summaryrefslogtreecommitdiff
path: root/auth-krb4.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2003-09-01 18:52:37 +0000
committerColin Watson <cjwatson@debian.org>2003-09-01 18:52:37 +0000
commit854156dd39acbde9b4a47ec0fc54a042ea7358e0 (patch)
tree96755f8590acc2146f4b4ef5b5cdba600e5d9353 /auth-krb4.c
parentfad82e8999e790899083f9e22a1841148d746df6 (diff)
parent053db7da5ce09acdf742789d9d1a05e81d4861d0 (diff)
Import OpenSSH 3.6.1p2.
Diffstat (limited to 'auth-krb4.c')
-rw-r--r--auth-krb4.c22
1 files changed, 11 insertions, 11 deletions
diff --git a/auth-krb4.c b/auth-krb4.c
index 0cc058387..b28df469f 100644
--- a/auth-krb4.c
+++ b/auth-krb4.c
@@ -78,7 +78,7 @@ krb4_init(void *context)
78 return (1); 78 return (1);
79 } 79 }
80 /* Failure - cancel cleanup function, leaving ticket for inspection. */ 80 /* Failure - cancel cleanup function, leaving ticket for inspection. */
81 logit("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); 81 log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file);
82 82
83 fatal_remove_cleanup(krb4_cleanup_proc, authctxt); 83 fatal_remove_cleanup(krb4_cleanup_proc, authctxt);
84 cleanup_registered = 0; 84 cleanup_registered = 0;
@@ -114,7 +114,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
114 if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { 114 if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
115 /* Set up our ticket file. */ 115 /* Set up our ticket file. */
116 if (!krb4_init(authctxt)) { 116 if (!krb4_init(authctxt)) {
117 logit("Couldn't initialize Kerberos ticket file for %s!", 117 log("Couldn't initialize Kerberos ticket file for %s!",
118 pw->pw_name); 118 pw->pw_name);
119 goto failure; 119 goto failure;
120 } 120 }
@@ -141,7 +141,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
141 141
142 if (r == KSUCCESS) { 142 if (r == KSUCCESS) {
143 if ((hp = gethostbyname(localhost)) == NULL) { 143 if ((hp = gethostbyname(localhost)) == NULL) {
144 logit("Couldn't get local host address!"); 144 log("Couldn't get local host address!");
145 goto failure; 145 goto failure;
146 } 146 }
147 memmove((void *)&faddr, (void *)hp->h_addr, 147 memmove((void *)&faddr, (void *)hp->h_addr,
@@ -155,12 +155,12 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
155 * Probably didn't have a srvtab on 155 * Probably didn't have a srvtab on
156 * localhost. Disallow login. 156 * localhost. Disallow login.
157 */ 157 */
158 logit("Kerberos v4 TGT for %s unverifiable, " 158 log("Kerberos v4 TGT for %s unverifiable, "
159 "no srvtab installed? krb_rd_req: %s", 159 "no srvtab installed? krb_rd_req: %s",
160 pw->pw_name, krb_err_txt[r]); 160 pw->pw_name, krb_err_txt[r]);
161 goto failure; 161 goto failure;
162 } else if (r != KSUCCESS) { 162 } else if (r != KSUCCESS) {
163 logit("Kerberos v4 %s ticket unverifiable: %s", 163 log("Kerberos v4 %s ticket unverifiable: %s",
164 KRB4_SERVICE_NAME, krb_err_txt[r]); 164 KRB4_SERVICE_NAME, krb_err_txt[r]);
165 goto failure; 165 goto failure;
166 } 166 }
@@ -169,7 +169,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password)
169 * Disallow login if no rcmd service exists, and 169 * Disallow login if no rcmd service exists, and
170 * log the error. 170 * log the error.
171 */ 171 */
172 logit("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " 172 log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s "
173 "not registered, or srvtab is wrong?", pw->pw_name, 173 "not registered, or srvtab is wrong?", pw->pw_name,
174 krb_err_txt[r], KRB4_SERVICE_NAME, phost); 174 krb_err_txt[r], KRB4_SERVICE_NAME, phost);
175 goto failure; 175 goto failure;
@@ -249,7 +249,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
249 249
250 /* Check ~/.klogin authorization now. */ 250 /* Check ~/.klogin authorization now. */
251 if (kuserok(&adat, authctxt->user) != KSUCCESS) { 251 if (kuserok(&adat, authctxt->user) != KSUCCESS) {
252 logit("Kerberos v4 .klogin authorization failed for %s to " 252 log("Kerberos v4 .klogin authorization failed for %s to "
253 "account %s", *client, authctxt->user); 253 "account %s", *client, authctxt->user);
254 xfree(*client); 254 xfree(*client);
255 *client = NULL; 255 *client = NULL;
@@ -289,14 +289,14 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string)
289 temporarily_use_uid(pw); 289 temporarily_use_uid(pw);
290 290
291 if (!radix_to_creds(string, &creds)) { 291 if (!radix_to_creds(string, &creds)) {
292 logit("Protocol error decoding Kerberos v4 TGT"); 292 log("Protocol error decoding Kerberos v4 TGT");
293 goto failure; 293 goto failure;
294 } 294 }
295 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ 295 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
296 strlcpy(creds.service, "krbtgt", sizeof creds.service); 296 strlcpy(creds.service, "krbtgt", sizeof creds.service);
297 297
298 if (strcmp(creds.service, "krbtgt")) { 298 if (strcmp(creds.service, "krbtgt")) {
299 logit("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", 299 log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s",
300 creds.pname, creds.pinst[0] ? "." : "", creds.pinst, 300 creds.pname, creds.pinst[0] ? "." : "", creds.pinst,
301 creds.realm, pw->pw_name); 301 creds.realm, pw->pw_name);
302 goto failure; 302 goto failure;
@@ -343,7 +343,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
343 return (0); 343 return (0);
344 344
345 if (!radix_to_creds(token_string, &creds)) { 345 if (!radix_to_creds(token_string, &creds)) {
346 logit("Protocol error decoding AFS token"); 346 log("Protocol error decoding AFS token");
347 return (0); 347 return (0);
348 } 348 }
349 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ 349 if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */
@@ -355,7 +355,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string)
355 uid = pw->pw_uid; 355 uid = pw->pw_uid;
356 356
357 if (kafs_settoken(creds.realm, uid, &creds)) { 357 if (kafs_settoken(creds.realm, uid, &creds)) {
358 logit("AFS token (%s@%s) rejected for %s", 358 log("AFS token (%s@%s) rejected for %s",
359 creds.pname, creds.realm, pw->pw_name); 359 creds.pname, creds.realm, pw->pw_name);
360 memset(&creds, 0, sizeof(creds)); 360 memset(&creds, 0, sizeof(creds));
361 return (0); 361 return (0);