/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2008-2012 The OpenLDAP Foundation.
+ * Copyright 2008-2015 The OpenLDAP Foundation.
* Portions Copyright 2008 Howard Chu.
+ * Portions Copyright 2013 Ted C. Cheng, Symas Corp.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
struct berval ni_pam_template;
struct berval ni_pam_defhost;
struct berval *ni_pam_sessions;
+ struct berval ni_pam_password_prohibit_message;
+ struct berval ni_pam_pwdmgr_dn;
+ struct berval ni_pam_pwdmgr_pwd;
} nssov_info;
#define NI_PAM_USERHOST 1 /* old style host checking */
Debug(LDAP_DEBUG_ANY,"nssov: client supplied argument too large\n",0,0,0); \
return -1;
-#define WRITE_BERVAL(fp,bv) \
- DEBUG_PRINT("WRITE_STRING: var="__STRING(bv)" string=\"%s\"",(bv)->bv_val); \
- if ((bv)==NULL) \
- { \
- WRITE_INT32(fp,0); \
- } \
- else \
- { \
- WRITE_INT32(fp,(bv)->bv_len); \
- if (tmpint32>0) \
- { WRITE(fp,(bv)->bv_val,tmpint32); } \
- }
-
-#define WRITE_BVARRAY(fp,arr) \
- /* first determine length of array */ \
- for (tmp3int32=0;(arr)[tmp3int32].bv_val!=NULL;tmp3int32++) \
- /*nothing*/ ; \
- /* write number of strings */ \
- DEBUG_PRINT("WRITE_BVARRAY: var="__STRING(arr)" num=%d",(int)tmp3int32); \
- WRITE_TYPE(fp,tmp3int32,int32_t); \
- /* write strings */ \
- for (tmp2int32=0;tmp2int32<tmp3int32;tmp2int32++) \
- { \
- WRITE_BERVAL(fp,&(arr)[tmp2int32]); \
- }
+#define WRITE_BERVAL(fp, bv) \
+ DEBUG_PRINT("WRITE_BERVAL: var="__STRING(bv)" bv_val=\"%s\"", (bv)->bv_val); \
+ if ((bv) == NULL) \
+ { \
+ WRITE_INT32(fp, 0); \
+ } \
+ else \
+ { \
+ WRITE_INT32(fp, (bv)->bv_len); \
+ tmpint32 = ntohl(tmpint32); \
+ if (tmpint32 > 0) \
+ { \
+ WRITE(fp, (bv)->bv_val, tmpint32); \
+ } \
+ } \
+
+#define WRITE_BVARRAY(fp, arr) \
+ if ((arr) == NULL) \
+ { \
+ DEBUG_PRINT("WRITE_BVARRAY: var="__STRING(arr)" num=%d", 0); \
+ WRITE_INT32(fp, 0); \
+ } \
+ else \
+ { \
+ /* first determine length of array */ \
+ for (tmp3int32 = 0; (arr)[tmp3int32].bv_val != NULL; tmp3int32++) \
+ /* nothing */ ; \
+ /* write number of strings */ \
+ DEBUG_PRINT("WRITE_BVARRAY: var="__STRING(arr)" num=%d", (int)tmp3int32); \
+ WRITE_INT32(fp, tmp3int32); \
+ /* write strings */ \
+ for (tmp2int32 = 0; tmp2int32 < tmp3int32; tmp2int32++) \
+ { \
+ WRITE_BERVAL(fp, &(arr)[tmp2int32]); \
+ } \
+ } \
+
+/* Find the given attribute's value in the RDN of the DN. */
+void nssov_find_rdnval(struct berval *dn,AttributeDescription *ad,struct berval *value);
/* This tries to get the user password attribute from the entry.
It will try to return an encrypted password as it is used in /etc/passwd,
int nssov_service_all(nssov_info *ni,TFILE *fp,Operation *op);
int nssov_shadow_byname(nssov_info *ni,TFILE *fp,Operation *op);
int nssov_shadow_all(nssov_info *ni,TFILE *fp,Operation *op);
-int pam_authc(nssov_info *ni,TFILE *fp,Operation *op);
+int pam_authc(nssov_info *ni,TFILE *fp,Operation *op,uid_t calleruid);
int pam_authz(nssov_info *ni,TFILE *fp,Operation *op);
int pam_sess_o(nssov_info *ni,TFILE *fp,Operation *op);
int pam_sess_c(nssov_info *ni,TFILE *fp,Operation *op);
-int pam_pwmod(nssov_info *ni,TFILE *fp,Operation *op);
+int pam_pwmod(nssov_info *ni,TFILE *fp,Operation *op,uid_t calleruid);
/* config initialization */
#define NSSOV_INIT(db) \
{ \
/* define common variables */ \
int32_t tmpint32; \
- int rc; \
nssov_##db##_cbp cbp; \
slap_callback cb = {0}; \
SlapReply rs = {REP_RESULT}; \
projects / openldap / blobdiff