Remove unmaintained and not working pam code.
Most people would use pam auth with /etc/{passwd,shadow}.
This is a stupid idea anyway.
* src/server.c: Remove pam from the feature list (-V)
* src/http_auth.h, src/http_auth.c: Remove the pam code.
(merge of r1115:1116 from branches/lighttpd-merge-1.4.x/)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.11-ssl-fixes@1288 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.12
Marcus Rückert
parent
0f190e1614
commit
27e3de6ca4
|
|
@ -37,17 +37,6 @@
|
|||
# include "md5.h"
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef USE_PAM
|
||||
#include <security/pam_appl.h>
|
||||
#include <security/pam_misc.h>
|
||||
|
||||
static struct pam_conv conv = {
|
||||
misc_conv,
|
||||
NULL
|
||||
};
|
||||
#endif
|
||||
|
||||
handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s);
|
||||
|
||||
static const char base64_pad = '=';
|
||||
|
|
@ -509,33 +498,6 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
|
|||
if (0 == strcmp(password->ptr, pw)) {
|
||||
return 0;
|
||||
}
|
||||
} else if (p->conf.auth_backend == AUTH_BACKEND_PAM) {
|
||||
#ifdef USE_PAM
|
||||
pam_handle_t *pamh=NULL;
|
||||
int retval;
|
||||
|
||||
retval = pam_start("lighttpd", username->ptr, &conv, &pamh);
|
||||
|
||||
if (retval == PAM_SUCCESS)
|
||||
retval = pam_authenticate(pamh, 0); /* is user really user? */
|
||||
|
||||
if (retval == PAM_SUCCESS)
|
||||
retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
|
||||
|
||||
/* This is where we have been authorized or not. */
|
||||
|
||||
if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
|
||||
pamh = NULL;
|
||||
log_error_write(srv, __FILE__, __LINE__, "s", "failed to release authenticator");
|
||||
}
|
||||
|
||||
if (retval == PAM_SUCCESS) {
|
||||
log_error_write(srv, __FILE__, __LINE__, "s", "Authenticated");
|
||||
return 0;
|
||||
} else {
|
||||
log_error_write(srv, __FILE__, __LINE__, "s", "Not Authenticated");
|
||||
}
|
||||
#endif
|
||||
} else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) {
|
||||
#ifdef USE_LDAP
|
||||
LDAP *ldap;
|
||||
|
|
|
|||
|
|
@ -9,9 +9,13 @@
|
|||
# include <ldap.h>
|
||||
#endif
|
||||
|
||||
typedef enum { AUTH_BACKEND_UNSET, AUTH_BACKEND_PLAIN,
|
||||
AUTH_BACKEND_LDAP, AUTH_BACKEND_HTPASSWD,
|
||||
AUTH_BACKEND_HTDIGEST, AUTH_BACKEND_PAM } auth_backend_t;
|
||||
typedef enum {
|
||||
AUTH_BACKEND_UNSET,
|
||||
AUTH_BACKEND_PLAIN,
|
||||
AUTH_BACKEND_LDAP,
|
||||
AUTH_BACKEND_HTPASSWD,
|
||||
AUTH_BACKEND_HTDIGEST
|
||||
} auth_backend_t;
|
||||
|
||||
typedef struct {
|
||||
/* auth */
|
||||
|
|
|
|||
|
|
@ -355,11 +355,6 @@ static void show_features (void) {
|
|||
#else
|
||||
"\t- crypt support\n"
|
||||
#endif
|
||||
#ifdef USE_PAM
|
||||
"\t+ PAM support\n"
|
||||
#else
|
||||
"\t- PAM support\n"
|
||||
#endif
|
||||
#ifdef USE_OPENSSL
|
||||
"\t+ SSL Support\n"
|
||||
#else
|
||||
|
|
|
|||
Loading…
Reference in New Issue