STABLE12-pam-update-for-correct-krb-aware-module-20011226

author Thomas Mueller <thomas.mueller@hrz.tu-chemnitz.de>

Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)

committer Derrick Brashear <shadow@dementia.org>

Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)
author Thomas Mueller <thomas.mueller@hrz.tu-chemnitz.de>
Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)
committer Derrick Brashear <shadow@dementia.org>
Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)
diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c

index 5ce0eefb15416b20ecf7a8889384909449a81abe..d1c7c14e16bc243b8fc4c4de4e25a83f07ffb70a 100644 (file)
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -256,6 +256,9 @@ try_auth:
       */
      if (!refresh_token) {
         setpag();
+#ifdef AFS_KERBEROS_ENV
+       ktc_newpag();
+#endif
         if (logmask && LOG_MASK(LOG_DEBUG))
          syslog(LOG_DEBUG, "New PAG created in pam_authenticate()");
      }
diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c

index d8dc516218b2fd9fc7da0755f8e8ee590348e991..05e9eb8c907f5ba8d08526b1f36675d1860a5cc8 100644 (file)
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@@ -262,11 +262,14 @@ pam_sm_setcred(
           if (logmask && LOG_MASK(LOG_DEBUG))
             syslog(LOG_DEBUG, "New PAG created in pam_setcred()");
            setpag();
+#ifdef AFS_KERBEROS_ENV
+          ktc_newpag();
+#endif
         }
  
         if ( flags & PAM_REFRESH_CRED ) {
             if (use_klog) {
-               auth_ok = do_klog(user, password, "00:00:01");
+               auth_ok = ! do_klog(user, password, "00:00:01");
                ktc_ForgetAllTokens();
             } else {
              if ( ka_VerifyUserPassword(
@@ -286,7 +289,7 @@ pam_sm_setcred(
         }
             
         if (  flags & PAM_ESTABLISH_CRED ) {
-          if (use_klog) auth_ok = do_klog(user, password, NULL);
+          if (use_klog) auth_ok = ! do_klog(user, password, NULL);
            else {
             if ( ka_UserAuthenticateGeneral(
                             KA_USERAUTH_VERSION,
@@ -327,7 +330,6 @@ pam_sm_setcred(
                     pam_afs_syslog(LOG_ERR, PAMAFS_PASSEXPFAIL, user);
             }
  #if defined(AFS_KERBEROS_ENV)
-           if (!use_klog) {
                 if (upwd) {
                 if ( chown(ktc_tkt_string(), upwd->pw_uid, upwd->pw_gid) < 0 )
                     pam_afs_syslog(LOG_ERR, PAMAFS_CHOWNKRB, user);
@@ -336,7 +338,6 @@ pam_sm_setcred(
                  if ( errcode != PAM_SUCCESS )
                      pam_afs_syslog(LOG_ERR, PAMAFS_KRBFAIL, user);
                }
-           }
  #endif
  
             RET(PAM_SUCCESS);
author	Thomas Mueller <thomas.mueller@hrz.tu-chemnitz.de>
	Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)
committer	Derrick Brashear <shadow@dementia.org>
	Wed, 26 Dec 2001 20:23:03 +0000 (20:23 +0000)
src/pam/afs_auth.c		patch \| blob \| history
src/pam/afs_setcred.c		patch \| blob \| history