Fix securid5 authentication, was not checking for ACM_OK. Also add

default cases for the two switch()es. Problem noted by ccon at worldbank
2025-08-31 14:25:15 +00:00 · 2005-07-28 01:14:14 +00:00
parent 4e86b1d74a
commit 26523a7ce6
1 changed files with 17 additions and 3 deletions
--- a/auth/securid5.c
+++ b/auth/securid5.c
@@ -121,6 +121,10 @@ securid_setup(pw, promptp, auth)
    retval = SD_Lock(*sd, pw->pw_name);

    switch (retval) {
+	case ACM_OK:
+		warningx("User ID locked for SecurID Authentication");
+		return(AUTH_SUCCESS);
+
        case ACE_UNDEFINED_USERNAME:
 		warningx("invalid username length for SecurID");
 		return(AUTH_FATAL);
@@ -133,9 +137,9 @@ securid_setup(pw, promptp, auth)
 		warningx("SecurID communication failed");
 		return(AUTH_FATAL);

-	case ACM_OK:
-		warningx("User ID locked for SecurID Authentication");
-		return(AUTH_SUCCESS);
+	default:
+		warningx("unknown SecurID error");
+		return(AUTH_FATAL);
 	}
 }

@@ -165,6 +169,10 @@ securid_verify(pw, pass, auth)

    /* Have ACE verify password */
    switch (SD_Check(*sd, pass, pw->pw_name)) {
+	case ACM_OK:
+		rval = AUTH_SUCESS;
+		break;
+
 	case ACE_UNDEFINED_PASSCODE:
 		warningx("invalid passcode length for SecurID");
 		rval = AUTH_FATAL;
@@ -178,6 +186,7 @@ securid_verify(pw, pass, auth)
 	case ACE_ERR_INVALID_HANDLE:
 		warningx("invalid Authentication Handle for SecurID");
 		rval = AUTH_FATAL;
+		break;

 	case ACM_ACCESS_DENIED:
 		rval = AUTH_FAILURE;
@@ -212,6 +221,11 @@ then enter the new token code.\n", \
 		fprintf(stderr, "Please set up a PIN before you try to authenticate.\n");
 		rval = AUTH_FATAL;
 		break;
+
+	default:
+		warningx("unknown SecurID error");
+		rval = AUTH_FATAL;
+		break;
    }

    /* Free resources */