mod-auth-commit

[<fir...@us...>]

Update of /cvsroot/mod-auth/mod_authn_pam/src
In directory sc8-pr-cvs1:/tmp/cvs-serv8962/src

Modified Files:
	mod_authn_pam.c 
Log Message:
add respcode stuff.

Still doesn't work in FreeBSD.


Index: mod_authn_pam.c
===================================================================
RCS file: /cvsroot/mod-auth/mod_authn_pam/src/mod_authn_pam.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** mod_authn_pam.c	11 Nov 2003 08:39:27 -0000	1.1
--- mod_authn_pam.c	11 Nov 2003 08:53:07 -0000	1.2
***************
*** 62,67 ****
  #include <security/pam_appl.h>
  
- /* change this to 0 on RedHat 4.x */
- #define PAM_STRE_NEEDS_PAMH 1
  #define VERSION "2.0-1.1"
  
--- 62,65 ----
***************
*** 69,73 ****
  
  static const char
!         *pam_servicename = "sshd",
          *valid_user      = "valid-user";
  
--- 67,71 ----
  
  static const char
!         *pam_servicename = "httpd",
          *valid_user      = "valid-user";
  
***************
*** 87,99 ****
  #endif
  
- /*
-  * the pam_strerror function has different parameters in early PAM
-  * versions
-  */
- #ifndef PAM_STRE_NEEDS_PAMH
- #define compat_pam_strerror(pamh, res) pam_strerror(res)
- #else
  #define compat_pam_strerror(pamh, res) pam_strerror(pamh, res)
- #endif
  
  /*
--- 85,89 ----
***************
*** 174,188 ****
      for (i = 0; i < num_msg; i++) {
  	/* initialize to safe values */
! 	response[i].resp_retcode = 0;
! 	response[i].resp = 0;
  
  	/* select response based on requested output style */
  	switch (msg[i]->msg_style) {
  	case PAM_PROMPT_ECHO_ON:
  	    /* on memory allocation failure, auth fails */
  	    response[i].resp = strdup(userinfo->name);
  	    break;
  	case PAM_PROMPT_ECHO_OFF:
  	    response[i].resp = strdup(userinfo->pw);
  	    break;
  	default:
--- 164,185 ----
      for (i = 0; i < num_msg; i++) {
  	/* initialize to safe values */
! //	response[i].resp_retcode = 0;
! //	response[i].resp = 0;
  
  	/* select response based on requested output style */
  	switch (msg[i]->msg_style) {
+ 
+         // XXXX:(SECURITY) 
+         //       This whole section needs better error checking
+         //       See pure-ftpd-1.0.16c/src/log_pam.c:PAM_conv for a better example
+ 
  	case PAM_PROMPT_ECHO_ON:
  	    /* on memory allocation failure, auth fails */
  	    response[i].resp = strdup(userinfo->name);
+ 	    response[i].resp_retcode = PAM_SUCCESS;
  	    break;
  	case PAM_PROMPT_ECHO_OFF:
  	    response[i].resp = strdup(userinfo->pw);
+ 	    response[i].resp_retcode = PAM_SUCCESS;
  	    break;
  	default: