add a krb5-noverify option for login.conf that disables verification

of the server against a local host keytab file when you're authing
users with login_krb5. useful for when you need to auth users but
dealing with the domain admins is painful...

ok sthen@ jj@ millert@

2 files changed, 4 insertions, 4 deletions

diff --git a/libexec/login_passwd/common.h b/libexec/login_passwd/common.h
index a430c4d660c..18eca80aad7 100644
--- a/libexec/login_passwd/common.h
+++ b/libexec/login_passwd/common.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: common.h,v 1.3 2006/03/09 19:14:10 millert Exp $ */
+/* $OpenBSD: common.h,v 1.4 2012/06/01 01:43:19 dlg Exp $ */
 /*-
  * Copyright (c) 2001 Hans Insulander <hin@openbsd.org>.
  * All rights reserved.
@@ -59,7 +59,7 @@ int pwd_login(char *, char *, char *, int, char *);
 int pwd_gensalt(char *, int, login_cap_t *, char);
 #endif
 #ifdef KRB5
-int krb5_login(char *, char *, char *, int, int);
+int krb5_login(char *, char *, char *, int, int, char *);
 #endif
 
 #endif /* !_COMMON_H_ */
diff --git a/libexec/login_passwd/login.c b/libexec/login_passwd/login.c
index 186c00cb945..4f73489e463 100644
--- a/libexec/login_passwd/login.c
+++ b/libexec/login_passwd/login.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: login.c,v 1.9 2006/04/02 01:00:40 deraadt Exp $	*/
+/*	$OpenBSD: login.c,v 1.10 2012/06/01 01:43:19 dlg Exp $	*/
 
 /*-
  * Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
@@ -150,7 +150,7 @@ main(int argc, char **argv)
 	ret = AUTH_FAILED;
 #ifdef KRB5
 	ret = krb5_login(username, invokinguser, password, arg_login,
-			 !arg_notickets);
+			 !arg_notickets, class);
 #endif
 #ifdef PASSWD
 	if (ret != AUTH_OK)