From ead505bbcc94d04c0f0cca9c6a10cda39eafd6f2 Mon Sep 17 00:00:00 2001 From: Thomas Mueller Date: Wed, 26 Dec 2001 20:23:03 +0000 Subject: [PATCH] STABLE12-pam-update-for-correct-krb-aware-module-20011226 the krb version of the module should be built completely in AFS_KERBEROS_ENV --- src/pam/afs_auth.c | 3 +++ src/pam/afs_setcred.c | 9 +++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c index 5ce0eefb1..d1c7c14e1 100644 --- a/src/pam/afs_auth.c +++ b/src/pam/afs_auth.c @@ -256,6 +256,9 @@ try_auth: */ if (!refresh_token) { setpag(); +#ifdef AFS_KERBEROS_ENV + ktc_newpag(); +#endif if (logmask && LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "New PAG created in pam_authenticate()"); } diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c index d8dc51621..05e9eb8c9 100644 --- a/src/pam/afs_setcred.c +++ b/src/pam/afs_setcred.c @@ -262,11 +262,14 @@ pam_sm_setcred( if (logmask && LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "New PAG created in pam_setcred()"); setpag(); +#ifdef AFS_KERBEROS_ENV + ktc_newpag(); +#endif } if ( flags & PAM_REFRESH_CRED ) { if (use_klog) { - auth_ok = do_klog(user, password, "00:00:01"); + auth_ok = ! do_klog(user, password, "00:00:01"); ktc_ForgetAllTokens(); } else { if ( ka_VerifyUserPassword( @@ -286,7 +289,7 @@ pam_sm_setcred( } if ( flags & PAM_ESTABLISH_CRED ) { - if (use_klog) auth_ok = do_klog(user, password, NULL); + if (use_klog) auth_ok = ! do_klog(user, password, NULL); else { if ( ka_UserAuthenticateGeneral( KA_USERAUTH_VERSION, @@ -327,7 +330,6 @@ pam_sm_setcred( pam_afs_syslog(LOG_ERR, PAMAFS_PASSEXPFAIL, user); } #if defined(AFS_KERBEROS_ENV) - if (!use_klog) { if (upwd) { if ( chown(ktc_tkt_string(), upwd->pw_uid, upwd->pw_gid) < 0 ) pam_afs_syslog(LOG_ERR, PAMAFS_CHOWNKRB, user); @@ -336,7 +338,6 @@ pam_sm_setcred( if ( errcode != PAM_SUCCESS ) pam_afs_syslog(LOG_ERR, PAMAFS_KRBFAIL, user); } - } #endif RET(PAM_SUCCESS); -- 2.39.5