/*
- * $Id: uams_pam.c,v 1.15.2.1.2.2 2003-09-11 23:49:30 bfernhomberg Exp $
+ * $Id: uams_pam.c,v 1.15.2.1.2.5.2.1 2005-09-27 10:40:41 didg Exp $
*
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
#include <atalk/logger.h>
+#ifdef HAVE_SECURITY_PAM_APPL_H
#include <security/pam_appl.h>
+#endif
+#ifdef HAVE_PAM_PAM_APPL_H
+#include <pam/pam_appl.h>
+#endif
#include <atalk/afp.h>
#include <atalk/uam.h>
+#include <atalk/util.h>
#define PASSWDLEN 8
static int PAM_conv (int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
- void *appdata_ptr)
+ void *appdata_ptr _U_)
{
struct pam_response *reply;
int count;
};
static int login(void *obj, char *username, int ulen, struct passwd **uam_pwd,
- char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+ char *ibuf, int ibuflen _U_,
+ char *rbuf _U_, int *rbuflen _U_)
{
struct passwd *pwd;
int err, PAM_error;
PAM_error = pam_acct_mgmt(pamh, 0);
if (PAM_error != PAM_SUCCESS) {
- if (PAM_error == PAM_ACCT_EXPIRED)
+ if (PAM_error == PAM_NEW_AUTHTOK_REQD) /* Password change required */
err = AFPERR_PWDEXPR;
#ifdef PAM_AUTHTOKEN_REQD
else if (PAM_error == PAM_AUTHTOKEN_REQD)
err = AFPERR_PWDCHNG;
#endif /* PAM_AUTHTOKEN_REQD */
- goto login_err;
+ else
+ goto login_err;
}
#ifndef PAM_CRED_ESTABLISH
goto login_err;
*uam_pwd = pwd;
+
+ if (err == AFPERR_PWDEXPR)
+ return err;
+
return AFP_OK;
login_err:
}
/* change passwd */
-static int pam_changepw(void *obj, char *username,
- struct passwd *pwd, char *ibuf, int ibuflen,
- char *rbuf, int *rbuflen)
+static int pam_changepw(void *obj _U_, char *username,
+ struct passwd *pwd _U_, char *ibuf, int ibuflen _U_,
+ char *rbuf _U_, int *rbuflen _U_)
{
char pw[PASSWDLEN + 1];
pam_handle_t *lpamh;
static const char *loginok = "0\r";
struct passwd *pwd;
- data = (char *)malloc(stop - start + 2);
+ data = (char *)malloc(stop - start + 1);
if (!data) {
LOG(log_info, logtype_uams,"Bad Login ClearTxtUAM: malloc");
return(-1);
}
- strncpy(data, start, stop - start + 1);
- data[stop - start + 2] = 0;
+ strlcpy(data, start, stop - start + 1);
/* We are looking for the following format in data:
* (username) (password)
free(data);
return(-1);
}
- strncpy(username, p, MIN(UAM_USERNAMELEN, q - p) );
- username[ UAM_USERNAMELEN +1] = '\0';
+ memcpy(username, p, MIN(UAM_USERNAMELEN, q - p) );
/* Parse input for password in next () */
p = q + 3;
free(data);
return(-1);
}
- strncpy(password, p, MIN(PASSWDLEN, (q - p)) );
- password[ PASSWDLEN + 1] = '\0';
+ memcpy(password, p, MIN(PASSWDLEN, (q - p)) );
/* Done copying username and password, clean up */
free(data);