[SSSD] [PATCH 0/4] Create and use an auth token object

Tue, 23 Oct 2012 06:54:11 -0700 

The current way we handle with auth token is manual and very error prone.
The semanthics are also confusing and do not make clear how tokens are stored
such that manipulating them is difficult. For example it was unclar in the
code whether password tokens where 0 terminated and whether the length would
incliude the null termination byte or not.

This code creates a standard structure called sss_auth_token that has a full
set of getters and setters.

Simo.

Note: I wanted to make this structure completely opaque but it would have
required a lot more allocations and pointers, and made the patchset larger.

Fixes: https://fedorahosted.org/sssd/ticket/1586

Simo Sorce (4):
  Code can only check for cached passwords
  Add function to safely wipe memory.
  Add authtok utility functions.
  Change pam data auth tokens.

 Makefile.am                                        |   4 +
 src/db/sysdb.h                                     |   3 +-
 src/db/sysdb_ops.c                                 |  13 +-
 src/providers/data_provider.h                      |   9 +-
 src/providers/dp_auth_util.c                       |  77 ++++++----
 src/providers/dp_pam_data_util.c                   | 113 ++++++++-------
 src/providers/ipa/ipa_auth.c                       |   6 +-
 src/providers/krb5/krb5_auth.c                     |  45 +++---
 src/providers/krb5/krb5_child.c                    | 148 ++++++++++---------
 src/providers/krb5/krb5_child_handler.c            |  59 ++++++--
 .../krb5/krb5_delayed_online_authentication.c      |  50 ++++---
 src/providers/krb5/krb5_renew_tgt.c                |  18 +--
 src/providers/ldap/ldap_auth.c                     |  90 +++++-------
 src/providers/ldap/sdap_async.c                    |   4 +-
 src/providers/ldap/sdap_async.h                    |   7 +-
 src/providers/ldap/sdap_async_connection.c         |  85 ++++++-----
 src/providers/proxy/proxy.h                        |   7 +-
 src/providers/proxy/proxy_auth.c                   |  14 +-
 src/providers/proxy/proxy_child.c                  |  51 ++++---
 src/responder/pam/pam_LOCAL_domain.c               |  52 +++----
 src/responder/pam/pamsrv_cmd.c                     | 159 ++++++++++++---------
 src/tests/krb5_child-test.c                        |  13 +-
 src/tests/sysdb-tests.c                            |   6 +-
 src/util/authtok.c                                 | 146 +++++++++++++++++++
 src/util/authtok.h                                 | 137 ++++++++++++++++++
 src/util/util.c                                    |   9 ++
 src/util/util.h                                    |  10 ++
 27 files changed, 856 insertions(+), 479 deletions(-)
 create mode 100644 src/util/authtok.c
 create mode 100644 src/util/authtok.h

-- 
1.7.11.4

_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to