--- embedaddon/sudo/plugins/sudoers/auth/dce.c	2012/02/21 16:23:02	1.1
+++ embedaddon/sudo/plugins/sudoers/auth/dce.c	2013/07/22 10:46:12	1.1.1.3
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 1998-2005, 2010-2011
+ * Copyright (c) 1996, 1998-2005, 2010-2012
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -36,7 +36,6 @@
 #include <config.h>
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
 # include <stdlib.h>
@@ -67,7 +66,7 @@
 static int check_dce_status(error_status_t, char *);
 
 int
-dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
+sudo_dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
 {
     struct passwd		temp_pw;
     sec_passwd_rec_t		password_rec;
@@ -75,6 +74,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
     boolean32			reset_passwd;
     sec_login_auth_src_t	auth_src;
     error_status_t		status;
+    debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH)
 
     /*
      * Create the local context of the DCE principal necessary
@@ -86,7 +86,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	sec_login_no_flags, &login_context, &status)) {
 
 	if (check_dce_status(status, "sec_login_setup_identity(1):"))
-	    return AUTH_FAILURE;
+	    debug_return_int(AUTH_FAILURE);
 
 	password_rec.key.key_type = sec_passwd_plain;
 	password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
@@ -98,7 +98,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	    &reset_passwd, &auth_src, &status)) {
 
 	    if (check_dce_status(status, "sec_login_validate_identity(1):"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 
 	    /*
 	     * Certify that the DCE Security Server used to set
@@ -108,10 +108,10 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	    if (!sec_login_certify_identity(login_context, &status)) {
 		(void) fprintf(stderr, "Whoa! Bogus authentication server!\n");
 		(void) check_dce_status(status,"sec_login_certify_identity(1):");
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 	    }
 	    if (check_dce_status(status, "sec_login_certify_identity(2):"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 
 	    /*
 	     * Sets the network credentials to those specified
@@ -119,7 +119,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	     */
 	    sec_login_set_context(login_context, &status);
 	    if (check_dce_status(status, "sec_login_set_context:"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 
 	    /*
 	     * Oops, your credentials were no good. Possibly
@@ -129,13 +129,13 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	    if (auth_src != sec_login_auth_src_network) {
 		    (void) fprintf(stderr,
 			"You have no network credentials.\n");
-		    return AUTH_FAILURE;
+		    debug_return_int(AUTH_FAILURE);
 	    }
 	    /* Check if the password has aged and is thus no good */
 	    if (reset_passwd) {
 		    (void) fprintf(stderr,
 			"Your DCE password needs resetting.\n");
-		    return AUTH_FAILURE;
+		    debug_return_int(AUTH_FAILURE);
 	    }
 
 	    /*
@@ -147,7 +147,7 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	    sec_login_get_pwent(login_context, (sec_login_passwd_t) &temp_pw,
 		&status);
 	    if (check_dce_status(status, "sec_login_get_pwent:"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 
 	    /*
 	     * If we get to here, then the pwent above properly fetched
@@ -169,17 +169,17 @@ dce_verify(struct passwd *pw, char *plain_pw, sudo_aut
 	     * somewhere later in the program.
 	     */
 	    sec_login_purge_context(&login_context, &status);
-	    return AUTH_SUCCESS;
+	    debug_return_int(AUTH_SUCCESS);
 	} else {
 	    if(check_dce_status(status, "sec_login_validate_identity(2):"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 	    sec_login_purge_context(&login_context, &status);
 	    if(check_dce_status(status, "sec_login_purge_context:"))
-		return AUTH_FAILURE;
+		debug_return_int(AUTH_FAILURE);
 	}
     }
     (void) check_dce_status(status, "sec_login_setup_identity(2):");
-    return AUTH_FAILURE;
+    debug_return_int(AUTH_FAILURE);
 }
 
 /* Returns 0 for DCE "ok" status, 1 otherwise */
@@ -188,10 +188,11 @@ check_dce_status(error_status_t input_status, char *co
 {
     int error_stat;
     unsigned char error_string[dce_c_error_string_len];
+    debug_decl(check_dce_status, SUDO_DEBUG_AUTH)
 
     if (input_status == rpc_s_ok)
-	return 0;
+	debug_return_bool(0);
     dce_error_inq_text(input_status, error_string, &error_stat);
     (void) fprintf(stderr, "%s %s\n", comment, error_string);
-    return 1;
+    debug_return_bool(1);
 }