| /sssd/src/util/ |
| H A D | memory.c | 35 char *password = (char *)memctx; local
38 /* zero out password */
39 for (i = 0; password[i]; i++) password[i] = '\0';
|
| H A D | authtok.h | 36 * @return A sss_authtok_type (empty, password, ...)
65 * @param len The length of the password string
69 * EACCESS if the token is not a password token
75 * @brief Set a password into a an auth token, replacing any previous data
79 * @param password A string
81 * then strlen(password) will be used internally.
87 const char *password, size_t len);
100 * EACCESS if the token is not a password token
159 * @brief Uses safezero to wipe the password from memory if the
160 * authtoken contains a password, otherwis
[all...] |
| H A D | authtok.c | 167 const char *password, size_t len)
172 "password", password, len);
166 sss_authtok_set_password(struct sss_auth_token *tok, const char *password, size_t len) argument
|
| /sssd/src/sss_client/libwbclient/ |
| H A D | wbc_pam_sssd.c | 26 /* Authenticate a username/password pair */
28 const char *password)
35 params.password.plaintext = password;
111 /* Change a password for a user with more detailed information upon failure */
128 /* Change a password for a user */
180 wbcErr wbcCredentialSave(const char *user, const char *password) argument
27 wbcAuthenticateUser(const char *username, const char *password) argument
|
| H A D | wbc_ctx_sssd.c | 301 const char *password)
363 const char *user, const char *password)
299 wbcCtxAuthenticateUser(struct wbcContext *ctx, const char *username, const char *password) argument
362 wbcCtxCredentialSave(struct wbcContext *ctx, const char *user, const char *password) argument
|
| H A D | wbclient_sssd.h | 262 } password; member in struct:wbcAuthUserParams
271 const char *password; member in struct:wbcLogonUserParams
398 #define WBC_ACB_PWNOTREQ 0x00000004 /* 1 User password not required */
405 #define WBC_ACB_PWNOEXP 0x00000200 /* 1 User password does not expire */
407 #define WBC_ACB_ENC_TXT_PWD_ALLOWED 0x00000800 /* 1 Encryped text password is allowed */
1629 * @brief Authenticate a username/password pair
1633 * @param password Clear text password os user
1639 const char *password);
1642 * @brief Authenticate a username/password pai
[all...] |
| /sssd/src/tools/ |
| H A D | sss_obfuscate | 15 parser.set_description("sss_obfuscate converts a given password into \
18 file. The password can be passed in by stdin, \
23 help="Read the password from stdin.")
26 help="The domain to use the password in (mandatory)",
50 pprompt = lambda: (getpass.getpass("Enter password: "),
51 getpass.getpass("Re-enter password: "))
65 password = p1
76 password = sys.stdin.read()
80 # Obfuscate the password
81 obfobj = pysss.password()
[all...] |
| H A D | sss_seed.c | 45 char *password; member in struct:user_ctx
184 char *password = NULL; local
195 temp = getpass("Enter temporary password:");
197 DEBUG(SSSDBG_OP_FAILURE, "Failed to get prompted password\n");
209 password = talloc_strdup(tmp_ctx, temp);
210 if (password == NULL) {
215 talloc_set_destructor((TALLOC_CTX *)password, password_destructor);
217 temp = getpass("Enter temporary password again:");
219 DEBUG(SSSDBG_OP_FAILURE, "Failed to get prompted password\n");
224 if (strncmp(temp,password,strle
243 char *password = NULL; local
[all...] |
| /sssd/src/util/crypto/ |
| H A D | sss_crypto.h | 51 int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
55 char **password);
|
| /sssd/src/tests/ |
| H A D | krb5_child-test.c | 159 const char *password)
173 ret = sss_authtok_set_password(pd->authtok, password, 0);
189 const char *password, const char *realm,
214 kr->pd = create_dummy_pam_data(kr, user, password);
398 char *password = NULL; local
408 { "password", 'w', POPT_ARG_STRING, &pc_passwd, 0,
