version 1.1, 2012/02/21 16:23:02
|
version 1.1.1.2, 2012/05/29 12:26:49
|
Line 67
|
Line 67
|
* success. |
* success. |
*/ |
*/ |
int |
int |
securid_init(struct passwd *pw, sudo_auth *auth) | sudo_securid_init(struct passwd *pw, sudo_auth *auth) |
{ |
{ |
static SDI_HANDLE sd_dat; /* SecurID handle */ |
static SDI_HANDLE sd_dat; /* SecurID handle */ |
|
debug_decl(sudo_securid_init, SUDO_DEBUG_AUTH) |
|
|
auth->data = (void *) &sd_dat; /* For method-specific data */ |
auth->data = (void *) &sd_dat; /* For method-specific data */ |
|
|
/* Start communications */ |
/* Start communications */ |
if (AceInitialize() != SD_FALSE) |
if (AceInitialize() != SD_FALSE) |
return AUTH_SUCCESS; | debug_return_int(AUTH_SUCCESS); |
|
|
warningx(_("failed to initialise the ACE API library")); |
warningx(_("failed to initialise the ACE API library")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
} |
} |
|
|
/* |
/* |
Line 95 securid_init(struct passwd *pw, sudo_auth *auth)
|
Line 96 securid_init(struct passwd *pw, sudo_auth *auth)
|
* otherwise |
* otherwise |
*/ |
*/ |
int |
int |
securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth) | sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth) |
{ |
{ |
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data; |
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data; |
int retval; |
int retval; |
|
debug_decl(sudo_securid_setup, SUDO_DEBUG_AUTH) |
|
|
/* Re-initialize SecurID every time. */ |
/* Re-initialize SecurID every time. */ |
if (SD_Init(sd) != ACM_OK) { |
if (SD_Init(sd) != ACM_OK) { |
warningx(_("unable to contact the SecurID server")); |
warningx(_("unable to contact the SecurID server")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
} |
} |
|
|
/* Lock new PIN code */ |
/* Lock new PIN code */ |
Line 112 securid_setup(struct passwd *pw, char **promptp, sudo_
|
Line 114 securid_setup(struct passwd *pw, char **promptp, sudo_
|
switch (retval) { |
switch (retval) { |
case ACM_OK: |
case ACM_OK: |
warningx(_("User ID locked for SecurID Authentication")); |
warningx(_("User ID locked for SecurID Authentication")); |
return AUTH_SUCCESS; | debug_return_int(AUTH_SUCCESS); |
|
|
case ACE_UNDEFINED_USERNAME: |
case ACE_UNDEFINED_USERNAME: |
warningx(_("invalid username length for SecurID")); |
warningx(_("invalid username length for SecurID")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
|
|
case ACE_ERR_INVALID_HANDLE: |
case ACE_ERR_INVALID_HANDLE: |
warningx(_("invalid Authentication Handle for SecurID")); |
warningx(_("invalid Authentication Handle for SecurID")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
|
|
case ACM_ACCESS_DENIED: |
case ACM_ACCESS_DENIED: |
warningx(_("SecurID communication failed")); |
warningx(_("SecurID communication failed")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
|
|
default: |
default: |
warningx(_("unknown SecurID error")); |
warningx(_("unknown SecurID error")); |
return AUTH_FATAL; | debug_return_int(AUTH_FATAL); |
} |
} |
} |
} |
|
|
Line 145 securid_setup(struct passwd *pw, char **promptp, sudo_
|
Line 147 securid_setup(struct passwd *pw, char **promptp, sudo_
|
* incorrect authentication, fatal on errors |
* incorrect authentication, fatal on errors |
*/ |
*/ |
int |
int |
securid_verify(struct passwd *pw, char *pass, sudo_auth *auth) | sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth) |
{ |
{ |
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data; |
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data; |
int rval; |
int rval; |
|
debug_decl(sudo_securid_verify, SUDO_DEBUG_AUTH) |
|
|
pass = auth_getpass("Enter your PASSCODE: ", |
pass = auth_getpass("Enter your PASSCODE: ", |
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF); |
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF); |
Line 218 then enter the new token code.\n", \
|
Line 221 then enter the new token code.\n", \
|
SD_Close(*sd); |
SD_Close(*sd); |
|
|
/* Return stored state to calling process */ |
/* Return stored state to calling process */ |
return rval; | debug_return_int(rval); |
} |
} |