1 files changed, 30 insertions, 30 deletions
diff --git a/auth-pam.c b/auth-pam.c
index 122896c7f..ab985d15b 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -32,7 +32,7 @@
 #include "canohost.h"
 #include "readpass.h"
-RCSID("$Id: auth-pam.c,v 1.23 2001/02/04 12:20:19 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.24 2001/02/05 12:42:17 stevesk Exp $");
 #define NEW_AUTHTOK_MSG \
        "Warning: Your password has expired, please change it now"
@@ -97,7 +97,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
        /* PAM will free this later */
        reply = malloc(num_msg * sizeof(*reply));
        if (reply == NULL)
-                return PAM_CONV_ERR; 
+                return PAM_CONV_ERR;
        for (count = 0; count < num_msg; count++) {
                switch(PAM_MSG_MEMBER(msg, count, msg_style)) {
@@ -120,7 +120,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
                                        }
                                        reply[count].resp = xstrdup(pampasswd);
                                } else {
-                                        reply[count].resp = 
+                                        reply[count].resp =
                                                xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1));
                                }
                                reply[count].resp_retcode = PAM_SUCCESS;
@@ -158,19 +158,19 @@ void pam_cleanup_proc(void *context)
        {
                pam_retval = pam_close_session(pamh, 0);
                if (pam_retval != PAM_SUCCESS) {
-                        log("Cannot close PAM session[%d]: %.200s", 
+                        log("Cannot close PAM session[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
                pam_retval = pam_setcred(pamh, PAM_DELETE_CRED);
                if (pam_retval != PAM_SUCCESS) {
-                        debug("Cannot delete credentials[%d]: %.200s", 
+                        debug("Cannot delete credentials[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
                pam_retval = pam_end(pamh, pam_retval);
                if (pam_retval != PAM_SUCCESS) {
-                        log("Cannot release PAM authentication[%d]: %.200s", 
+                        log("Cannot release PAM authentication[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
        }
@@ -193,15 +193,15 @@ int auth_pam_password(struct passwd *pw, const char *password)
                return 0;
        pampasswd = password;
-        
        pamstate = INITIAL_LOGIN;
        pam_retval = do_pam_authenticate(0);
        if (pam_retval == PAM_SUCCESS) {
-                debug("PAM Password authentication accepted for user \"%.100s\"", 
+                debug("PAM Password authentication accepted for user \"%.100s\"",
                        pw->pw_name);
                return 1;
        } else {
-                debug("PAM Password authentication for \"%.100s\" failed[%d]: %s", 
+                debug("PAM Password authentication for \"%.100s\" failed[%d]: %s",
                        pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval));
                return 0;
        }
@@ -212,13 +212,13 @@ int do_pam_account(char *username, char *remote_user)
 {
        int pam_retval;
        extern ServerOptions options;
-        
-        debug("PAM setting rhost to \"%.200s\"", 
+        debug("PAM setting rhost to \"%.200s\"",
            get_canonical_hostname(options.reverse_mapping_check));
-        pam_retval = pam_set_item(pamh, PAM_RHOST, 
+        pam_retval = pam_set_item(pamh, PAM_RHOST,
                get_canonical_hostname(options.reverse_mapping_check));
        if (pam_retval != PAM_SUCCESS) {
-                fatal("PAM set rhost failed[%d]: %.200s", 
+                fatal("PAM set rhost failed[%d]: %.200s",
                        pam_retval, PAM_STRERROR(pamh, pam_retval));
