pool/pam_krb5
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- make pam_sm_setcred less verbose (bnc#641008)

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam_krb5?expand=0&rev=17
This commit is contained in:
Michael Calmer 2011-03-01 16:43:02 +00:00 committed by Git OBS Bridge
parent 40b5461689
commit d59dabba6a
3 changed files with 80 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
bug-641008_pam_krb5-2.3.11-setcred-log.diff Normal file
View File

@ -0,0 +1,72 @@
diff -ur pam_krb5-2.3.11-1.orig/src/auth.c pam_krb5-2.3.11-1/src/auth.c
--- pam_krb5-2.3.11-1.orig/src/auth.c 2010-09-21 15:58:10.021370000 +0200
+++ pam_krb5-2.3.11-1/src/auth.c 2010-09-21 17:02:33.329265000 +0200
@@ -522,13 +522,32 @@
pam_sm_setcred(pam_handle_t *pamh, int flags,
int argc, PAM_KRB5_MAYBE_CONST char **argv)
{
+ krb5_context ctx;
+ struct _pam_krb5_options *options;
struct _pam_krb5_perms *saved_perms;
- notice("pam_setcred (%s) called",
- (flags & PAM_ESTABLISH_CRED)?"establish credential":
- (flags & PAM_REINITIALIZE_CRED)?"reinitialize credential":
- (flags & PAM_REFRESH_CRED)?"refresh credential":
- (flags & PAM_DELETE_CRED)?"delete credential":"unknown flag");
+
+ if (_pam_krb5_init_ctx(&ctx, argc, argv) != 0) {
+ warn("error initializing Kerberos");
+ return PAM_SERVICE_ERR;
+ }
+
+ options = _pam_krb5_options_init(pamh, argc, argv, ctx);
+ if (options == NULL) {
+ warn("error parsing options (shouldn't happen)");
+ krb5_free_context(ctx);
+ return PAM_SERVICE_ERR;
+ }
+
+ if (options->debug) {
+ debug("pam_setcred (%s) called",
+ (flags & PAM_ESTABLISH_CRED)?"establish credential":
+ (flags & PAM_REINITIALIZE_CRED)?"reinitialize credential":
+ (flags & PAM_REFRESH_CRED)?"refresh credential":
+ (flags & PAM_DELETE_CRED)?"delete credential":"unknown flag");
+ }
if (flags & PAM_ESTABLISH_CRED) {
+ _pam_krb5_options_free(pamh, ctx, options);
+ krb5_free_context(ctx);
return pam_sm_open_session(pamh, flags, argc, argv);
}
if (flags & (PAM_REINITIALIZE_CRED | PAM_REFRESH_CRED)) {
@@ -541,19 +560,29 @@
}
saved_perms = NULL;
+ _pam_krb5_options_free(pamh, ctx, options);
+ krb5_free_context(ctx);
return i;
} else {
- debug("looks unsafe - ignore refresh");
+ if (options->debug) {
+ debug("looks unsafe - ignore refresh");
+ }
if (saved_perms != NULL) {
_pam_krb5_restore_perms_r2e(saved_perms);
}
saved_perms = NULL;
+ _pam_krb5_options_free(pamh, ctx, options);
+ krb5_free_context(ctx);
return PAM_IGNORE;
}
}
if (flags & PAM_DELETE_CRED) {
+ _pam_krb5_options_free(pamh, ctx, options);
+ krb5_free_context(ctx);
return pam_sm_close_session(pamh, flags, argc, argv);
}
warn("pam_setcred() called with no flags. Assume PAM_ESTABLISH_CRED");
+ _pam_krb5_options_free(pamh, ctx, options);
+ krb5_free_context(ctx);
return pam_sm_open_session(pamh, (flags | PAM_ESTABLISH_CRED), argc, argv);
}

5
pam_krb5.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue Mar 1 17:41:57 CET 2011 - mc@suse.de
- make pam_sm_setcred less verbose (bnc#641008)
-------------------------------------------------------------------
Fri Nov 19 10:44:35 UTC 2010 - coolo@novell.com

4
pam_krb5.spec
View File

@ -31,7 +31,7 @@ Obsoletes: pam_krb5-64bit
%endif
#
Version: 2.3.11
Release: 1
Release: 4
Summary: PAM Module for Kerberos Authentication
Url: http://sourceforge.net/projects/pam-krb5/
Source: pam_krb5-%{version}-%{PAM_RELEASE}.tar.bz2
@ -42,6 +42,7 @@ Patch2: pam_krb5-2.3.1-log-choise.dif
Patch3: pam_krb5-LINGUAS.dif
Patch4: pam_krb5-2.3.1-switch-perms-on-refresh.dif
Patch5: pam_krb5-2.2.3-1-setcred-assume-establish.dif
Patch6: bug-641008_pam_krb5-2.3.11-setcred-log.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@ -56,6 +57,7 @@ supports updating your Kerberos password.
%patch3
%patch4 -p1
%patch5
%patch6 -p1
%build
CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE " \