diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-04-11 00:31:50 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-04-13 09:07:10 -0400 |
| commit | 943df8483b9f8a43df72121883ca67f17571d214 (patch) | |
| tree | a9301004163a7033b4a342057c355da1ea49454b /server/responder/pam/pamsrv_util.c | |
| parent | f16705ecade500f77b525d1a3df0109196c98ee0 (diff) | |
| download | sssd-943df8483b9f8a43df72121883ca67f17571d214.tar.gz sssd-943df8483b9f8a43df72121883ca67f17571d214.tar.bz2 sssd-943df8483b9f8a43df72121883ca67f17571d214.zip | |
Implement credentials caching in pam responder.
Implement credentials caching in pam responder.
Currently works only for the proxy backend.
Also cleanup pam responder code and mode common code in data provider.
(the data provider should never include responder private headers)
Diffstat (limited to 'server/responder/pam/pamsrv_util.c')
| -rw-r--r-- | server/responder/pam/pamsrv_util.c | 188 |
1 files changed, 0 insertions, 188 deletions
diff --git a/server/responder/pam/pamsrv_util.c b/server/responder/pam/pamsrv_util.c deleted file mode 100644 index ab9b733e..00000000 --- a/server/responder/pam/pamsrv_util.c +++ /dev/null @@ -1,188 +0,0 @@ -#include "util/util.h" -#include "responder/pam/pamsrv.h" - -void pam_print_data(int l, struct pam_data *pd) -{ - DEBUG(l, ("command: %d\n", pd->cmd)); - DEBUG(l, ("domain: %s\n", pd->domain)); - DEBUG(l, ("user: %s\n", pd->user)); - DEBUG(l, ("service: %s\n", pd->service)); - DEBUG(l, ("tty: %s\n", pd->tty)); - DEBUG(l, ("ruser: %s\n", pd->ruser)); - DEBUG(l, ("rhost: %s\n", pd->rhost)); - DEBUG(l, ("authtok type: %d\n", pd->authtok_type)); - DEBUG(l, ("authtok size: %d\n", pd->authtok_size)); - DEBUG(l, ("newauthtok type: %d\n", pd->newauthtok_type)); - DEBUG(l, ("newauthtok size: %d\n", pd->newauthtok_size)); -} - -int pam_add_response(struct pam_data *pd, enum response_type type, - int len, const uint8_t *data) -{ - struct response_data *new; - - new = talloc(pd, struct response_data); - if (new == NULL) return ENOMEM; - - new->type = type; - new->len = len; - new->data = talloc_memdup(pd, data, len); - if (new->data == NULL) return ENOMEM; - new->next = pd->resp_list; - pd->resp_list = new; - - return EOK; -} - -bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd) -{ - int ret; - - ret = dbus_message_append_args(msg, - DBUS_TYPE_INT32, &(pd->cmd), - DBUS_TYPE_STRING, &(pd->domain), - DBUS_TYPE_STRING, &(pd->user), - DBUS_TYPE_STRING, &(pd->service), - DBUS_TYPE_STRING, &(pd->tty), - DBUS_TYPE_STRING, &(pd->ruser), - DBUS_TYPE_STRING, &(pd->rhost), - DBUS_TYPE_INT32, &(pd->authtok_type), - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->authtok), - (pd->authtok_size), - DBUS_TYPE_INT32, &(pd->newauthtok_type), - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->newauthtok), - pd->newauthtok_size, - DBUS_TYPE_INVALID); - - return ret; -} - -bool dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error) -{ - int ret; - - ret = dbus_message_get_args(msg, dbus_error, - DBUS_TYPE_INT32, &(pd->cmd), - DBUS_TYPE_STRING, &(pd->domain), - DBUS_TYPE_STRING, &(pd->user), - DBUS_TYPE_STRING, &(pd->service), - DBUS_TYPE_STRING, &(pd->tty), - DBUS_TYPE_STRING, &(pd->ruser), - DBUS_TYPE_STRING, &(pd->rhost), - DBUS_TYPE_INT32, &(pd->authtok_type), - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->authtok), - &(pd->authtok_size), - DBUS_TYPE_INT32, &(pd->newauthtok_type), - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(pd->newauthtok), - &(pd->newauthtok_size), - DBUS_TYPE_INVALID); - - return ret; -} - -bool dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd) -{ - int ret; - struct response_data *resp; - - ret = dbus_message_append_args(msg, - DBUS_TYPE_UINT32, &(pd->pam_status), - DBUS_TYPE_STRING, &(pd->domain), - DBUS_TYPE_INVALID); - if (!ret) return ret; - - resp = pd->resp_list; - while (resp != NULL) { - ret=dbus_message_append_args(msg, - DBUS_TYPE_UINT32, &(resp->type), - DBUS_TYPE_UINT32, &(resp->len), - DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, - &(resp->data), - resp->len, - DBUS_TYPE_INVALID); - if (!ret) return ret; - - resp = resp->next; - } - - return true; -} - -bool dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error) -{ - DBusMessageIter iter; - DBusMessageIter sub_iter; - int type; - int len; - int len_msg; - const uint8_t *data; - - if (!dbus_message_iter_init(msg, &iter)) { - DEBUG(1, ("pam response has no arguments.\n")); - return false; - } - - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_UINT32) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - dbus_message_iter_get_basic(&iter, &(pd->pam_status)); - - if (!dbus_message_iter_next(&iter)) { - DEBUG(1, ("pam response has too few arguments.\n")); - return false; - } - - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_STRING) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - dbus_message_iter_get_basic(&iter, &(pd->domain)); - - while(dbus_message_iter_next(&iter)) { - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_UINT32) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - dbus_message_iter_get_basic(&iter, &type); - - if (!dbus_message_iter_next(&iter)) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_UINT32) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - dbus_message_iter_get_basic(&iter, &len); - - if (!dbus_message_iter_next(&iter)) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - - if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY || - dbus_message_iter_get_element_type(&iter) != DBUS_TYPE_BYTE) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - - dbus_message_iter_recurse(&iter, &sub_iter); - dbus_message_iter_get_fixed_array(&sub_iter, &data, &len_msg); - if (len != len_msg) { - DEBUG(1, ("pam response format error.\n")); - return false; - } - - pam_add_response(pd, type, len, data); - - } - - return true; -} - |