/*
- * $Id: uams_dhx2_pam.c,v 1.2 2008-11-24 20:15:55 didg Exp $
+ * $Id: uams_dhx2_pam.c,v 1.6 2009-01-15 04:16:32 didg Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
/*********************************************************
* Crypto helper func to generate p and g for use in DH.
- * libgcrpyt doesn't provide one directly.
+ * libgcrypt doesn't provide one directly.
* Algorithm taken from GNUTLS:gnutls_dh_primes.c
*********************************************************/
};
-static int dhx2_setup(void *obj, char *ibuf, int ibuflen _U_,
+static int dhx2_setup(void *obj, char *ibuf _U_, int ibuflen _U_,
char *rbuf, int *rbuflen)
{
int ret;
/* -------------------------------- */
-static int logincont1(void *obj, char *ibuf, int ibuflen, char *rbuf, int *rbuflen)
+static int logincont1(void *obj _U_, char *ibuf, int ibuflen, char *rbuf, int *rbuflen)
{
int ret;
size_t nwritten;
gcry_cipher_hd_t ctx;
gcry_error_t ctxerror;
+ *rbuflen = 0;
+
Mb = gcry_mpi_new(0);
K = gcry_mpi_new(0);
clientNonce = gcry_mpi_new(0);
static int logincont2(void *obj, struct passwd **uam_pwd,
char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+ char *rbuf _U_, int *rbuflen)
{
int ret;
int PAM_error;
*rbuflen = 0;
- /* Packet size should be: Session ID + ServerNonce + Passwd buffer */
- if (ibuflen != 2 + 16 + 256) {
- LOG(log_error, logtype_uams, "DHX2: Paket length not correct");
+ /* Packet size should be: Session ID + ServerNonce + Passwd buffer (evantually +10 extra bytes, see Apples Docs) */
+ if ((ibuflen != 2 + 16 + 256) && (ibuflen != 2 + 16 + 256 + 10)) {
+ LOG(log_error, logtype_uams, "DHX2: Paket length not correct: %d. Should be 274 or 284.", ibuflen);
ret = AFPERR_PARAM;
goto error_noctx;
}
/* We use this to serialize the three incoming FPChangePassword calls */
static int dhx2_changepw_status = 1;
- int ret;
+ int ret = AFPERR_NOTAUTH; /* gcc can't figure out it's always initialized */
switch (dhx2_changepw_status) {
case 1:
ret = changepw_1( obj, uname, ibuf, ibuflen, rbuf, rbuflen);
if ( ret == AFPERR_AUTHCONT)
- dhx2_changepw_status += 1;
+ dhx2_changepw_status = 2;
break;
case 2:
ret = changepw_2( obj, ibuf, ibuflen, rbuf, rbuflen);
if ( ret == AFPERR_AUTHCONT)
- dhx2_changepw_status += 1;
+ dhx2_changepw_status = 3;
else
dhx2_changepw_status = 1;
break;