410 { "ask-password", 'W', POPT_ARG_NONE, NULL, 'W',
432 password = getpass("Enter password:");
433 if (!password) {
158 create_dummy_pam_data(TALLOC_CTX *mem_ctx, const char *user, const char *password) argument
188 create_dummy_req(TALLOC_CTX *mem_ctx, const char *user, const char *password, const char *realm, const char *ccname, const char *ccname_template, int timeout) argument
[all...] |
| H A D | crypto-tests.c | 53 const char *password[] = { "test123", /* general */ local
73 for (i=0; password[i]; i++) {
74 ret = sss_password_encrypt(test_ctx, password[i], strlen(password[i])+1,
81 fail_if(ctpwd && strcmp(password[i], ctpwd) != 0);
|
| /sssd/src/providers/krb5/ |
| H A D | krb5_delayed_online_authentication.c | 75 char *password; local
80 keysize = keyctl_read_alloc(pd->key_serial, (void **)&password);
88 ret = sss_authtok_set_password(pd->authtok, password, keysize);
89 safezero(password, keysize);
90 free(password);
93 "failed to set password in auth token [%d][%s].\n",
270 const char *password; local
273 ret = sss_authtok_get_password(new_pd->authtok, &password, &len);
276 "Failed to get password [%d][%s].\n", ret, strerror(ret));
282 new_pd->key_serial = add_key("user", new_pd->user, password, le
[all...] |
| H A D | krb5_auth.c | 250 const char *password = NULL; local
255 "Delayed authentication is only available for password "
260 ret = sss_authtok_get_password(pd->authtok, &password, NULL);
263 "Failed to get password [%d] %s\n", ret, strerror(ret));
270 password, cdb, true, NULL, NULL);
317 const char *password = NULL; local
327 * as the cached password.
337 ret = sss_authtok_get_2fa(pd->authtok, &password, &password_len,
348 ret = sss_authtok_get_password(pd->authtok, &password, NULL);
352 ret = sss_authtok_get_password(pd->newauthtok, &password, NUL
[all...] |
| H A D | krb5_child.c | 645 static char *password_or_responder(const char *password) argument
652 return discard_const(password);
669 DEBUG(SSSDBG_CRIT_FAILURE, "Cannot handle password prompts.\n");
1265 const char *password)
1290 password_or_responder(password),
1403 * password migration would make sense. All Kerberos error codes which can
1431 const char *password = NULL; local
1448 ret = sss_authtok_get_password(kr->pd->authtok, &password, NULL);
1451 "Failed to fetch current password [%d] %s.\n",
1457 /* We do not need a password expiratio
1264 get_and_save_tgt(struct krb5_req *kr, const char *password) argument
1612 const char *password = NULL; local
[all...] |
| /sssd/src/responder/pam/ |
| H A D | pam_LOCAL_domain.c | 160 const char *password; local
167 ret = sss_authtok_get_password(pd->newauthtok, &password, NULL);
182 ret = s3crypt_sha512(lreq, password, salt, &new_hash);
228 const char *password; local
293 "allowing root to reset a password.\n");
296 ret = sss_authtok_get_password(pd->authtok, &password, NULL);
297 NEQ_CHECK_OR_JUMP(ret, EOK, "Failed to get password.\n",
301 NULL_CHECK_OR_JUMP(pwdhash, "No password stored.\n",
304 "user: [%s], password hash: [%s]\n", username, pwdhash);
306 ret = s3crypt_sha512(lreq, password, pwdhas
[all...] |
| H A D | pamsrv_cmd.c | 651 const char **password)
660 ret = sss_authtok_get_password(authtok, password, NULL);
663 ret = sss_authtok_get_2fa(authtok, password, &pw_len, &fa2, &fa2_len);
671 DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get password.\n");
728 const char *password = NULL; local
747 ret = get_password_for_cache_auth(pd->authtok, &password);
755 pd->user, password,
650 get_password_for_cache_auth(struct sss_auth_token *authtok, const char **password) argument
|
| /sssd/src/util/crypto/libcrypto/ |
| H A D | crypto_obfuscate.c | 28 * Please note that password obfuscation does not improve security in any
