From 1891a3d7aca2cefd6495266c236a71296994c2a4 Mon Sep 17 00:00:00 2001
From: Jeroen Nijhof <jeroen@jeroennijhof.nl>
Date: Wed, 25 Jul 2012 11:37:30 +0200
Subject: tac_encryption fully handled by libtac

---
 ChangeLog            | 1 +
 libtac/lib/connect.c | 6 +++++-
 pam_tacplus.c        | 3 ---
 support.c            | 3 ---
 4 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 449835e..1412cdd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,5 @@
 1.3.7
+* Tac_encryption fully handled by libtac no need to enable it manually
 * Handle attributes which contains no value,
   thanks to James Allwright <jamesallwright@yahoo.co.uk>
 * Global variables tac_login and tac_secret not static anymore,
diff --git a/libtac/lib/connect.c b/libtac/lib/connect.c
index ef4d706..1494976 100644
--- a/libtac/lib/connect.c
+++ b/libtac/lib/connect.c
@@ -153,7 +153,11 @@ int tac_connect_single(struct addrinfo *server, char *key) {
     retval = fd;
 
     /* set current tac_secret */
-    tac_secret = key;
+    tac_encryption = 0;
+    if (key != NULL && strcmp(key, "") != 0) {
+        tac_encryption = 1;
+        tac_secret = key;
+    }
 
     free(ip);
 
diff --git a/pam_tacplus.c b/pam_tacplus.c
index 350e042..56a38b2 100644
--- a/pam_tacplus.c
+++ b/pam_tacplus.c
@@ -75,9 +75,6 @@ extern void *_xcalloc (size_t size);
 /* magic.c */
 extern u_int32_t magic();
 
-/* libtac */
-extern int tac_encryption;
-
 /* address of server discovered by pam_sm_authenticate */
 static struct addrinfo *active_server;
 char *active_key;
diff --git a/support.c b/support.c
index b32cafa..c387fde 100644
--- a/support.c
+++ b/support.c
@@ -43,7 +43,6 @@ char *tac_prompt = NULL;
 
 /* libtac */
 extern char *tac_login;
-extern int tac_encryption;
 extern int tac_timeout;
 
 #ifndef xcalloc
@@ -200,7 +199,6 @@ int _pam_parse (int argc, const char **argv) {
 
     /* otherwise the list will grow with each call */
     tac_srv_no = tac_srv_key_no = 0;
-    tac_encryption = 0;
 
     for (ctrl = 0; argc-- > 0; ++argv) {
         if (!strcmp (*argv, "debug")) { /* all */
@@ -250,7 +248,6 @@ int _pam_parse (int argc, const char **argv) {
                     TAC_PLUS_MAXSERVERS);
             }
         } else if (!strncmp (*argv, "secret=", 7)) {
-            tac_encryption = 1;
             if(tac_srv_key_no < TAC_PLUS_MAXSERVERS) {
                 tac_srv_key[tac_srv_key_no] = (char *) _xcalloc (strlen (*argv + 7) + 1);
                 strcpy (tac_srv_key[tac_srv_key_no], *argv + 7);
-- 
cgit v1.2.3