summaryrefslogtreecommitdiff
path: root/libexec/login_krb5
diff options
context:
space:
mode:
authorHans Insulander <hin@cvs.openbsd.org>2001-06-25 05:23:14 +0000
committerHans Insulander <hin@cvs.openbsd.org>2001-06-25 05:23:14 +0000
commitafca7a651cff6effc8dad211a29f1f09a06cda7d (patch)
tree586665dcc19108bb644b210788524493b6d98af4 /libexec/login_krb5
parent0e28745ef2559c86593e39115fa8d2e8c4cb4249 (diff)
Use getpass() to read password instead of libkrb5, just to make sure that
login_krb5 _always_ behave like the other BSD Auth login scripts.
Diffstat (limited to 'libexec/login_krb5')
-rw-r--r--libexec/login_krb5/login_krb5.c14
1 files changed, 10 insertions, 4 deletions
diff --git a/libexec/login_krb5/login_krb5.c b/libexec/login_krb5/login_krb5.c
index f6e148d2172..79b9ca6a4b4 100644
--- a/libexec/login_krb5/login_krb5.c
+++ b/libexec/login_krb5/login_krb5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: login_krb5.c,v 1.4 2001/06/25 02:54:02 hin Exp $ */
+/* $OpenBSD: login_krb5.c,v 1.5 2001/06/25 05:23:13 hin Exp $ */
/*-
* Copyright (c) 2001 Hans Insulander <hin@openbsd.org>.
@@ -65,7 +65,8 @@ main(int argc, char **argv)
{
int opt, mode;
FILE *back = NULL;
- char *class, *username = NULL, *instance;
+ char *class, *username = NULL, *instance, *password, pw_prompt[256];
+ char *tmp_name;
krb5_error_code ret;
krb5_context context;
@@ -144,8 +145,13 @@ main(int argc, char **argv)
} else
instance = "";
+ krb5_unparse_name(context, princ, &tmp_name);
+ snprintf(pw_prompt, sizeof(pw_prompt), "%s's Password: ", tmp_name);
+
+ password = getpass(pw_prompt);
+
ret = krb5_verify_user_lrealm(context, princ, ccache,
- NULL, /* Let krb5 lib ask for pw */
+ password,
1, /* verify with keytab */
NULL);
@@ -267,7 +273,7 @@ main(int argc, char **argv)
case KRB5KRB_AP_ERR_MODIFIED:
/* XXX syslog here? */
case KRB5KRB_AP_ERR_BAD_INTEGRITY:
- fprintf(back, BI_REJECT " 2\n");
+ fprintf(back, BI_REJECT "\n");
break;
default:
krb5_syslog(context, LOG_ERR, ret, "verify");