#define COPY_STRING(s) (s) ? strdup(s) : NULL
if (num_msg < 1)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
+ /* Log Entry */
return PAM_CONV_ERR;
reply = (struct pam_response *)
calloc(num_msg, sizeof(struct pam_response));
if (!reply)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
+ /* Log Entry */
return PAM_CONV_ERR;
for (count = 0; count < num_msg; count++) {
switch (msg[count]->msg_style) {
case PAM_PROMPT_ECHO_ON:
if (!(string = COPY_STRING(PAM_username)))
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: username failure -- %m");
+ /* Log Entry */
goto pam_fail_conv;
break;
case PAM_PROMPT_ECHO_OFF:
if (!(string = COPY_STRING(PAM_password)))
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: passwd failure: --: %m");
+ /* Log Entry */
goto pam_fail_conv;
break;
case PAM_TEXT_INFO:
break;
case PAM_ERROR_MSG:
default:
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Binary_Prompt -- %m");
+ /* Log Entry */
goto pam_fail_conv;
}
}
*resp = reply;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM Success -- %m");
+ /* Log Entry */
return PAM_SUCCESS;
pam_fail_conv:
}
}
free(reply);
- return PAM_CONV_ERR;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM DHX Conversation Err -- %m");
+ /* Log Entry */
+ return PAM_CONV_ERR;
}
static struct pam_conv PAM_conversation = {
dh->p = pbn;
dh->g = gbn;
if (!DH_generate_key(dh) || (BN_num_bytes(dh->pub_key) > KEYSIZE)) {
- goto pam_fail;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Err Generating Key -- Not enough Space? -- %m");
+ /* Log Entry */
+ goto pam_fail;
}
/* figure out the key. store the key in rbuf for now. */
if (uam_afpserver_option(obj, UAM_OPTION_RANDNUM, (void *) randbuf,
&i) < 0) {
*rbuflen = 0;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Buffer Encryption Err. -- %m");
+ /* Log Entry */
goto pam_fail;
}
memcpy(rbuf, &randbuf, sizeof(randbuf));
if (uam_afpserver_option(obj, UAM_OPTION_SIGNATURE,
(void *) &buf, NULL) < 0) {
*rbuflen = 0;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %m");
+ /* Log Entry */
goto pam_fail;
}
memcpy(rbuf + KEYSIZE, buf, KEYSIZE);
pam_fail:
BN_free(bn);
DH_free(dh);
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Fail - Cast Encryption -- %m");
+ /* Log Entry */
return AFPERR_PARAM;
}
/* grab some of the options */
if (uam_afpserver_option(obj, UAM_OPTION_USERNAME, (void *) &buf,
&i) < 0)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: uam_afpserver_option didn't meet uam_option_username -- %m");
+ /* Log Entry */
return AFPERR_PARAM;
len = (unsigned char) *ibuf++;
if ( len > i ) {
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Signature Retieval Failure -- %m");
+ /* Log Entry */
return( AFPERR_PARAM );
}
++ibuf;
if (( dhxpwd = uam_getname(buf, i)) == NULL ) {
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: User entered a null value -- %m");
+ /* Log Entry */
return AFPERR_PARAM;
}
PAM_error = pam_start("netatalk", PAM_username, &PAM_conversation,
&pamh);
if (PAM_error != PAM_SUCCESS)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", PAM_error);
+ /* Log Entry */
goto logincont_err;
/* solaris craps out if PAM_TTY and PAM_RHOST aren't set. */
if (PAM_error != PAM_SUCCESS) {
if (PAM_error == PAM_MAXTRIES)
err = AFPERR_PWDEXPR;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", PAM_error);
+ /* Log Entry */
goto logincont_err;
}
else if (PAM_error == PAM_AUTHTOKEN_REQD)
err = AFPERR_PWDCHNG;
#endif
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", PAM_error);
+ /* Log Entry */
goto logincont_err;
}
#endif
PAM_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
if (PAM_error != PAM_SUCCESS)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", PAM_error);
+ /* Log Entry */
goto logincont_err;
PAM_error = pam_open_session(pamh, 0);
if (PAM_error != PAM_SUCCESS)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM_Error: %s -- %m", PAM_error);
+ /* Log Entry */
goto logincont_err;
memset(rbuf, 0, PASSWDLEN); /* zero out the password */
*uam_pwd = dhxpwd;
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: PAM Auth OK!: %s -- %m", AFP_OK);
+ /* Log Entry */
return AFP_OK;
logincont_err:
/* check out the session id */
if (sessid != dhxhash(obj))
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Session ID not Equal to DHX Hash -- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
/* we need this for pam */
if (uam_afpserver_option(obj, UAM_OPTION_HOSTNAME,
(void *) &hostname, NULL) < 0)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Hostname Null?? -- %m",);
+ /* Log Entry */
return AFPERR_MISC;
/* grab the client's nonce, old password, and new password. */
/* check to make sure that the random number is the same. we
* get sent back an incremented random number. */
if (!(bn1 = BN_bin2bn(ibuf, KEYSIZE, NULL)))
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented-- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
BN_free(bn1);
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number Not the same or not incremented -- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
}
if (!(bn3 = BN_new())) {
BN_free(bn2);
BN_free(bn1);
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Random Number did not Zero -- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
}
#if 0
if (!BN_is_one(bn3)) {
BN_free(bn3);
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: After Random Number not Zero, is it one more? -- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
}
#endif
PAM_error = pam_start("netatalk", username, &PAM_conversation,
&lpamh);
- if (PAM_error != PAM_SUCCESS)
+ if (PAM_error != PAM_SUCCESS)
+ /* Log Entry */
+ syslog(LOG_INFO, "uams_dhx_pam.c :PAM: Needless to say, PAM_error is != to PAM_SUCCESS -- %m",);
+ /* Log Entry */
return AFPERR_PARAM;
pam_set_item(lpamh, PAM_TTY, "afpd");
pam_set_item(lpamh, PAM_RHOST, hostname);
};
#endif /* USE_PAM && UAM_DHX */
+\0
\ No newline at end of file