        }
@@ -226,7 +226,7 @@ int do_pam_account(char *username, char *remote_user)
                debug("PAM setting ruser to \"%.200s\"", remote_user);
                pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user);
                if (pam_retval != PAM_SUCCESS) {
-                        fatal("PAM set ruser failed[%d]: %.200s", 
+                        fatal("PAM set ruser failed[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
        }
@@ -242,11 +242,11 @@ int do_pam_account(char *username, char *remote_user)
                        password_change_required = 1;
                        break;
                default:
-                        log("PAM rejected by account configuration[%d]: %.200s", 
+                        log("PAM rejected by account configuration[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                        return(0);
        }
-        
        return(1);
 }
@@ -259,31 +259,31 @@ void do_pam_session(char *username, const char *ttyname)
                debug("PAM setting tty to \"%.200s\"", ttyname);
                pam_retval = pam_set_item(pamh, PAM_TTY, ttyname);
                if (pam_retval != PAM_SUCCESS) {
-                        fatal("PAM set tty failed[%d]: %.200s", 
+                        fatal("PAM set tty failed[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
        }
        pam_retval = pam_open_session(pamh, 0);
        if (pam_retval != PAM_SUCCESS) {
-                fatal("PAM session setup failed[%d]: %.200s", 
+                fatal("PAM session setup failed[%d]: %.200s",
                        pam_retval, PAM_STRERROR(pamh, pam_retval));
        }
 }
-/* Set PAM credentials */ 
+/* Set PAM credentials */
 void do_pam_setcred(void)
 {
        int pam_retval;
- 
        debug("PAM establishing creds");
        pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED);
        if (pam_retval != PAM_SUCCESS) {
                if(was_authenticated) {
-                        fatal("PAM setcred failed[%d]: %.200s", 
+                        fatal("PAM setcred failed[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                } else {
-                        debug("PAM setcred failed[%d]: %.200s", 
+                        debug("PAM setcred failed[%d]: %.200s",
                                pam_retval, PAM_STRERROR(pamh, pam_retval));
                }
        }
@@ -295,7 +295,7 @@ int pam_password_change_required(void)
        return password_change_required;
 }
-/* 
+/*
 * Have user change authentication token if pam_acct_mgmt() indicated
 * it was expired.  This needs to be called after an interactive
 * session is established and the user's pty is connected to
@@ -313,7 +313,7 @@ void do_pam_chauthtok(void)
                do {
                        pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
                        if (pam_retval != PAM_SUCCESS) {
-                                log("PAM pam_chauthtok failed[%d]: %.200s", 
+                                log("PAM pam_chauthtok failed[%d]: %.200s",
                                        pam_retval, PAM_STRERROR(pamh, pam_retval));
                        }
                } while (pam_retval != PAM_SUCCESS);
@@ -337,21 +337,21 @@ void start_pam(const char *user)
        pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh);
        if (pam_retval != PAM_SUCCESS) {
-                fatal("PAM initialisation failed[%d]: %.200s", 
+                fatal("PAM initialisation failed[%d]: %.200s",
                        pam_retval, PAM_STRERROR(pamh, pam_retval));
        }
 #ifdef PAM_TTY_KLUDGE
        /*
         * Some PAM modules (e.g. pam_time) require a TTY to operate,
-         * and will fail in various stupid ways if they don't get one. 
+         * and will fail in various stupid ways if they don't get one.
         * sshd doesn't set the tty until too late in the auth process and may
