embedaddon/sudo/plugins/sudoers/auth/fwtk.c - diff

Return to fwtk.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers / auth

Diff for /embedaddon/sudo/plugins/sudoers/auth/fwtk.c between versions 1.1.1.1 and 1.1.1.2

version 1.1.1.1, 2012/02/21 16:23:02	version 1.1.1.2, 2012/05/29 12:26:49
Line 50	Line 50
#include "sudo_auth.h"	#include "sudo_auth.h"

int	int
fwtk_init(struct passwd pw, sudo_auth auth)	sudo_fwtk_init(struct passwd pw, sudo_auth auth)
{	{
static Cfg confp; / Configuration entry struct */	static Cfg confp; / Configuration entry struct */
char resp[128]; /* Response from the server */	char resp[128]; /* Response from the server */
	debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)

if ((confp = cfg_read("sudo")) == (Cfg *)-1) {	if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
warningx(_("unable to read fwtk config"));	warningx(_("unable to read fwtk config"));
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}

if (auth_open(confp)) {	if (auth_open(confp)) {
warningx(_("unable to connect to authentication server"));	warningx(_("unable to connect to authentication server"));
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}

/* Get welcome message from auth server */	/* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) {	if (auth_recv(resp, sizeof(resp))) {
warningx(_("lost connection to authentication server"));	warningx(_("lost connection to authentication server"));
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}
if (strncmp(resp, "Authsrv ready", 13) != 0) {	if (strncmp(resp, "Authsrv ready", 13) != 0) {
warningx(_("authentication server error:\n%s"), resp);	warningx(_("authentication server error:\n%s"), resp);
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}

return AUTH_SUCCESS;	debug_return_int(AUTH_SUCCESS);
}	}

int	int
fwtk_verify(struct passwd pw, char prompt, sudo_auth *auth)	sudo_fwtk_verify(struct passwd pw, char prompt, sudo_auth *auth)
{	{
char pass; / Password from the user */	char pass; / Password from the user */
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */	char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */	char resp[128]; /* Response from the server */
int error;	int error;
	debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)

/* Send username to authentication server. */	/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);	(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
restart:	restart:
if (auth_send(buf) \|\| auth_recv(resp, sizeof(resp))) {	if (auth_send(buf) \|\| auth_recv(resp, sizeof(resp))) {
warningx(_("lost connection to authentication server"));	warningx(_("lost connection to authentication server"));
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}

/* Get the password/response from the user. */	/* Get the password/response from the user. */
Line 114 restart:	Line 116 restart:
goto restart;	goto restart;
} else {	} else {
warningx("%s", resp);	warningx("%s", resp);
return AUTH_FATAL;	debug_return_int(AUTH_FATAL);
}	}
if (!pass) { /* ^C or error */	if (!pass) { /* ^C or error */
return AUTH_INTR;	debug_return_int(AUTH_INTR);
}	}

/* Send the user's response to the server */	/* Send the user's response to the server */
Line 140 restart:	Line 142 restart:
done:	done:
zero_bytes(pass, strlen(pass));	zero_bytes(pass, strlen(pass));
zero_bytes(buf, strlen(buf));	zero_bytes(buf, strlen(buf));
return error;	debug_return_int(error);
}	}

int	int
fwtk_cleanup(struct passwd pw, sudo_auth auth)	sudo_fwtk_cleanup(struct passwd pw, sudo_auth auth)
{	{
	debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH)

auth_close();	auth_close();
return AUTH_SUCCESS;	debug_return_int(AUTH_SUCCESS);
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.1
changed lines
	Added in v.1.1.1.2