tue Jan 4 19:08:51 2000 ++++ support.c Mon Nov 6 11:55:47 2000 +@@ -6,12 +6,17 @@ + + static const char rcsid[] = "$Id: support.c,v 1.8 2000/01/04 09:50:03 fcusack Exp $"; + ++#include <errno.h> + #include <stdio.h> /* BUFSIZ */ ++#include <stdlib.h> /* malloc */ ++#include <string.h> /* strncpy */ + #include <syslog.h> /* syslog */ + #include <security/pam_appl.h> + #include <security/pam_modules.h> + #include <krb5.h> ++#include <com_err.h> + #include "pam_krb5.h" ++#include "krb5compat.h" + + /* + * Get info from the user. Disallow null responses (regardless of flags). +@@ -22,11 +27,12 @@ + get_user_info(pam_handle_t *pamh, char *prompt, int type, char **response) + { + int pamret; +- struct pam_message msg, *pmsg; ++ struct pam_message msg; ++ const struct pam_message *pmsg; + struct pam_response *resp = NULL; + struct pam_conv *conv; + +- if (pamret = pam_get_item(pamh, PAM_CONV, (void **) &conv)) ++ if ((pamret = pam_get_item(pamh, PAM_CONV, (const void **) &conv)) != 0) + return pamret; + + /* set up conversation call */ +@@ -34,7 +40,7 @@ + msg.msg_style = type; + msg.msg = prompt; + +- if (pamret = conv->conv(1, &pmsg, &resp, conv->appdata_ptr)) ++ if ((pamret = conv->conv(1, &pmsg, &resp, conv->appdata_ptr)) != 0) + return pamret; + + /* Caller should ignore errors for non-response conversations */ +@@ -53,8 +59,8 @@ + + + krb5_error_code +-pam_prompter(krb5_context context, void *data, const char *name, +- const char *banner, int num_prompts, krb5_prompt prompts[]) ++pam_prompter(krb5_context context, void *data, const char *banner, int ++ num_prompts, krb5_prompt prompts[]) + { + int pam_prompts = num_prompts; + int pamret, i; +@@ -64,12 +70,9 @@ + struct pam_conv *conv; + pam_handle_t *pamh = (pam_handle_t *) data; + +- if (pamret = pam_get_item(pamh, PAM_CONV, (void **) &conv)) ++ if ((pamret = pam_get_item(pamh, PAM_CONV, (const void **) &conv)) != 0) + return KRB5KRB_ERR_GENERIC; + +- if (name) +- pam_prompts++; +- + if (banner) + pam_prompts++; + +@@ -80,21 +83,11 @@ + /* Now use pam_prompts as an index */ + pam_prompts = 0; + +- /* Sigh. malloc all the prompts. */ +- if (name) { +- msg[pam_prompts].msg = malloc(strlen(name) + 1); +- if (!msg[pam_prompts].msg) +- goto cleanup; +- strcpy(msg[pam_prompts].msg, name); +- msg[pam_prompts].msg_style = PAM_TEXT_INFO; +- pam_prompts++; +- } +- + if (banner) { + msg[pam_prompts].msg = malloc(strlen(banner) + 1); + if (!msg[pam_prompts].msg) + goto cleanup; +- strcpy(msg[pam_prompts].msg, banner); ++ strcpy((char *) msg[pam_prompts].msg, banner); + msg[pam_prompts].msg_style = PAM_TEXT_INFO; + pam_prompts++; + } +@@ -103,13 +96,14 @@ + msg[pam_prompts].msg = malloc(strlen(prompts[i].prompt) + 3); + if (!msg[pam_prompts].msg) + goto cleanup; +- sprintf(msg[pam_prompts].msg, "%s: ", prompts[i].prompt); ++ sprintf((char *) msg[pam_prompts].msg, "%s: ", prompts[i].prompt); + msg[pam_prompts].msg_style = prompts[i].hidden ? PAM_PROMPT_ECHO_OFF + : PAM_PROMPT_ECHO_ON; + pam_prompts++; + } + +- if (pamret = conv->conv(pam_prompts, &msg, &resp, conv->appdata_ptr)) ++ if ((pamret = conv->conv(pam_prompts, (const struct pam_message **) &msg, ++ &resp, conv->appdata_ptr)) != 0) + goto cleanup; + + if (!resp) +@@ -117,8 +111,6 @@ + + /* Reuse pam_prompts as a starting index */ + pam_prompts = 0; +- if (name) +- pam_prompts++; + if (banner) + pam_prompts++; + +@@ -142,7 +134,7 @@ + + for (i = 0; i < pam_prompts; i++) { + if (msg[i].msg) +- free(msg[i].msg); ++ free((char *) msg[i].msg); + } + free(msg); + +@@ -189,8 +181,6 @@ + krb5_keyblock * keyblock = 0; + krb5_data packet; + krb5_auth_context auth_context = NULL; +- krb5_keytab keytab = NULL; +- char * kt_name = NULL; + + packet.data = 0; + +@@ -198,8 +188,8 @@ + * Get the server principal for the local host. + * (Use defaults of "host" and canonicalized local name.) + */ +- if (retval = krb5_sname_to_principal(context, NULL, NULL, +- KRB5_NT_SRV_HST, &princ)) { ++ if ((retval = krb5_sname_to_principal(context, NULL, NULL, KRB5_NT_SRV_HST, ++ &princ)) != 0) { + if (debug) + syslog(LOG_DEBUG, "pam_krb5: verify_krb_v5_tgt(): %s: %s", + "krb5_sname_to_principal()", error_message(retval)); +@@ -207,7 +197,7 @@ + } + + /* Extract the name directly. */ +- strncpy(phost, krb5_princ_component(c, princ, 1)->data, BUFSIZ); ++ strncpy(phost, compat_princ_component(context, princ, 1), BUFSIZ); + phost[BUFSIZ - 1] = '\0'; + + /* +@@ -215,8 +205,8 @@ + * (use default/configured keytab, kvno IGNORE_VNO to get the + * first match, and enctype is currently ignored anyhow.) + */ +- if (retval = krb5_kt_read_service_key(context, NULL, princ, 0, +- ENCTYPE_DES_CBC_MD5, &keyblock)) { ++ if ((retval = krb5_kt_read_service_key(context, NULL, princ, 0, ++ ENCTYPE_DES_CBC_MD5, &keyblock)) != 0) { + /* Keytab or service key does not exist */ + if (debug) + syslog(LOG_DEBUG, "pam_krb5: verify_krb_v5_tgt(): %s: %s", +@@ -256,7 +246,7 @@ + + cleanup: + if (packet.data) +- krb5_free_data_contents(context, &packet); ++ compat_free_data_contents(context, &packet); + krb5_free_principal(context, princ); + return retval; + |