29 * way. It is just a mechanism to make the password human-unreadable. If you
69 int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen, argument
135 if (!EVP_EncryptUpdate(ctx, cryptotext, &ctlen, (const unsigned char *)password, plen)) {
197 char **password)
303 *password = talloc_move(mem_ctx, &pwdbuf);
196 sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded, char **password) argument
|
| /sssd/src/util/crypto/nss/ |
| H A D | nss_obfuscate.c | 27 * Please note that password obfuscation does not improve security in any
28 * way. It is just a mechanism to make the password human-unreadable. If you
61 int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen, argument
114 plaintext = (unsigned char *) talloc_strndup(tmp_ctx, password, plen);
197 char **password)
324 *password = talloc_move(mem_ctx, &pwdbuf);
196 sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded, char **password) argument
|
| /sssd/src/providers/proxy/ |
| H A D | proxy_child.c | 69 const char *password; local
89 &password, &pwlen);
93 memcpy(reply[i].resp, password, pwlen + 1);
120 const char *password; local
142 &password, &pwlen);
146 memcpy(reply[i].resp, password, pwlen + 1);
152 &password, &pwlen);
156 memcpy(reply[i].resp, password, pwlen + 1);
|
| H A D | proxy_auth.c | 779 const char *password; local
814 ret = sss_authtok_get_password(state->pd->authtok, &password, NULL);
816 /* password caching failures are not fatal errors */
817 DEBUG(SSSDBG_OP_FAILURE, "Failed to cache password\n");
821 ret = sysdb_cache_password(state->be_ctx->domain, state->pd->user, password);
823 /* password caching failures are not fatal errors */
826 DEBUG(SSSDBG_OP_FAILURE, "Failed to cache password (%d)[%s]!?\n",
|
| /sssd/src/tests/intg/ |
| H A D | ds_openldap.py | 34 def hash_password(password):
35 """Generate userPassword value for a password."""
37 hash = hashlib.sha1(password)
55 admin_pw Administrator password.
|
| /sssd/src/python/ |
| H A D | pysss.c | 73 * The sss.password object
959 "Obfuscate a password\n\n"
960 ":param password: The password to obfuscate\n\n"
967 char *password = NULL; local
977 &password, &plen, &mode)) {
987 ret = sss_password_encrypt(tctx, password, plen+1,
1006 "Deobfuscate a password\n\n"
1007 ":param obfpwd: The password to convert back to clear text\n\n");
1013 char *password
[all...] |
| /sssd/src/providers/ldap/ |
| H A D | ldap_auth.c | 105 DEBUG(SSSDBG_CONF_SETTINGS, "Kerberos password expired.\n");
137 "Last change day is not set, new password needed.\n");
145 "The last password change time is in the future!.\n");
252 DEBUG(SSSDBG_CRIT_FAILURE, "Unknown password expiration type.\n");
276 DEBUG(SSSDBG_CRIT_FAILURE, "Missing password policy.\n");
281 DEBUG(SSSDBG_TRACE_ALL, "No password policy requested.\n");
287 "Found Kerberos password expiration attributes.\n");
302 "No Kerberos password expiration attributes found, "
303 "but MIT Kerberos password policy was requested. "
311 "Found shadow password expiratio
986 const char *password; local
1215 const char *password; local
[all...] |
| H A D | sdap_async_connection.c | 806 "User must set a new password.\n");
821 "Password expired user must set a new password.\n");
827 "Password expired user must set a new password.\n");
1308 const char *password = NULL; local
1313 ret = sss_authtok_get_password(authtok, &password, &pwlen);
1319 /* Treat a zero-length password as a failure */
1320 if (*password == '\0') {
1324 pw.bv_val = discard_const(password);
1346 if (strcasecmp(authtok_type,"password") == 0) {
1840 if (strcasecmp(authtok_type, "password") !
2181 struct berval password = {0, NULL}; local
[all...] |
| /sssd/src/config/etc/ |
| H A D | sssd.api.conf | 111 password = str, None, false
|