         * not even need one (for tty-less connections)
-         * Kludge: Set a fake PAM_TTY 
+         * Kludge: Set a fake PAM_TTY
         */
        pam_retval = pam_set_item(pamh, PAM_TTY, "ssh");
        if (pam_retval != PAM_SUCCESS) {
-                fatal("PAM set tty failed[%d]: %.200s", 
+                fatal("PAM set tty failed[%d]: %.200s",
                        pam_retval, PAM_STRERROR(pamh, pam_retval));
        }
 #endif /* PAM_TTY_KLUDGE */
@@ -383,9 +383,9 @@ void pam_msg_cat(const char *msg)
        char *p;
        size_t new_msg_len;
        size_t pam_msg_len;
-        
        new_msg_len = strlen(msg);
-        
        if (pam_msg) {
                pam_msg_len = strlen(pam_msg);
                pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2);

diff --git a/auth-pam.c b/auth-pam.c index 122896c7f..ab985d15b 100644 --- a/auth-pam.c +++ b/auth-pam.c
@@ -32,7 +32,7 @@
32	#include "canohost.h"	32	#include "canohost.h"
33	#include "readpass.h"	33	#include "readpass.h"
34		34
35	RCSID("$Id: auth-pam.c,v 1.23 2001/02/04 12:20:19 djm Exp $");	35	RCSID("$Id: auth-pam.c,v 1.24 2001/02/05 12:42:17 stevesk Exp $");
36		36
37	#define NEW_AUTHTOK_MSG \	37	#define NEW_AUTHTOK_MSG \
38	"Warning: Your password has expired, please change it now"	38	"Warning: Your password has expired, please change it now"
@@ -97,7 +97,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
97	/* PAM will free this later */	97	/* PAM will free this later */
98	reply = malloc(num_msg * sizeof(*reply));	98	reply = malloc(num_msg * sizeof(*reply));
99	if (reply == NULL)	99	if (reply == NULL)
100	return PAM_CONV_ERR;	100	return PAM_CONV_ERR;
101		101
102	for (count = 0; count < num_msg; count++) {	102	for (count = 0; count < num_msg; count++) {
103	switch(PAM_MSG_MEMBER(msg, count, msg_style)) {	103	switch(PAM_MSG_MEMBER(msg, count, msg_style)) {
@@ -120,7 +120,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
120	}	120	}
121	reply[count].resp = xstrdup(pampasswd);	121	reply[count].resp = xstrdup(pampasswd);
122	} else {	122	} else {
123	reply[count].resp =	123	reply[count].resp =
124	xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1));	124	xstrdup(read_passphrase(PAM_MSG_MEMBER(msg, count, msg), 1));
125	}	125	}
126	reply[count].resp_retcode = PAM_SUCCESS;	126	reply[count].resp_retcode = PAM_SUCCESS;
@@ -158,19 +158,19 @@ void pam_cleanup_proc(void *context)
158	{	158	{
159	pam_retval = pam_close_session(pamh, 0);	159	pam_retval = pam_close_session(pamh, 0);
160	if (pam_retval != PAM_SUCCESS) {	160	if (pam_retval != PAM_SUCCESS) {
161	log("Cannot close PAM session[%d]: %.200s",	161	log("Cannot close PAM session[%d]: %.200s",
162	pam_retval, PAM_STRERROR(pamh, pam_retval));	162	pam_retval, PAM_STRERROR(pamh, pam_retval));
163	}	163	}
164		164
165	pam_retval = pam_setcred(pamh, PAM_DELETE_CRED);	165	pam_retval = pam_setcred(pamh, PAM_DELETE_CRED);
166	if (pam_retval != PAM_SUCCESS) {	166	if (pam_retval != PAM_SUCCESS) {
167	debug("Cannot delete credentials[%d]: %.200s",	167	debug("Cannot delete credentials[%d]: %.200s",
168	pam_retval, PAM_STRERROR(pamh, pam_retval));	168	pam_retval, PAM_STRERROR(pamh, pam_retval));
169	}	169	}
170		170
171	pam_retval = pam_end(pamh, pam_retval);	171	pam_retval = pam_end(pamh, pam_retval);
172	if (pam_retval != PAM_SUCCESS) {	172	if (pam_retval != PAM_SUCCESS) {
173	log("Cannot release PAM authentication[%d]: %.200s",	173	log("Cannot release PAM authentication[%d]: %.200s",
174	pam_retval, PAM_STRERROR(pamh, pam_retval));	174	pam_retval, PAM_STRERROR(pamh, pam_retval));
175	}	175	}
176	}	176	}
@@ -193,15 +193,15 @@ int auth_pam_password(struct passwd pw, const char password)
193	return 0;	193	return 0;
194		194
195	pampasswd = password;	195	pampasswd = password;
196		196
197	pamstate = INITIAL_LOGIN;	197	pamstate = INITIAL_LOGIN;
