diff options
author | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:52:37 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:52:37 +0000 |
commit | 854156dd39acbde9b4a47ec0fc54a042ea7358e0 (patch) | |
tree | 96755f8590acc2146f4b4ef5b5cdba600e5d9353 /auth-krb4.c | |
parent | fad82e8999e790899083f9e22a1841148d746df6 (diff) | |
parent | 053db7da5ce09acdf742789d9d1a05e81d4861d0 (diff) |
Import OpenSSH 3.6.1p2.
Diffstat (limited to 'auth-krb4.c')
-rw-r--r-- | auth-krb4.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/auth-krb4.c b/auth-krb4.c index 0cc058387..b28df469f 100644 --- a/auth-krb4.c +++ b/auth-krb4.c | |||
@@ -78,7 +78,7 @@ krb4_init(void *context) | |||
78 | return (1); | 78 | return (1); |
79 | } | 79 | } |
80 | /* Failure - cancel cleanup function, leaving ticket for inspection. */ | 80 | /* Failure - cancel cleanup function, leaving ticket for inspection. */ |
81 | logit("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); | 81 | log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); |
82 | 82 | ||
83 | fatal_remove_cleanup(krb4_cleanup_proc, authctxt); | 83 | fatal_remove_cleanup(krb4_cleanup_proc, authctxt); |
84 | cleanup_registered = 0; | 84 | cleanup_registered = 0; |
@@ -114,7 +114,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
114 | if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { | 114 | if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { |
115 | /* Set up our ticket file. */ | 115 | /* Set up our ticket file. */ |
116 | if (!krb4_init(authctxt)) { | 116 | if (!krb4_init(authctxt)) { |
117 | logit("Couldn't initialize Kerberos ticket file for %s!", | 117 | log("Couldn't initialize Kerberos ticket file for %s!", |
118 | pw->pw_name); | 118 | pw->pw_name); |
119 | goto failure; | 119 | goto failure; |
120 | } | 120 | } |
@@ -141,7 +141,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
141 | 141 | ||
142 | if (r == KSUCCESS) { | 142 | if (r == KSUCCESS) { |
143 | if ((hp = gethostbyname(localhost)) == NULL) { | 143 | if ((hp = gethostbyname(localhost)) == NULL) { |
144 | logit("Couldn't get local host address!"); | 144 | log("Couldn't get local host address!"); |
145 | goto failure; | 145 | goto failure; |
146 | } | 146 | } |
147 | memmove((void *)&faddr, (void *)hp->h_addr, | 147 | memmove((void *)&faddr, (void *)hp->h_addr, |
@@ -155,12 +155,12 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
155 | * Probably didn't have a srvtab on | 155 | * Probably didn't have a srvtab on |
156 | * localhost. Disallow login. | 156 | * localhost. Disallow login. |
157 | */ | 157 | */ |
158 | logit("Kerberos v4 TGT for %s unverifiable, " | 158 | log("Kerberos v4 TGT for %s unverifiable, " |
159 | "no srvtab installed? krb_rd_req: %s", | 159 | "no srvtab installed? krb_rd_req: %s", |
160 | pw->pw_name, krb_err_txt[r]); | 160 | pw->pw_name, krb_err_txt[r]); |
161 | goto failure; | 161 | goto failure; |
162 | } else if (r != KSUCCESS) { | 162 | } else if (r != KSUCCESS) { |
163 | logit("Kerberos v4 %s ticket unverifiable: %s", | 163 | log("Kerberos v4 %s ticket unverifiable: %s", |
164 | KRB4_SERVICE_NAME, krb_err_txt[r]); | 164 | KRB4_SERVICE_NAME, krb_err_txt[r]); |
165 | goto failure; | 165 | goto failure; |
166 | } | 166 | } |
@@ -169,7 +169,7 @@ auth_krb4_password(Authctxt *authctxt, const char *password) | |||
169 | * Disallow login if no rcmd service exists, and | 169 | * Disallow login if no rcmd service exists, and |
170 | * log the error. | 170 | * log the error. |
171 | */ | 171 | */ |
172 | logit("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " | 172 | log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " |
173 | "not registered, or srvtab is wrong?", pw->pw_name, | 173 | "not registered, or srvtab is wrong?", pw->pw_name, |
174 | krb_err_txt[r], KRB4_SERVICE_NAME, phost); | 174 | krb_err_txt[r], KRB4_SERVICE_NAME, phost); |
175 | goto failure; | 175 | goto failure; |
@@ -249,7 +249,7 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply) | |||
249 | 249 | ||
250 | /* Check ~/.klogin authorization now. */ | 250 | /* Check ~/.klogin authorization now. */ |
251 | if (kuserok(&adat, authctxt->user) != KSUCCESS) { | 251 | if (kuserok(&adat, authctxt->user) != KSUCCESS) { |
252 | logit("Kerberos v4 .klogin authorization failed for %s to " | 252 | log("Kerberos v4 .klogin authorization failed for %s to " |
253 | "account %s", *client, authctxt->user); | 253 | "account %s", *client, authctxt->user); |
254 | xfree(*client); | 254 | xfree(*client); |
255 | *client = NULL; | 255 | *client = NULL; |
@@ -289,14 +289,14 @@ auth_krb4_tgt(Authctxt *authctxt, const char *string) | |||
289 | temporarily_use_uid(pw); | 289 | temporarily_use_uid(pw); |
290 | 290 | ||
291 | if (!radix_to_creds(string, &creds)) { | 291 | if (!radix_to_creds(string, &creds)) { |
292 | logit("Protocol error decoding Kerberos v4 TGT"); | 292 | log("Protocol error decoding Kerberos v4 TGT"); |
293 | goto failure; | 293 | goto failure; |
294 | } | 294 | } |
295 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ | 295 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ |
296 | strlcpy(creds.service, "krbtgt", sizeof creds.service); | 296 | strlcpy(creds.service, "krbtgt", sizeof creds.service); |
297 | 297 | ||
298 | if (strcmp(creds.service, "krbtgt")) { | 298 | if (strcmp(creds.service, "krbtgt")) { |
299 | logit("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", | 299 | log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", |
300 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, | 300 | creds.pname, creds.pinst[0] ? "." : "", creds.pinst, |
301 | creds.realm, pw->pw_name); | 301 | creds.realm, pw->pw_name); |
302 | goto failure; | 302 | goto failure; |
@@ -343,7 +343,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) | |||
343 | return (0); | 343 | return (0); |
344 | 344 | ||
345 | if (!radix_to_creds(token_string, &creds)) { | 345 | if (!radix_to_creds(token_string, &creds)) { |
346 | logit("Protocol error decoding AFS token"); | 346 | log("Protocol error decoding AFS token"); |
347 | return (0); | 347 | return (0); |
348 | } | 348 | } |
349 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ | 349 | if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ |
@@ -355,7 +355,7 @@ auth_afs_token(Authctxt *authctxt, const char *token_string) | |||
355 | uid = pw->pw_uid; | 355 | uid = pw->pw_uid; |
356 | 356 | ||
357 | if (kafs_settoken(creds.realm, uid, &creds)) { | 357 | if (kafs_settoken(creds.realm, uid, &creds)) { |
358 | logit("AFS token (%s@%s) rejected for %s", | 358 | log("AFS token (%s@%s) rejected for %s", |
359 | creds.pname, creds.realm, pw->pw_name); | 359 | creds.pname, creds.realm, pw->pw_name); |
360 | memset(&creds, 0, sizeof(creds)); | 360 | memset(&creds, 0, sizeof(creds)); |
361 | return (0); | 361 | return (0); |