Browse Source

Remove unmaintained and not working pam code.

Most people would use pam auth with /etc/{passwd,shadow}.
This is a stupid idea anyway.

* src/server.c: Remove pam from the feature list (-V)
* src/http_auth.h, src/http_auth.c: Remove the pam code.

(merge of r1115:1116 from branches/lighttpd-merge-1.4.x/)


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.11-ssl-fixes@1288 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.12
Marcus Rückert 16 years ago
parent
commit
27e3de6ca4
  1. 38
      src/http_auth.c
  2. 10
      src/http_auth.h
  3. 5
      src/server.c

38
src/http_auth.c

@ -37,17 +37,6 @@
# include "md5.h"
#endif
#ifdef USE_PAM
#include <security/pam_appl.h>
#include <security/pam_misc.h>
static struct pam_conv conv = {
misc_conv,
NULL
};
#endif
handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s);
static const char base64_pad = '=';
@ -509,33 +498,6 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
if (0 == strcmp(password->ptr, pw)) {
return 0;
}
} else if (p->conf.auth_backend == AUTH_BACKEND_PAM) {
#ifdef USE_PAM
pam_handle_t *pamh=NULL;
int retval;
retval = pam_start("lighttpd", username->ptr, &conv, &pamh);
if (retval == PAM_SUCCESS)
retval = pam_authenticate(pamh, 0); /* is user really user? */
if (retval == PAM_SUCCESS)
retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
/* This is where we have been authorized or not. */
if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
pamh = NULL;
log_error_write(srv, __FILE__, __LINE__, "s", "failed to release authenticator");
}
if (retval == PAM_SUCCESS) {
log_error_write(srv, __FILE__, __LINE__, "s", "Authenticated");
return 0;
} else {
log_error_write(srv, __FILE__, __LINE__, "s", "Not Authenticated");
}
#endif
} else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) {
#ifdef USE_LDAP
LDAP *ldap;

10
src/http_auth.h

@ -9,9 +9,13 @@
# include <ldap.h>
#endif
typedef enum { AUTH_BACKEND_UNSET, AUTH_BACKEND_PLAIN,
AUTH_BACKEND_LDAP, AUTH_BACKEND_HTPASSWD,
AUTH_BACKEND_HTDIGEST, AUTH_BACKEND_PAM } auth_backend_t;
typedef enum {
AUTH_BACKEND_UNSET,
AUTH_BACKEND_PLAIN,
AUTH_BACKEND_LDAP,
AUTH_BACKEND_HTPASSWD,
AUTH_BACKEND_HTDIGEST
} auth_backend_t;
typedef struct {
/* auth */

5
src/server.c

@ -355,11 +355,6 @@ static void show_features (void) {
#else
"\t- crypt support\n"
#endif
#ifdef USE_PAM
"\t+ PAM support\n"
#else
"\t- PAM support\n"
#endif
#ifdef USE_OPENSSL
"\t+ SSL Support\n"
#else

Loading…
Cancel
Save