198	pam_retval = do_pam_authenticate(0);	198	pam_retval = do_pam_authenticate(0);
199	if (pam_retval == PAM_SUCCESS) {	199	if (pam_retval == PAM_SUCCESS) {
200	debug("PAM Password authentication accepted for user \"%.100s\"",	200	debug("PAM Password authentication accepted for user \"%.100s\"",
201	pw->pw_name);	201	pw->pw_name);
202	return 1;	202	return 1;
203	} else {	203	} else {
204	debug("PAM Password authentication for \"%.100s\" failed[%d]: %s",	204	debug("PAM Password authentication for \"%.100s\" failed[%d]: %s",
205	pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval));	205	pw->pw_name, pam_retval, PAM_STRERROR(pamh, pam_retval));
206	return 0;	206	return 0;
207	}	207	}
@@ -212,13 +212,13 @@ int do_pam_account(char username, char remote_user)
212	{	212	{
213	int pam_retval;	213	int pam_retval;
214	extern ServerOptions options;	214	extern ServerOptions options;
215		215
216	debug("PAM setting rhost to \"%.200s\"",	216	debug("PAM setting rhost to \"%.200s\"",
217	get_canonical_hostname(options.reverse_mapping_check));	217	get_canonical_hostname(options.reverse_mapping_check));
218	pam_retval = pam_set_item(pamh, PAM_RHOST,	218	pam_retval = pam_set_item(pamh, PAM_RHOST,
219	get_canonical_hostname(options.reverse_mapping_check));	219	get_canonical_hostname(options.reverse_mapping_check));
220	if (pam_retval != PAM_SUCCESS) {	220	if (pam_retval != PAM_SUCCESS) {
221	fatal("PAM set rhost failed[%d]: %.200s",	221	fatal("PAM set rhost failed[%d]: %.200s",
222	pam_retval, PAM_STRERROR(pamh, pam_retval));	222	pam_retval, PAM_STRERROR(pamh, pam_retval));
223	}	223	}
224		224
@@ -226,7 +226,7 @@ int do_pam_account(char username, char remote_user)
226	debug("PAM setting ruser to \"%.200s\"", remote_user);	226	debug("PAM setting ruser to \"%.200s\"", remote_user);
227	pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user);	227	pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user);
228	if (pam_retval != PAM_SUCCESS) {	228	if (pam_retval != PAM_SUCCESS) {
229	fatal("PAM set ruser failed[%d]: %.200s",	229	fatal("PAM set ruser failed[%d]: %.200s",
230	pam_retval, PAM_STRERROR(pamh, pam_retval));	230	pam_retval, PAM_STRERROR(pamh, pam_retval));
231	}	231	}
232	}	232	}
@@ -242,11 +242,11 @@ int do_pam_account(char username, char remote_user)
242	password_change_required = 1;	242	password_change_required = 1;
243	break;	243	break;
244	default:	244	default:
245	log("PAM rejected by account configuration[%d]: %.200s",	245	log("PAM rejected by account configuration[%d]: %.200s",
246	pam_retval, PAM_STRERROR(pamh, pam_retval));	246	pam_retval, PAM_STRERROR(pamh, pam_retval));
247	return(0);	247	return(0);
248	}	248	}
249		249
250	return(1);	250	return(1);
251	}	251	}
252		252
@@ -259,31 +259,31 @@ void do_pam_session(char username, const char ttyname)
259	debug("PAM setting tty to \"%.200s\"", ttyname);	259	debug("PAM setting tty to \"%.200s\"", ttyname);
260	pam_retval = pam_set_item(pamh, PAM_TTY, ttyname);	260	pam_retval = pam_set_item(pamh, PAM_TTY, ttyname);
261	if (pam_retval != PAM_SUCCESS) {	261	if (pam_retval != PAM_SUCCESS) {
262	fatal("PAM set tty failed[%d]: %.200s",	262	fatal("PAM set tty failed[%d]: %.200s",
263	pam_retval, PAM_STRERROR(pamh, pam_retval));	263	pam_retval, PAM_STRERROR(pamh, pam_retval));
264	}	264	}
265	}	265	}
266		266
267	pam_retval = pam_open_session(pamh, 0);	267	pam_retval = pam_open_session(pamh, 0);
268	if (pam_retval != PAM_SUCCESS) {	268	if (pam_retval != PAM_SUCCESS) {
269	fatal("PAM session setup failed[%d]: %.200s",	269	fatal("PAM session setup failed[%d]: %.200s",
270	pam_retval, PAM_STRERROR(pamh, pam_retval));	270	pam_retval, PAM_STRERROR(pamh, pam_retval));
271	}	271	}
272	}	272	}
273		273
274	/* Set PAM credentials */	274	/* Set PAM credentials */
275	void do_pam_setcred(void)	275	void do_pam_setcred(void)
276	{	276	{
277	int pam_retval;	277	int pam_retval;
278		278
279	debug("PAM establishing creds");	279	debug("PAM establishing creds");
