class='cKeyword'>#if defined(N_PLAT_UNIX)
class='cKeyword'>#if defined(LINUX)
class='cKeyword'>#include <err.h>
class='cKeyword'>#endif
class='cKeyword'>#include <ntypes.h>
class='cKeyword'>#include <syslog.h>
class='cKeyword'>#endif
class='cKeyword'>#include <stdlib.h>
class='cKeyword'>#include <stdio.h>
class='cKeyword'>#include <unicode.h>
class='cKeyword'>#include <string.h>
class='cKeyword'>#include "nmaserr.h"
class='cKeyword'>#include "maf.h"
class='cKeyword'>#include "defines.h"
int SetThreadGroupID(int ourThreadGroupID);
class='cKeyword'>class='cKeyword'>#ifdef DEBUG
class='cKeyword'>class='cKeyword'>#ifdef N_PLAT_UNIX
class='cKeyword'>#define TRACE0(msg) syslog(LOG_ERR, msg)
class='cKeyword'>#define TRACE(msg) syslog(LOG_ERR, msg)
class='cKeyword'>#define TRACE1(msg, arg1) syslog(LOG_ERR, msg, arg1)
class='cKeyword'>#else
class='cKeyword'>#define TRACE printf
class='cKeyword'>#define TRACE1 printf
class='cKeyword'>#define TRACE2 printf
class='cKeyword'>#endif
class='cKeyword'>#else
class='cKeyword'>#define TRACE(msg)
class='cKeyword'>#define TRACE1(msg, arg1)
class='cKeyword'>#define TRACE2(msg, arg1, arg2)
class='cKeyword'>#endif
extern int ourThreadGroupID;
extern int activeThreadCount;
int LSM00000001(MAF_Handle mh)
{
int mafErr=0, err=0;
unicode pwdTag[] = CLEAR_PWD_TAG;
int thisThreadGroupID;
class='cKeyword'>char pwd[MAX_CLEAR_PWD_CHARS] = {0};
size_t pwdLen = 0;
class='cKeyword'>char storedPwd[MAX_CLEAR_PWD_CHARS] = {0};
size_t storedPwdLen = 0;
class='cKeyword'>char newPwd[MAX_CLEAR_PWD_CHARS] = {0};
size_t newPwdLen = 0;
size_t replyLen = 0;
CPWD_INFO pwdInfo;
TRACE("CPWD LSM ENTER\n");
activeThreadCount++;
thisThreadGroupID = SetThreadGroupID(ourThreadGroupID);
mafErr = MAF_Begin (mh);
if (mafErr)
{
goto INIT_ERROR;
}
TRACE("CPWD LSM MAF_Begin OK\n");
mafErr = MAF_Read(mh, &replyLen, &pwdInfo);
if (mafErr)
{
TRACE("CPWD MAF_Read pwdInfo FAILED]\n");
goto MAF_ERROR;
}
if (replyLen < sizeof(pwdInfo))
{
mafErr = NMAS_E_LOGIN_FAILED;
goto MAF_ERROR;
}
NCopyFromLoHi32(&err, &pwdInfo.error);
if (err)
{
goto MAF_ERROR;
}
mafErr = MAF_XRead(mh, &pwdLen, pwd);
if (mafErr)
{
TRACE("CPWD MAF_XRead password FAILED]\n");
goto MAF_ERROR;
}
if (replyLen == 0)
{
mafErr = NMAS_E_LOGIN_FAILED;
goto MAF_ERROR;
}
storedPwdLen = sizeof(storedPwd);
err = MAF_GetAttribute(mh, NMAS_AID_USER_SECRET_DATA, pwdTag, &storedPwdLen, storedPwd);
if (err)
{
TRACE1("CPWD MAF_GetAttribute (password) = %d", err);
goto REPORT_ERROR;
}
if (storedPwdLen != pwdLen)
{
err = NMAS_E_LOGIN_FAILED;
TRACE1("CPWD Password length out of range (%d)", err);
goto REPORT_ERROR;
}
sensitive
if(strncmp(storedPwd, pwd, storedPwdLen) != 0)
{
err = NMAS_E_LOGIN_FAILED;
TRACE("CPWD password didn't match");
}
memset(storedPwd, 0xCC, sizeof(storedPwd));
memset(pwd, 0xCC, sizeof(pwd));
if (err)
{
goto REPORT_ERROR;
}
mafErr = MAF_Write( mh, 4, &err );
if (mafErr)
{
TRACE1("CPWD MAF_Write (success) FAILED Error %d\n", mafErr);
goto MAF_ERROR;
}
if ((pwdInfo.infoFlags & PASSWORD_CHANGE) != 0)
{
mafErr = MAF_XRead( mh, &newPwdLen, newPwd );
if (mafErr)
{
TRACE("CPWD MAF_XRead (new password) FAILED]\n");
goto MAF_ERROR;
}
if (replyLen == 0)
{
mafErr = NMAS_E_LOGIN_FAILED;
goto MAF_ERROR;
}
err = MAF_PutAttribute( mh, NMAS_AID_USER_SECRET_DATA, pwdTag, strlen(newPwd)+1, newPwd);
memset(newPwd, 0xCC, sizeof(newPwd));
if (err)
{
TRACE1("CPWD Set Password = %d", err);
goto REPORT_ERROR;
}
mafErr = MAF_Write( mh, 4, &err );
if (mafErr)
{
TRACE1("CPWD MAF_Write (Set Password success) FAILED Error %d\n", mafErr);
goto MAF_ERROR;
}
}
REPORT_ERROR:
if (err)
{
mafErr = MAF_Write( mh, 4, &err );
{
TRACE1("CPWD MAF_Write (failure) FAILED Error %d\n", mafErr);
}
}
MAF_ERROR:
if (!err)
{
err = mafErr;
}
if (!err)
{
TRACE("Clear Password Login Successful.\n");
}
else
{
TRACE("Clear Password Login Failed.\n");
}
MAF_End (mh, err, 0, 0);
INIT_ERROR:
activeThreadCount--;
SetThreadGroupID(thisThreadGroupID);
return mafErr;
}