Lines Matching defs:pd
178 struct pam_data *pd,
202 kr->pd = pd;
206 pd->user, dom->case_sensitive, &mapped_name);
218 DEBUG(SSSDBG_TRACE_ALL, "No mapping for: %s\n", pd->user);
219 kr->user = pd->user;
247 struct pam_data *pd, uid_t uid,
253 if (sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_PASSWORD) {
260 ret = sss_authtok_get_password(pd->authtok, &password, NULL);
269 ret = sysdb_cache_auth(domain, pd->user,
278 ret = add_user_to_delayed_online_authentication(krb5_ctx, pd, uid);
308 "No ccache file for user [%s] found.\n", kr->pd->user);
315 struct pam_data *pd)
323 switch(pd->cmd) {
336 if (sss_authtok_get_type(pd->authtok) == SSS_AUTHTOK_TYPE_2FA) {
337 ret = sss_authtok_get_2fa(pd->authtok, &password, &password_len,
348 ret = sss_authtok_get_password(pd->authtok, &password, NULL);
352 ret = sss_authtok_get_password(pd->newauthtok, &password, NULL);
356 "unsupported PAM command [%d].\n", pd->cmd);
367 if (pd->cmd != SSS_CMD_RENEW && pd->cmd != SSS_PAM_PREAUTH) {
375 ret = sysdb_cache_password_ex(domain, pd->user, password,
376 sss_authtok_get_type(pd->authtok), fa2_len);
409 struct pam_data *pd;
427 struct pam_data *pd,
449 state->pd = pd;
455 ret = get_domain_or_subdomain(be_ctx, pd->domain, &state->domain);
463 authtok_type = sss_authtok_get_type(pd->authtok);
465 switch (pd->cmd) {
474 pd->user);
483 "Expected [%d], got [%d]\n", pd->user,
493 if (pd->priv == 1 &&
507 "Expected [%d], got [%d]\n", pd->user,
519 DEBUG(SSSDBG_CONF_SETTINGS, "Unexpected pam task %d.\n", pd->cmd);
527 (pd->cmd == SSS_PAM_CHAUTHTOK || pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM ||
528 pd->cmd == SSS_CMD_RENEW)) {
553 ret = krb5_setup(state, pd, state->domain, krb5_ctx,
561 ret = sysdb_get_user_attr_with_views(state, state->domain, state->pd->user,
565 "sysdb search for upn of user [%s] failed.\n", pd->user);
581 "No attributes for user [%s] found.\n", pd->user);
588 kr->user, pd->domain, &kr->upn);
607 "Home directory for user [%s] not known.\n", pd->user);
615 "UID for user [%s] not known.\n", pd->user);
625 "GID for user [%s] not known.\n", pd->user);
639 "User search for (%s) returned > 1 results!\n", pd->user);
646 if (pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM && otp == true) {
698 (kr->pd->cmd == SSS_PAM_CHAUTHTOK ||
699 kr->pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM)) {
718 if (kr->pd->cmd == SSS_PAM_CHAUTHTOK ||
719 kr->pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) {
787 struct pam_data *pd = state->pd;
798 ret = handle_child_recv(subreq, pd, &buf, &len);
804 switch (pd->cmd) {
854 ret = parse_krb5_child_response(state, buf, len, pd,
890 pd->user, res->correct_upn);
912 if (pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) {
922 (pd->cmd == SSS_PAM_CHAUTHTOK ||
923 pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM)) {
963 pd->user, kr->old_ccname);
974 if (pd->cmd == SSS_PAM_AUTHENTICATE && !kr->active_ccache) {
977 pd->user, kr->old_ccname);
1033 (pd->cmd == SSS_PAM_CHAUTHTOK ||
1034 pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM)) {
1056 pd->user, kr->ccname);
1073 (pd->cmd == SSS_PAM_AUTHENTICATE ||
1074 pd->cmd == SSS_CMD_RENEW ||
1075 pd->cmd == SSS_PAM_CHAUTHTOK) &&
1081 pd, kr->upn);
1094 state->pd, state->kr->uid,
1108 || (res->otp && sss_authtok_get_type(pd->authtok) ==
1110 krb5_auth_store_creds(state->domain, pd);
1117 if (res->otp == true && pd->cmd == SSS_PAM_AUTHENTICATE
1118 && sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_2FA) {
1120 ret = pam_add_response(pd, SSS_OTP, sizeof(uint32_t),
1157 struct pam_data *pd;
1166 struct pam_data *pd,
1180 state->pd = pd;
1182 switch (pd->cmd) {
1188 pd, krb5_ctx);
1191 pd->pam_status = PAM_SYSTEM_ERR;
1199 pd, krb5_ctx);
1202 pd->pam_status = PAM_SYSTEM_ERR;
1211 pd->pam_status = PAM_SUCCESS;
1216 "krb5 does not handles pam task %d.\n", pd->cmd);
1217 pd->pam_status = PAM_MODULE_UNKNOWN;
1240 ret = krb5_auth_queue_recv(subreq, &state->pd->pam_status, NULL);
1243 state->pd->pam_status = PAM_SYSTEM_ERR;
1263 state->pd->pam_status = PAM_SYSTEM_ERR;
1268 access_allowed ? "allowed" : "denied", state->pd->user);
1269 state->pd->pam_status = access_allowed ? PAM_SUCCESS : PAM_PERM_DENIED;
1286 *_data = talloc_steal(mem_ctx, state->pd);