Ignore:
Timestamp:
Apr 29, 2011, 9:07:15 PM (11 years ago)
Author:
achernya
Message:
(Hopefully) final version of the Scripts krb5 patch, that removes the function into which the .k5login filename generating code was refactored into
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/fc15-dev/server/common/patches/krb5-kuserok-scripts.patch

    r1810 r1820  
    2929 #if defined(_AIX) && defined(_IBMR2)
    3030 #include <sys/access.h>
    31 @@ -93,13 +94,12 @@
     31@@ -51,39 +52,6 @@
     32 enum result { ACCEPT, REJECT, PASS };
     33 
     34 /*
     35- * Find the k5login filename for luser, either in the user's homedir or in a
     36- * configured directory under the username.
     37- */
     38-static krb5_error_code
     39-get_k5login_filename(krb5_context context, const char *luser,
     40-                     const char *homedir, char **filename_out)
     41-{
     42-    krb5_error_code ret;
     43-    char *dir, *filename;
     44-
     45-    *filename_out = NULL;
     46-    ret = profile_get_string(context->profile, KRB5_CONF_LIBDEFAULTS,
     47-                             KRB5_CONF_K5LOGIN_DIRECTORY, NULL, NULL, &dir);
     48-    if (ret != 0)
     49-        return ret;
     50-
     51-    if (dir == NULL) {
     52-        /* Look in the user's homedir. */
     53-        if (asprintf(&filename, "%s/.k5login", homedir) < 0)
     54-            return ENOMEM;
     55-    } else {
     56-        /* Look in the configured directory. */
     57-        if (asprintf(&filename, "%s/%s", dir, luser) < 0)
     58-            ret = ENOMEM;
     59-        profile_release_string(dir);
     60-        if (ret)
     61-            return ret;
     62-    }
     63-    *filename_out = filename;
     64-    return 0;
     65-}
     66-
     67-/*
     68  * Determine whether principal is authorized to log in as luser according to
     69  * the user's k5login file.  Return ACCEPT if the k5login file authorizes the
     70  * principal, PASS if the k5login file does not exist, or REJECT if the k5login
     71@@ -93,13 +61,12 @@
    3272 static enum result
    3373 k5login_ok(krb5_context context, krb5_principal principal, const char *luser)
     
    3676+    int authoritative = TRUE;
    3777     enum result result = REJECT;
    38      char *filename = NULL, *princname = NULL;
     78-    char *filename = NULL, *princname = NULL;
    3979-    char *newline, linebuf[BUFSIZ], pwbuf[BUFSIZ];
    4080-    struct stat sbuf;
     81+    char *princname = NULL;
    4182+    char pwbuf[BUFSIZ];
    4283     struct passwd pwx, *pwd;
     
    4687     if (profile_get_boolean(context->profile, KRB5_CONF_LIBDEFAULTS,
    4788                             KRB5_CONF_K5LOGIN_AUTHORITATIVE, NULL, TRUE,
    48 @@ -110,46 +110,30 @@
     89@@ -110,46 +77,29 @@
    4990     if (k5_getpwnam_r(luser, &pwx, pwbuf, sizeof(pwbuf), &pwd) != 0)
    5091         goto cleanup;
     
    102143 cleanup:
    103144     free(princname);
    104      free(filename);
     145-    free(filename);
    105146-    if (fp != NULL)
    106147-        fclose(fp);
Note: See TracChangeset for help on using the changeset viewer.