Attachment #133694 for bug #163840

View | Details | Raw Unified | Return to bug 163840
Collapse All | Expand All




 * krb5_error_code.  If successful, the credentials will be stored in creds.
 */
static krb5_error_code
pkinit_auth(struct pam_args *args, const char *service, krb5_creds **creds)
{
    struct context *ctx = args->ctx;
    krb5_get_init_creds_opt *opts = NULL;

{
    krb5_verify_init_creds_opt opts;
    krb5_keytab keytab = NULL;
    krb5_kt_cursor cursor;
    int cursor_valid = 0;
    krb5_keytab_entry entry;
    krb5_principal princ = NULL;
    const char *message;

        }
        if (retval == 0)
            retval = krb5_kt_start_seq_get(c, keytab, &cursor);
        if (retval == 0) {
            cursor_valid = 1;
            retval = krb5_kt_next_entry(c, keytab, &entry, &cursor);
        }
        if (retval == 0)
            retval = krb5_copy_principal(c, entry.principal, &princ);
        if (retval != 0) {

        }
        if (entry.principal != NULL)
            pamk5_compat_free_keytab_contents(c, &entry);
        if (cursor_valid)
            krb5_kt_end_seq_get(c, keytab, &cursor);
    }
    retval = krb5_verify_init_creds(c, creds, princ, keytab, NULL, &opts);

Lines 14-19 Link Here

(-)pam-krb5-3.8.orig/compat.c (+4 lines)
14	#ifdef HAVE_SECURITY_PAM_MODUTIL_H	14	#ifdef HAVE_SECURITY_PAM_MODUTIL_H
15	# include <security/pam_modutil.h>	15	# include <security/pam_modutil.h>
16	#endif	16	#endif
		17	#ifndef HAVE_PAM_MODUTIL_GETPWNAM
		18	# include <sys/types.h>
		19	# include <pwd.h>
		20	#endif
17	#include <stdlib.h>	21	#include <stdlib.h>
18		22
19	#ifdef HAVE_KRB5_MIT	23	#ifdef HAVE_KRB5_MIT

Return to bug 163840

Lines 322-328 Link Here

(-)pam-krb5-3.8.orig/auth.c (-4 / +7 lines)
322	* krb5_error_code. If successful, the credentials will be stored in creds.	322	* krb5_error_code. If successful, the credentials will be stored in creds.
323	*/	323	*/
324	static krb5_error_code	324	static krb5_error_code
325	pkinit_auth(struct pam_args args, char service, krb5_creds **creds)	325	pkinit_auth(struct pam_args args, const char service, krb5_creds **creds)
326	{	326	{
327	struct context *ctx = args->ctx;	327	struct context *ctx = args->ctx;
328	krb5_get_init_creds_opt *opts = NULL;	328	krb5_get_init_creds_opt *opts = NULL;
Lines 410-416 Link Here
410	{	410	{
411	krb5_verify_init_creds_opt opts;	411	krb5_verify_init_creds_opt opts;
412	krb5_keytab keytab = NULL;	412	krb5_keytab keytab = NULL;
413	krb5_kt_cursor cursor = NULL;	413	krb5_kt_cursor cursor;
		414	int cursor_valid = 0;
414	krb5_keytab_entry entry;	415	krb5_keytab_entry entry;
415	krb5_principal princ = NULL;	416	krb5_principal princ = NULL;
416	const char *message;	417	const char *message;
Lines 430-437 Link Here
430	}	431	}
431	if (retval == 0)	432	if (retval == 0)
432	retval = krb5_kt_start_seq_get(c, keytab, &cursor);	433	retval = krb5_kt_start_seq_get(c, keytab, &cursor);
433	if (retval == 0)	434	if (retval == 0) {
		435	cursor_valid = 1;
434	retval = krb5_kt_next_entry(c, keytab, &entry, &cursor);	436	retval = krb5_kt_next_entry(c, keytab, &entry, &cursor);
		437	}
435	if (retval == 0)	438	if (retval == 0)
436	retval = krb5_copy_principal(c, entry.principal, &princ);	439	retval = krb5_copy_principal(c, entry.principal, &princ);
437	if (retval != 0) {	440	if (retval != 0) {
Lines 442-448 Link Here
442	}	445	}
443	if (entry.principal != NULL)	446	if (entry.principal != NULL)
444	pamk5_compat_free_keytab_contents(c, &entry);	447	pamk5_compat_free_keytab_contents(c, &entry);
445	if (cursor != NULL)	448	if (cursor_valid)
446	krb5_kt_end_seq_get(c, keytab, &cursor);	449	krb5_kt_end_seq_get(c, keytab, &cursor);
447	}	450	}
448	retval = krb5_verify_init_creds(c, creds, princ, keytab, NULL, &opts);	451	retval = krb5_verify_init_creds(c, creds, princ, keytab, NULL, &opts);