| /freebsd/contrib/pam-krb5/module/ |
| H A D | alt-auth.c | 33 * Map the user to a Kerberos principal according to alt_auth_map. Returns 0
49 /* Makes no sense if alt_auth_map isn't set. */ in pamk5_map_principal()
50 if (args->config->alt_auth_map == NULL) in pamk5_map_principal()
71 for (p = args->config->alt_auth_map; *p != '\0'; p++) { in pamk5_map_principal()
79 if (realm != NULL && strchr(args->config->alt_auth_map, '@') == NULL) in pamk5_map_principal()
86 for (p = args->config->alt_auth_map; *p != '\0'; p++) { in pamk5_map_principal()
96 if (realm != NULL && strchr(args->config->alt_auth_map, '@') == NULL) { in pamk5_map_principal()
182 * the context matches the alt_auth_map-derived identity of the user we're
|
| H A D | support.c | 82 * If alt_auth_map was set, authorize the user if the authenticated in pamk5_authorized()
83 * principal matches the mapped principal. alt_auth_map essentially in pamk5_authorized()
89 if (args->config->alt_auth_map != NULL) { in pamk5_authorized()
|
| H A D | internal.h | 58 char *alt_auth_map; /* An sprintf pattern to map principals. */ member
197 * alt_auth_map support.
200 * according to alt_auth_map. Returns 0 on success, storing the mapped
209 * access the account given the configured alt_auth_map and is meant to be
|
| H A D | options.c | 33 { K(alt_auth_map), true, STRING (NULL) },
244 free(config->alt_auth_map); in pamk5_free()
|
| H A D | auth.c | 599 * authentication loop, and handles alt_auth_map and search_k5login. It takes
618 if (args->config->alt_auth_map != NULL) { in password_auth_attempt()
780 * Fill in the default principal to authenticate as. alt_auth_map or in pamk5_password_auth()
1065 /* Check .k5login and alt_auth_map. */ in pamk5_authenticate()
|
| /freebsd/contrib/pam-krb5/tests/module/ |
| H A D | alt-auth-t.c | 2 * Tests for the alt_auth_map functionality in libpam-krb5.
4 * This test case tests the variations of the alt_auth_map functionality for
36 * want to test that alt_auth_map works when there's no relationship in main()
94 * the alt_auth_map already includes a realm. in main()
|
| /freebsd/contrib/pam-krb5/tests/data/scripts/alt-auth/ |
| H A D | basic | 11 auth = alt_auth_map=%1 force_first_pass no_ccache
12 account = alt_auth_map=%1 no_ccache
|
| H A D | only | 11 auth = alt_auth_map=%1 only_alt_auth force_first_pass no_ccache
12 account = alt_auth_map=%1 no_ccache
|
| H A D | force | 11 auth = alt_auth_map=%1 force_alt_auth force_first_pass no_ccache
12 account = alt_auth_map=%1 no_ccache
|
| H A D | fail | 11 auth = alt_auth_map=bogus force_first_pass no_ccache
12 account = alt_auth_map=bogus no_ccache
|
| H A D | username-map-prefix | 11 auth = alt_auth_map=%3%%s@%2 force_first_pass no_ccache
12 account = alt_auth_map=%3%%s@%2 no_ccache
|
| H A D | username-map | 11 auth = alt_auth_map=%%s@%2 force_first_pass no_ccache
12 account = alt_auth_map=%%s@%2 no_ccache
|
| H A D | only-fail | 11 auth = alt_auth_map=bogus only_alt_auth no_ccache
12 account = alt_auth_map=bogus no_ccache
|
| H A D | fallback | 11 auth = alt_auth_map=%%s/unknown-user no_ccache
12 account = alt_auth_map=%%s/unknown-user no_ccache
|
| H A D | force-fallback | 11 auth = alt_auth_map=%%s/unknown-user force_alt_auth no_ccache
12 account = alt_auth_map=%%s/unknown-user no_ccache
|
| H A D | fallback-realm | 11 auth = alt_auth_map=%%s@BOGUS.EXAMPLE.COM no_ccache
12 account = alt_auth_map=%%s@BOGUS.EXAMPLE.COM no_ccache
|
| H A D | basic-debug | 11 auth = alt_auth_map=%1 force_first_pass no_ccache debug
12 account = alt_auth_map=%1 no_ccache debug
|
| H A D | force-fail-debug | 11 auth = alt_auth_map=%1 force_alt_auth force_first_pass no_ccache debug
12 account = alt_auth_map=%1 no_ccache debug
|
| H A D | fail-debug | 11 auth = alt_auth_map=bogus force_first_pass no_ccache debug
12 account = alt_auth_map=bogus no_ccache debug
|
| H A D | fallback-debug | 11 auth = alt_auth_map=%%s/unknown-user no_ccache debug
12 account = alt_auth_map=%%s/unknown-user no_ccache debug
|
| /freebsd/contrib/pam-krb5/ |
| H A D | TODO | 34 * The alt_auth_map parsing to find realms doesn't take into account
38 alt_auth_map cases. Right now, we may return expired password errors
|
| H A D | NEWS | 235 Fix alt_auth_map support to preserve the realm of the authentication
239 Document that the alt_auth_map format may contain a realm to force all
255 Close several memory leaks in alt_auth_map support.
405 Fix error in freeing a previous alt_auth_map setting when parsing
623 Add alt_auth_map configuration option, which allows mapping of
|
| /freebsd/lib/libpam/modules/pam_krb5/ |
| H A D | pam-krb5.8 | 264 .IP alt_auth_map=<format> 4
265 .IX Item "alt_auth_map=<format>"
280 \& alt_auth_map=%s/root
292 \& alt_auth_map=%s@EXAMPLE.COM
309 [3.12] This option is used with \fIalt_auth_map\fR and forces authentication
313 alternate instance. If \fIalt_auth_map\fR is not set, it has no effect.
358 [3.12] This option is used with \fIalt_auth_map\fR and forces the use of the
361 \&\fIforce_alt_auth\fR. If \fIalt_auth_map\fR is not set, it has no effect and
|
| /freebsd/contrib/pam-krb5/docs/ |
| H A D | pam_krb5.pod | 221 =item alt_auth_map=<format>
236 alt_auth_map=%s/root
246 alt_auth_map=%s@EXAMPLE.COM
263 [3.12] This option is used with I<alt_auth_map> and forces authentication
267 alternate instance. If I<alt_auth_map> is not set, it has no effect.
316 [3.12] This option is used with I<alt_auth_map> and forces the use of the
319 I<force_alt_auth>. If I<alt_auth_map> is not set, it has no effect and
|
| H A D | docknot.yaml | 548 Thanks to Booker Bense for the implementation of the `alt_auth_map`
|