mirror of
https://github.com/Yubico/yubico-pam.git
synced 2025-02-20 21:54:16 +01:00
renaming yubi_prefix to yubi_Attr_prefix and changing debug
This commit is contained in:
parent
fd465d1261
commit
3e1f5f6925
27
pam_yubico.c
27
pam_yubico.c
@ -109,7 +109,7 @@ struct cfg
|
||||
char *ldapdn;
|
||||
char *user_attr;
|
||||
char *yubi_attr;
|
||||
char *yubi_prefix;
|
||||
char *yubi_attr_prefix;
|
||||
int token_id_length;
|
||||
enum key_mode mode;
|
||||
char *chalresp_path;
|
||||
@ -279,7 +279,7 @@ authorize_user_token_ldap (struct cfg *cfg,
|
||||
int retval = 0;
|
||||
int protocol;
|
||||
#ifdef HAVE_LIBLDAP
|
||||
int yubi_prefix_len = 0;
|
||||
int yubi_attr_prefix_len = 0;
|
||||
LDAP *ld = NULL;
|
||||
LDAPMessage *result = NULL, *e;
|
||||
BerElement *ber;
|
||||
@ -376,23 +376,24 @@ authorize_user_token_ldap (struct cfg *cfg,
|
||||
{
|
||||
if ((vals = ldap_get_values_len (ld, e, a)) != NULL)
|
||||
{
|
||||
yubi_prefix_len = cfg->yubi_prefix ? strlen(cfg->yubi_prefix) : 0;
|
||||
DBG(("LDAP : Found %i values - checking if any of them match '%s%s'",
|
||||
ldap_count_values_len(vals),
|
||||
cfg->yubi_attr_prefix ? cfg->yubi_attr_prefix : "",
|
||||
token_id));
|
||||
|
||||
yubi_attr_prefix_len = cfg->yubi_attr_prefix ? strlen(cfg->yubi_attr_prefix) : 0;
|
||||
|
||||
/* Compare each value for the attribute against the token id. */
|
||||
for (i = 0; vals[i] != NULL; i++)
|
||||
{
|
||||
/* Only values containing this prefix are considered. */
|
||||
if ((!cfg->yubi_prefix || !strncmp (cfg->yubi_prefix, vals[i]->bv_val, yubi_prefix_len)))
|
||||
if ((!cfg->yubi_attr_prefix || !strncmp (cfg->yubi_attr_prefix, vals[i]->bv_val, yubi_attr_prefix_len)))
|
||||
{
|
||||
if(!strncmp (token_id, vals[i]->bv_val + yubi_prefix_len, strlen (token_id)))
|
||||
if(!strncmp (token_id, vals[i]->bv_val + yubi_attr_prefix_len, strlen (token_id)))
|
||||
{
|
||||
DBG (("Token Found :: %s", vals[i]->bv_val + yubi_prefix_len));
|
||||
DBG (("Token Found :: %s", vals[i]->bv_val));
|
||||
retval = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
DBG (("No match : (%s) %s != %s", a, vals[i]->bv_val + yubi_prefix_len, token_id));
|
||||
}
|
||||
}
|
||||
}
|
||||
ldap_value_free_len (vals);
|
||||
@ -700,8 +701,8 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg)
|
||||
cfg->user_attr = (char *) argv[i] + 10;
|
||||
if (strncmp (argv[i], "yubi_attr=", 10) == 0)
|
||||
cfg->yubi_attr = (char *) argv[i] + 10;
|
||||
if (strncmp (argv[i], "yubi_prefix=", 12) == 0)
|
||||
cfg->yubi_prefix = (char *) argv[i] + 12;
|
||||
if (strncmp (argv[i], "yubi_attr_prefix=", 17) == 0)
|
||||
cfg->yubi_attr_prefix = (char *) argv[i] + 17;
|
||||
if (strncmp (argv[i], "token_id_length=", 16) == 0)
|
||||
sscanf (argv[i], "token_id_length=%d", &cfg->token_id_length);
|
||||
if (strcmp (argv[i], "mode=challenge-response") == 0)
|
||||
@ -731,7 +732,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg)
|
||||
D (("ldapdn=%s", cfg->ldapdn ? cfg->ldapdn : "(null)"));
|
||||
D (("user_attr=%s", cfg->user_attr ? cfg->user_attr : "(null)"));
|
||||
D (("yubi_attr=%s", cfg->yubi_attr ? cfg->yubi_attr : "(null)"));
|
||||
D (("yubi_prefix=%s", cfg->yubi_prefix ? cfg->yubi_prefix : "(null)"));
|
||||
D (("yubi_attr_prefix=%s", cfg->yubi_attr_prefix ? cfg->yubi_attr_prefix : "(null)"));
|
||||
D (("url=%s", cfg->url ? cfg->url : "(null)"));
|
||||
D (("capath=%s", cfg->capath ? cfg->capath : "(null)"));
|
||||
D (("token_id_length=%d", cfg->token_id_length));
|
||||
|
Loading…
x
Reference in New Issue
Block a user