Annotation of embedaddon/sudo/plugins/sudoers/auth/afs.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (c) 1999, 2001-2005, 2007, 2010-2011
3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #include <config.h>
23:
24: #include <sys/param.h>
25: #include <sys/types.h>
26: #include <stdio.h>
27: #ifdef STDC_HEADERS
28: # include <stdlib.h>
29: # include <stddef.h>
30: #else
31: # ifdef HAVE_STDLIB_H
32: # include <stdlib.h>
33: # endif
34: #endif /* STDC_HEADERS */
35: #ifdef HAVE_STRING_H
36: # include <string.h>
37: #endif /* HAVE_STRING_H */
38: #ifdef HAVE_STRINGS_H
39: # include <strings.h>
40: #endif /* HAVE_STRING_H */
41: #ifdef HAVE_UNISTD_H
42: # include <unistd.h>
43: #endif /* HAVE_UNISTD_H */
44: #include <pwd.h>
45:
46: #include <afs/stds.h>
47: #include <afs/kautils.h>
48:
49: #include "sudoers.h"
50: #include "sudo_auth.h"
51:
52: int
53: afs_verify(struct passwd *pw, char *pass, sudo_auth *auth)
54: {
55: struct ktc_encryptionKey afs_key;
56: struct ktc_token afs_token;
57:
58: /* Try to just check the password */
59: ka_StringToKey(pass, NULL, &afs_key);
60: if (ka_GetAdminToken(pw->pw_name, /* name */
61: NULL, /* instance */
62: NULL, /* realm */
63: &afs_key, /* key (contains password) */
64: 0, /* lifetime */
65: &afs_token, /* token */
66: 0) == 0) /* new */
67: return AUTH_SUCCESS;
68:
69: /* Fall back on old method XXX - needed? */
70: setpag();
71: if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION+KA_USERAUTH_DOSETPAG,
72: pw->pw_name, /* name */
73: NULL, /* instance */
74: NULL, /* realm */
75: pass, /* password */
76: 0, /* lifetime */
77: NULL, /* expiration ptr (unused) */
78: 0, /* spare */
79: NULL) == 0) /* reason */
80: return AUTH_SUCCESS;
81:
82: return AUTH_FAILURE;
83: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>