(file) Return to PAMBasicAuthenticatorUnix.cpp CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Pegasus / Security / Authentication

Diff for /pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp between version 1.12 and 1.14

version 1.12, 2003/03/13 23:09:35 version 1.14, 2003/10/22 14:26:13
Line 1 
Line 1 
 //%/////////////////////////////////////////////////////////////////////////////  //%2003////////////////////////////////////////////////////////////////////////
 // //
 // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM,  // Copyright (c) 2000, 2001, 2002  BMC Software, Hewlett-Packard Development
 // The Open Group, Tivoli Systems  // Company, L. P., IBM Corp., The Open Group, Tivoli Systems.
   // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L. P.;
   // IBM Corp.; EMC Corporation, The Open Group.
 // //
 // Permission is hereby granted, free of charge, to any person obtaining a copy // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to // of this software and associated documentation files (the "Software"), to
Line 55 
Line 57 
 */ */
 static const String BASIC_CHALLENGE_HEADER = "WWW-Authenticate: Basic \""; static const String BASIC_CHALLENGE_HEADER = "WWW-Authenticate: Basic \"";
  
   Mutex PAMBasicAuthenticator::_authSerializeMutex;
  
 /** Service name for pam_start */ /** Service name for pam_start */
 const char *service = "wbem"; const char *service = "wbem";
Line 129 
Line 132 
 #ifndef PEGASUS_OS_HPUX #ifndef PEGASUS_OS_HPUX
     authenticated = _authenticateByPAM(userName, password);     authenticated = _authenticateByPAM(userName, password);
 #else #else
     if (_usePAM)  
     {  
         //         //
         // Check if the system has been converted to a trusted system.      // Mutex to Serialize Authentication calls.
         // ATTN-SF-P3-20030211 - This code to use getpwpwnam on a trusted sytem has  
         // been added as there is a known problem with trusted mode with PAM based  
         // Authentication.  
         //         //
   
         if (iscomsec())  
         {  
             authenticated            = false;  
             String currPassword      = String::EMPTY;  
             String encryptedPassword = String::EMPTY;  
             String saltStr           = String::EMPTY;  
             char*  userNamecstr      = strcpy(  
                                    new char[strlen(userName.getCString()) + 1],  
                                    userName.getCString());  
   
             // system is a trusted system  
             // use interface getprpwnam to get pr_passwd structure  
   
             struct pr_passwd * pwd;  
   
             // getprpwnam returns a pointer to a pr_passwd structure upon success  
             if ( (pwd = getprpwnam(userNamecstr)) != NULL)  
             {  
                Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,                Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
                   "getprpwnam call successful.");          "Authentication Mutex lock.");
                // get user's password from pr_passwd structure      _authSerializeMutex.lock(pegasus_thread_self());
                 currPassword = pwd->ufld.fd_encrypt;      try
             }  
             delete [] userNamecstr;  
   
             //  
             // Check if the specified password mathches user's password  
             //  
             saltStr = currPassword.subString(0,2);  
   
             encryptedPassword = System::encryptPassword(password.getCString(),  
                                 saltStr.getCString());  
   
             if (String::equal(currPassword, encryptedPassword))  
             {             {
                 authenticated = true;          if (_usePAM)
                 Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,  
                   "Password match successful.");  
             }  
         }  
         else  
         {         {
             authenticated = _authenticateByPAM(userName, password);             authenticated = _authenticateByPAM(userName, password);
         }         }
     }  
     else     else
     {     {
         authenticated = _authenticateByPwnam(userName.getCString(), password);         authenticated = _authenticateByPwnam(userName.getCString(), password);
     }     }
   
           Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
                                             "Authentication Mutex unlock.");
           _authSerializeMutex.unlock();
       }
       catch (...)
       {
            Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
                                             "Authentication Mutex unlock.");
            _authSerializeMutex.unlock();
            throw;
       }
 #endif #endif
  
     PEG_METHOD_EXIT();     PEG_METHOD_EXIT();
Line 380 
Line 353 
     //     //
     if ( num_msg > 0 )     if ( num_msg > 0 )
     {     {
         *resp = (struct pam_response *)malloc(sizeof(struct pam_response)*num_msg);          //
           // Since resp->resp needs to be initialized in all possible scenarios,
           // use calloc for memory allocation.
           //
           *resp = (struct pam_response *)calloc(num_msg, sizeof(struct pam_response));
  
         if ( *resp == NULL )         if ( *resp == NULL )
         {         {

Legend:
Removed from v.1.12  
changed lines
  Added in v.1.14
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2