280	pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED);	280	pam_retval = pam_setcred(pamh, PAM_ESTABLISH_CRED);
281	if (pam_retval != PAM_SUCCESS) {	281	if (pam_retval != PAM_SUCCESS) {
282	if(was_authenticated) {	282	if(was_authenticated) {
283	fatal("PAM setcred failed[%d]: %.200s",	283	fatal("PAM setcred failed[%d]: %.200s",
284	pam_retval, PAM_STRERROR(pamh, pam_retval));	284	pam_retval, PAM_STRERROR(pamh, pam_retval));
285	} else {	285	} else {
286	debug("PAM setcred failed[%d]: %.200s",	286	debug("PAM setcred failed[%d]: %.200s",
287	pam_retval, PAM_STRERROR(pamh, pam_retval));	287	pam_retval, PAM_STRERROR(pamh, pam_retval));
288	}	288	}
289	}	289	}
@@ -295,7 +295,7 @@ int pam_password_change_required(void)
295	return password_change_required;	295	return password_change_required;
296	}	296	}
297		297
298	/*	298	/*
299	* Have user change authentication token if pam_acct_mgmt() indicated	299	* Have user change authentication token if pam_acct_mgmt() indicated
300	* it was expired. This needs to be called after an interactive	300	* it was expired. This needs to be called after an interactive
301	* session is established and the user's pty is connected to	301	* session is established and the user's pty is connected to
@@ -313,7 +313,7 @@ void do_pam_chauthtok(void)
313	do {	313	do {
314	pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);	314	pam_retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
315	if (pam_retval != PAM_SUCCESS) {	315	if (pam_retval != PAM_SUCCESS) {
316	log("PAM pam_chauthtok failed[%d]: %.200s",	316	log("PAM pam_chauthtok failed[%d]: %.200s",
317	pam_retval, PAM_STRERROR(pamh, pam_retval));	317	pam_retval, PAM_STRERROR(pamh, pam_retval));
318	}	318	}
319	} while (pam_retval != PAM_SUCCESS);	319	} while (pam_retval != PAM_SUCCESS);
@@ -337,21 +337,21 @@ void start_pam(const char *user)
337	pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh);	337	pam_retval = pam_start(SSHD_PAM_SERVICE, user, &conv, &pamh);
338		338
339	if (pam_retval != PAM_SUCCESS) {	339	if (pam_retval != PAM_SUCCESS) {
340	fatal("PAM initialisation failed[%d]: %.200s",	340	fatal("PAM initialisation failed[%d]: %.200s",
341	pam_retval, PAM_STRERROR(pamh, pam_retval));	341	pam_retval, PAM_STRERROR(pamh, pam_retval));
342	}	342	}
343		343
344	#ifdef PAM_TTY_KLUDGE	344	#ifdef PAM_TTY_KLUDGE
345	/*	345	/*
346	* Some PAM modules (e.g. pam_time) require a TTY to operate,	346	* Some PAM modules (e.g. pam_time) require a TTY to operate,
347	* and will fail in various stupid ways if they don't get one.	347	* and will fail in various stupid ways if they don't get one.
348	* sshd doesn't set the tty until too late in the auth process and may	348	* sshd doesn't set the tty until too late in the auth process and may
349	* not even need one (for tty-less connections)	349	* not even need one (for tty-less connections)
350	* Kludge: Set a fake PAM_TTY	350	* Kludge: Set a fake PAM_TTY
351	*/	351	*/
352	pam_retval = pam_set_item(pamh, PAM_TTY, "ssh");	352	pam_retval = pam_set_item(pamh, PAM_TTY, "ssh");
353	if (pam_retval != PAM_SUCCESS) {	353	if (pam_retval != PAM_SUCCESS) {
354	fatal("PAM set tty failed[%d]: %.200s",	354	fatal("PAM set tty failed[%d]: %.200s",
355	pam_retval, PAM_STRERROR(pamh, pam_retval));	355	pam_retval, PAM_STRERROR(pamh, pam_retval));
356	}	356	}
357	#endif /* PAM_TTY_KLUDGE */	357	#endif /* PAM_TTY_KLUDGE */
@@ -383,9 +383,9 @@ void pam_msg_cat(const char *msg)
383	char *p;	383	char *p;
384	size_t new_msg_len;	384	size_t new_msg_len;
385	size_t pam_msg_len;	385	size_t pam_msg_len;
386		386
387	new_msg_len = strlen(msg);	387	new_msg_len = strlen(msg);
388		388
389	if (pam_msg) {	389	if (pam_msg) {
390	pam_msg_len = strlen(pam_msg);	390	pam_msg_len = strlen(pam_msg);
391	pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2);	391	pam_msg = xrealloc(pam_msg, new_msg_len + pam_msg_len + 2);