krb5_error_code klog_prompter(krb5_context context, void *a, const char *name, const char *banner, int num_prompts, krb5_prompt prompts[]) { krb5_error_code code; int i, type; #if !defined(USING_HEIMDAL) && defined(HAVE_KRB5_GET_PROMPT_TYPES) krb5_prompt_type *types; #endif struct kp_arg *kparg = (struct kp_arg *) a; code = krb5_prompter_posix(context, a, name, banner, num_prompts, prompts); if (code) return code; #if !defined(USING_HEIMDAL) && defined(HAVE_KRB5_GET_PROMPT_TYPES) if ((types = krb5_get_prompt_types(context))) #endif for (i = 0; i < num_prompts; ++i) { #if !defined(USING_HEIMDAL) #if defined(HAVE_KRB5_GET_PROMPT_TYPES) type = types[i]; #elif defined(HAVE_KRB5_PROMPT_TYPE) type = prompts[i].type; #else /* AIX 5.3 krb5_get_prompt_types is missing. Um... */ type = ((i == 1)&&(num_prompts == 2)) ? KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN : KRB5_PROMPT_TYPE_PASSWORD; #endif #else type = prompts[i].type; #endif #if 0 printf ("i%d t%d <%.*s>\n", i, type, prompts[i].reply->length, prompts[i].reply->data); #endif switch(type) { case KRB5_PROMPT_TYPE_PASSWORD: case KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN: memcpy(kparg->pstore, prompts[i].reply->data, prompts[i].reply->length); kparg->pstore[prompts[i].reply->length] = 0; *kparg->pp = kparg->pstore; } } return 0; }
static int klog_is_pass_prompt(int index, krb5_context context, krb5_prompt prompts[]) { /* this isn't thread-safe or anything obviously; it just should be good * enough to work with klog */ static krb5_prompt_type *types = NULL; if (index == 0) { types = NULL; } if (!types) { types = krb5_get_prompt_types(context); } if (!types) { return 0; } switch (types[index]) { case KRB5_PROMPT_TYPE_PASSWORD: case KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN: return 1; default: return 0; } }
static krb5_error_code KRB5_CALLCONV kinit_prompter(krb5_context ctx, void *data, const char *name, const char *banner, int num_prompts, krb5_prompt prompts[]) { int i; krb5_prompt_type *types; krb5_error_code rc; struct user_info *u_info; u_info = (struct user_info *)data; rc = 0; types = krb5_get_prompt_types(ctx); for (i = 0; i < num_prompts; i++) { if (types[i] == KRB5_PROMPT_TYPE_PASSWORD || types[i] == KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN) { g_strncpy(prompts[i].reply->data, u_info->pass, 255); } } return rc; }
krb5_error_code kim_ui_prompter (krb5_context in_krb5_context, void *in_context, const char *in_name, const char *in_banner, int in_num_prompts, krb5_prompt in_prompts[]) { kim_error err = KIM_NO_ERROR; krb5_prompt_type *types = NULL; kim_ui_context *context = (kim_ui_context *) in_context; int i; if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err && !in_prompts ) { err = check_error (KIM_NULL_PARAMETER_ERR); } if (!err) { types = krb5_get_prompt_types (in_krb5_context); if (!types) { err = check_error (KIM_NULL_PARAMETER_ERR); } } for (i = 0; !err && i < in_num_prompts; i++) { char *reply = NULL; kim_prompt_type type = kim_ui_ptype2ktype (types[i]); kim_boolean got_saved_password = 0; if (type == kim_prompt_type_password) { /* Check for saved password on OSes that support it */ kim_error terr = KIM_NO_ERROR; terr = kim_os_identity_get_saved_password (context->identity, (kim_string *) &reply); if (!terr && reply) { got_saved_password = 1; } } if (!got_saved_password) { kim_boolean save_reply = FALSE; kim_boolean allow_save_password = kim_os_identity_allow_save_password (); context->prompt_count++; err = kim_ui_init_lazy (in_context); if (!err) { if (context->type == kim_ui_type_gui_plugin) { err = kim_ui_plugin_auth_prompt (context, context->identity, type, allow_save_password, in_prompts[i].hidden, in_name, in_banner, in_prompts[i].prompt, &reply, &save_reply); #ifdef KIM_BUILTIN_UI } else if (context->type == kim_ui_type_gui_builtin) { err = kim_os_ui_gui_auth_prompt (context, context->identity, type, allow_save_password, in_prompts[i].hidden, in_name, in_banner, in_prompts[i].prompt, &reply, &save_reply); } else if (context->type == kim_ui_type_cli) { err = kim_ui_cli_auth_prompt (context, context->identity, type, allow_save_password, in_prompts[i].hidden, in_name, in_banner, in_prompts[i].prompt, &reply, &save_reply); #endif /* KIM_BUILTIN_UI */ } else { err = check_error (KIM_NO_UI_ERR); } } if (!err && type == kim_prompt_type_password) { kim_string_free (&context->password_to_save); if (allow_save_password && save_reply) { err = kim_string_copy (&context->password_to_save, reply); } } } if (!err) { uint32_t reply_len = strlen (reply); if ((reply_len + 1) > in_prompts[i].reply->length) { kim_debug_printf ("%s(): reply %d is too long (is %d, should be %d)\n", __FUNCTION__, i, reply_len, in_prompts[i].reply->length); reply_len = in_prompts[i].reply->length; } memmove (in_prompts[i].reply->data, reply, reply_len + 1); in_prompts[i].reply->length = reply_len; } /* Clean up reply buffer. Saved passwords are allocated by KIM. */ if (reply) { if (got_saved_password) { memset (reply, '\0', strlen (reply)); kim_string_free ((kim_string *) &reply); } else { kim_ui_free_string (context, &reply); } } } return check_error (err); }