X-Git-Url: http://git.hungrycats.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=driver%2Fpasswd.c;h=d5a358c571569daafc7c892bd3413a921175eac5;hb=9c9d475ff889ed8be02e8ce8c17da28b93278fca;hp=1847d1be1f7cddce077ccc22ffdfc35c0787a96c;hpb=551b3de3f619c04c2dd1971ee9b3f02e270c28c9;p=xscreensaver diff --git a/driver/passwd.c b/driver/passwd.c index 1847d1be..d5a358c5 100644 --- a/driver/passwd.c +++ b/driver/passwd.c @@ -1,5 +1,5 @@ /* passwd.c --- verifying typed passwords with the OS. - * xscreensaver, Copyright (c) 1993-1998 Jamie Zawinski + * xscreensaver, Copyright (c) 1993-2004 Jamie Zawinski * * Permission to use, copy, modify, distribute, and sell this software and its * documentation for any purpose is hereby granted without fee, provided that @@ -23,6 +23,7 @@ #endif extern char *blurb(void); +extern void check_for_leaks (const char *where); /* blargh */ @@ -51,9 +52,13 @@ extern Bool kerberos_lock_init (int argc, char **argv, Bool verbose_p); extern Bool kerberos_passwd_valid_p (const char *typed_passwd, Bool verbose_p); #endif #ifdef HAVE_PAM -extern Bool pam_lock_init (int argc, char **argv, Bool verbose_p); +extern Bool pam_priv_init (int argc, char **argv, Bool verbose_p); extern Bool pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p); #endif +#ifdef PASSWD_HELPER_PROGRAM +extern Bool ext_priv_init (int argc, char **argv, Bool verbose_p); +extern Bool ext_passwd_valid_p (const char *typed_passwd, Bool verbose_p); +#endif extern Bool pwent_lock_init (int argc, char **argv, Bool verbose_p); extern Bool pwent_priv_init (int argc, char **argv, Bool verbose_p); extern Bool pwent_passwd_valid_p (const char *typed_passwd, Bool verbose_p); @@ -70,9 +75,13 @@ struct auth_methods methods[] = { False, False }, # endif # ifdef HAVE_PAM - { "PAM", pam_lock_init, 0, pam_passwd_valid_p, + { "PAM", 0, pam_priv_init, pam_passwd_valid_p, False, False }, # endif +# ifdef PASSWD_HELPER_PROGRAM + { "external", 0, ext_priv_init, ext_passwd_valid_p, + False, False }, +#endif { "normal", pwent_lock_init, pwent_priv_init, pwent_passwd_valid_p, False, False } }; @@ -111,7 +120,11 @@ lock_init (int argc, char **argv, Bool verbose_p) if (!methods[i].priv_initted_p) /* Bail if lock_priv_init failed. */ continue; - methods[i].initted_p = methods[i].init (argc, argv, verbose_p); + if (!methods[i].init) + methods[i].initted_p = True; + else + methods[i].initted_p = methods[i].init (argc, argv, verbose_p); + if (methods[i].initted_p) any_ok = True; else if (verbose_p) @@ -128,15 +141,19 @@ passwd_valid_p (const char *typed_passwd, Bool verbose_p) int i, j; for (i = 0; i < countof(methods); i++) { - if (methods[i].initted_p && - methods[i].valid_p (typed_passwd, verbose_p)) + int ok_p = (methods[i].initted_p && + methods[i].valid_p (typed_passwd, verbose_p)); + + check_for_leaks (methods[i].name); + + if (ok_p) { /* If we successfully authenticated by method N, but attempting to authenticate by method N-1 failed, mention that (since if an earlier authentication method fails and a later one succeeds, something screwy is probably going on.) */ - if (verbose_p) + if (verbose_p && i > 0) { for (j = 0; j < i; j++) if (methods[j].initted_p) @@ -144,7 +161,7 @@ passwd_valid_p (const char *typed_passwd, Bool verbose_p) "%s: authentication via %s passwords failed.\n", blurb(), methods[j].name); fprintf (stderr, - "%s: but authentication via %s passwords succeeded.\n", + "%s: authentication via %s passwords succeeded.\n", blurb(), methods[i].name); }