These set of files has the changes needed to support the new location for the CASA install under the /usr directory.
This commit is contained in:
Cameron (Kamran) Mashayekhi
@@ -81,65 +81,66 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,
|
||||
/* SSCS determines the client uid using the SO_PEERCRED socket option.
|
||||
* Hence the euid is temporarily modified to that of the user logging in.
|
||||
*/
|
||||
if(passwdEntry)
|
||||
{
|
||||
seteuid( passwdEntry->pw_uid );
|
||||
|
||||
do
|
||||
{
|
||||
char *error = NULL;
|
||||
void *ssContext = NULL;
|
||||
SSCS_SECRETSTORE_T ssId = {0};
|
||||
|
||||
seteuid( passwdEntry->pw_uid );
|
||||
SSCS_SECRET_ID_T secretID = {0};
|
||||
SSCS_SECRET_ID_T sharedSecretID = {0};
|
||||
|
||||
do
|
||||
{
|
||||
char *error = NULL;
|
||||
void *ssContext = NULL;
|
||||
SSCS_SECRETSTORE_T ssId = {0};
|
||||
SSCS_BASIC_CREDENTIAL basicCredential;
|
||||
int credType;
|
||||
|
||||
SSCS_SECRET_ID_T secretID = {0};
|
||||
SSCS_SECRET_ID_T sharedSecretID = {0};
|
||||
void *nsscsIdkHandle = dlopen(NSSCSIDK_LIB,RTLD_NOW);
|
||||
if( NULL == nsscsIdkHandle )
|
||||
{
|
||||
pam_sscs_log(LOG_ERR,"Unable to open %s\n",NSSCSIDK_LIB);
|
||||
break;
|
||||
}
|
||||
|
||||
SSCS_BASIC_CREDENTIAL basicCredential;
|
||||
int credType;
|
||||
pNSSCSSetCredential = dlsym( nsscsIdkHandle,
|
||||
"miCASASetCredential");
|
||||
if( (error = dlerror()) != NULL )
|
||||
{
|
||||
pam_sscs_log(LOG_ERR,"Unable to find miCASASetCredential symbol.- %s\n",error);
|
||||
break;
|
||||
}
|
||||
|
||||
secretID.len = strlen(WORKSTATION_SECRET_ID) + 1;
|
||||
strcpy(secretID.id,WORKSTATION_SECRET_ID);
|
||||
|
||||
sharedSecretID.len = strlen(WORKSTATION_SHARED_SECRET_ID) + 1;
|
||||
strcpy(sharedSecretID.id,WORKSTATION_SHARED_SECRET_ID);
|
||||
|
||||
memset(&basicCredential,0,sizeof(basicCredential));
|
||||
|
||||
void *nsscsIdkHandle = dlopen(NSSCSIDK_LIB,RTLD_NOW);
|
||||
if( NULL == nsscsIdkHandle )
|
||||
{
|
||||
pam_sscs_log(LOG_ERR,"Unable to open %s\n",NSSCSIDK_LIB);
|
||||
break;
|
||||
}
|
||||
if (user && wkstnPasswd)
|
||||
{
|
||||
basicCredential.unFlags = 0;
|
||||
strcpy(basicCredential.username,user);
|
||||
basicCredential.unLen = strlen(user) + 1;
|
||||
strcpy(basicCredential.password,wkstnPasswd);
|
||||
basicCredential.pwordLen = strlen(wkstnPasswd) + 1;
|
||||
|
||||
pNSSCSSetCredential = dlsym( nsscsIdkHandle,
|
||||
"miCASASetCredential");
|
||||
if( (error = dlerror()) != NULL )
|
||||
{
|
||||
pam_sscs_log(LOG_ERR,"Unable to find miCASASetCredential symbol.- %s\n",error);
|
||||
break;
|
||||
}
|
||||
|
||||
secretID.len = strlen(WORKSTATION_SECRET_ID) + 1;
|
||||
strcpy(secretID.id,WORKSTATION_SECRET_ID);
|
||||
|
||||
sharedSecretID.len = strlen(WORKSTATION_SHARED_SECRET_ID) + 1;
|
||||
strcpy(sharedSecretID.id,WORKSTATION_SHARED_SECRET_ID);
|
||||
|
||||
memset(&basicCredential,0,sizeof(basicCredential));
|
||||
|
||||
if (user && wkstnPasswd)
|
||||
{
|
||||
basicCredential.unFlags = 0;
|
||||
strcpy(basicCredential.username,user);
|
||||
basicCredential.unLen = strlen(user) + 1;
|
||||
strcpy(basicCredential.password,wkstnPasswd);
|
||||
basicCredential.pwordLen = strlen(wkstnPasswd) + 1;
|
||||
|
||||
retVal = (*pNSSCSSetCredential) (0,&secretID,NULL,
|
||||
SSCS_CRED_TYPE_BASIC_F,
|
||||
&basicCredential,NULL);
|
||||
if( retVal != 0)
|
||||
{
|
||||
pam_sscs_log( LOG_ERR,"Setting the default credential failed.Errcode = %d\n",retVal);
|
||||
break;
|
||||
retVal = (*pNSSCSSetCredential) (0,&secretID,NULL,
|
||||
SSCS_CRED_TYPE_BASIC_F,
|
||||
&basicCredential,NULL);
|
||||
if( retVal != 0)
|
||||
{
|
||||
pam_sscs_log( LOG_ERR,"Setting the default credential failed.Errcode = %d\n",retVal);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}while(0);
|
||||
}while(0);
|
||||
|
||||
seteuid(saved_uid);
|
||||
seteuid(saved_uid);
|
||||
}
|
||||
return PAM_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user