rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-07 18:54:20 +01:00
Code Issues Projects Releases Wiki Activity

Indent code. Add FIXME note. Handle NULL values in debug strings.

Browse Source
This commit is contained in:
Simon Josefsson 2009-02-11 16:50:04 +00:00
parent 3abd8adc95
commit 32e76effae
1 changed files with 102 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
pam_yubico.c
View File

@ -200,7 +200,8 @@ validate_user_token (const char *authfile,
* yubi_attr=
*
*/
static int validate_user_token_ldap (const char * ldapserver,
static int
validate_user_token_ldap (const char *ldapserver,
const char *ldapdn, const char *user_attr,
const char *yubi_attr, const char *user,
const char *token_id)
@ -214,6 +215,7 @@ static int validate_user_token_ldap (const char * ldapserver,
char *a;
char **vals;
int i, rc;
/* FIXME: dont' use hard coded buffers here. */
char find[256] = "";
char sr[128] = "(";
char sep[2] = ",";
@ -232,14 +234,16 @@ static int validate_user_token_ldap (const char * ldapserver,
strcat (sr, sren);
/* Get a handle to an LDAP connection. */
if ( (ld = ldap_init( ldapserver, PORT_NUMBER )) == NULL ) {
if ((ld = ldap_init (ldapserver, PORT_NUMBER)) == NULL)
{
D (("ldap_init"));
return (0);
}
/* Bind anonymously to the LDAP server. */
rc = ldap_simple_bind_s (ld, NULL, NULL);
if ( rc != LDAP_SUCCESS ) {
if (rc != LDAP_SUCCESS)
{
D (("ldap_simple_bind_s: %s", ldap_err2string (rc)));
return (0);
}
@ -250,21 +254,27 @@ static int validate_user_token_ldap (const char * ldapserver,
if ((rc = ldap_search_ext_s (ld, find, LDAP_SCOPE_BASE,
sr, NULL, 0, NULL, NULL, LDAP_NO_LIMIT,
LDAP_NO_LIMIT, &result ) ) != LDAP_SUCCESS ) {
LDAP_NO_LIMIT, &result)) != LDAP_SUCCESS)
{
D (("ldap_search_ext_s: %s", ldap_err2string (rc)));
return (0);
}
e = ldap_first_entry (ld, result);
if ( e != NULL ) {
if (e != NULL)
{
/* Iterate through each attribute in the entry. */
for (a = ldap_first_attribute (ld, e, &ber);
a != NULL; a = ldap_next_attribute( ld, e, ber ) ) {
if ((vals = ldap_get_values( ld, e, a)) != NULL ) {
for ( i = 0; vals[i] != NULL; i++ ) {
if (!strncmp (token_id, vals[i], strlen (token_id))) {
a != NULL; a = ldap_next_attribute (ld, e, ber))
{
if ((vals = ldap_get_values (ld, e, a)) != NULL)
{
for (i = 0; vals[i] != NULL; i++)
{
if (!strncmp (token_id, vals[i], strlen (token_id)))
{
D (("Token Found :: %s", vals[i]));
retval = 1;
}
@ -273,7 +283,8 @@ static int validate_user_token_ldap (const char * ldapserver,
}
ldap_memfree (a);
}
if ( ber != NULL ) {
if (ber != NULL)
{
ber_free (ber, 0);
}
@ -349,10 +360,10 @@ pam_sm_authenticate (pam_handle_t * pamh,
D (("debug=%d", debug));
D (("alwaysok=%d", alwaysok));
D (("authfile=%s", auth_file ? auth_file : "(null)"));
D (("ldapserver=%s", ldapserver));
D (("ldapdn=%s", ldapdn));
D (("user_attr=%s", user_attr));
D (("yubi_attr=%s", yubi_attr));
D (("ldapserver=%s", ldapserver ? ldapserver : "(null")));
D (("ldapdn=%s", ldapdn ? ldapdn : "(null")));
D (("user_attr=%s", user_attr ? user_attr : "(null)"));
D (("yubi_attr=%s", yubi_attr ? yubi_attr : "(null)"));
}
retval = pam_get_user (pamh, &user, NULL);
@ -475,12 +486,17 @@ pam_sm_authenticate (pam_handle_t * pamh,
}
/* validate the user with supplied token id */
if(ldapserver!=NULL) {
if (ldapserver != NULL)
{
valid_token = validate_user_token_ldap ((const char *) ldapserver,
(const char *) ldapdn, (const char *) user_attr,
(const char *) yubi_attr, (const char *) user,
(const char *) ldapdn,
(const char *) user_attr,
(const char *) yubi_attr,
(const char *) user,
(const char *) token_id);
} else {
}
else
{
valid_token = validate_user_token (auth_file, (const char *) user,
(const char *) token_id);
}