[Pkg-shadow-commits] r2101 - in upstream/trunk: . src

nekral-guest at alioth.debian.org nekral-guest at alioth.debian.org
Tue Jun 10 18:56:23 UTC 2008


Author: nekral-guest
Date: 2008-06-10 18:56:23 +0000 (Tue, 10 Jun 2008)
New Revision: 2101

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/login.c
Log:
	* src/login.c: Avoid multi-statements lines.
	* src/login.c: Ignore the return value of pam_end() before
	exiting.
	* src/login.c: Use a bool when possible instead of int integers.
	* src/login.c: Add brackets and parenthesis.
	* src/login.c: Ignore the return values of fflush(), putchar(), puts().
	* src/login.c: Ignore the return value of fclose() for read-only
	files.
	* src/login.c: Avoid assignments in comparisons.
	* src/login.c: Ignore return value of setlocale(),
	bindtextdomain(), and textdomain().


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2008-06-10 17:56:53 UTC (rev 2100)
+++ upstream/trunk/ChangeLog	2008-06-10 18:56:23 UTC (rev 2101)
@@ -1,5 +1,19 @@
 2008-06-10  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* src/login.c: Avoid multi-statements lines.
+	* src/login.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/login.c: Use a bool when possible instead of int integers.
+	* src/login.c: Add brackets and parenthesis.
+	* src/login.c: Ignore the return values of fflush(), putchar(), puts().
+	* src/login.c: Ignore the return value of fclose() for read-only
+	files.
+	* src/login.c: Avoid assignments in comparisons.
+	* src/login.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-10  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* src/chage.c: Use a bool when possible instead of int integers.
 	* src/chage.c: Ignore return value of setlocale(),
 	bindtextdomain(), and textdomain().

Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c	2008-06-10 17:56:53 UTC (rev 2100)
+++ upstream/trunk/src/login.c	2008-06-10 18:56:23 UTC (rev 2101)
@@ -60,10 +60,11 @@
 #define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
 	fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
 	SYSLOG((LOG_ERR,"%s",pam_strerror(pamh, retcode))); \
-	pam_end(pamh, retcode); exit(1); \
+	(void) pam_end(pamh, retcode); \
+	exit(1); \
    }
 #define PAM_END { retcode = pam_close_session(pamh,0); \
-		pam_end(pamh,retcode); }
+		(void) pam_end(pamh,retcode); }
 
 #endif				/* USE_PAM */
 
@@ -90,23 +91,23 @@
 extern struct utmp utent;
 
 struct lastlog lastlog;
-static int pflg = 0;
-static int fflg = 0;
+static bool pflg = false;
+static bool fflg = false;
 
 #ifdef RLOGIN
-static int rflg = 0;
+static bool rflg = false;
 #else
-#define rflg 0
+#define rflg false
 #endif
-static int hflg = 0;
-static int preauth_flag = 0;
+static bool hflg = false;
+static bool preauth_flag = false;
 
 /*
  * Global variables.
  */
 
 static char *Prog;
-static int amroot;
+static bool amroot;
 static int timeout;
 
 /*
@@ -151,8 +152,9 @@
 static void usage (void)
 {
 	fprintf (stderr, _("Usage: %s [-p] [name]\n"), Prog);
-	if (!amroot)
+	if (!amroot) {
 		exit (1);
+	}
 	fprintf (stderr, _("       %s [-p] [-h host] [-f name]\n"), Prog);
 #ifdef RLOGIN
 	fprintf (stderr, _("       %s [-p] -r host\n"), Prog);
@@ -190,8 +192,8 @@
  */
 static void bad_time_notify (void)
 {
-	puts (_("Invalid login time"));
-	fflush (stdout);
+	(void) puts (_("Invalid login time"));
+	(void) fflush (stdout);
 }
 
 static void check_nologin (void)
@@ -206,7 +208,7 @@
 	 * forgotten about it ...
 	 */
 	fname = getdef_str ("NOLOGINS_FILE");
-	if (fname != NULL && access (fname, F_OK) == 0) {
+	if ((NULL != fname) && (access (fname, F_OK) == 0)) {
 		FILE *nlfp;
 		int c;
 
@@ -214,17 +216,20 @@
 		 * Cat the file if it can be opened, otherwise just
 		 * print a default message
 		 */
-		if ((nlfp = fopen (fname, "r"))) {
+		nlfp = fopen (fname, "r");
+		if (NULL != nlfp) {
 			while ((c = getc (nlfp)) != EOF) {
-				if (c == '\n')
-					putchar ('\r');
+				if (c == '\n') {
+					(void) putchar ('\r');
+				}
 
-				putchar (c);
+				(void) putchar (c);
 			}
-			fflush (stdout);
-			fclose (nlfp);
-		} else
-			puts (_("\nSystem closed for routine maintenance"));
+			(void) fflush (stdout);
+			(void) fclose (nlfp);
+		} else {
+			(void) puts (_("\nSystem closed for routine maintenance"));
+		}
 		/*
 		 * Non-root users must exit. Root gets the message, but
 		 * gets to login.
@@ -249,8 +254,9 @@
 	 * clever rlogin, telnet, and getty holes.
 	 */
 	for (arg = 1; arg < argc; arg++) {
-		if (argv[arg][0] == '-' && strlen (argv[arg]) > 2)
+		if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) {
 			usage ();
+		}
 		if (strcmp(argv[arg], "--") == 0) {
 			break; /* stop checking on a "--" */
 		}
@@ -265,7 +271,8 @@
 #endif
 	char *tmp;
 
-	if ((tmp = getenv ("LANG"))) {
+	tmp = getenv ("LANG");
+	if (NULL != tmp) {
 		addenv ("LANG", tmp);
 	}
 
@@ -273,23 +280,33 @@
 	 * Add the timezone environmental variable so that time functions
 	 * work correctly.
 	 */
-	if ((tmp = getenv ("TZ"))) {
+	tmp = getenv ("TZ");
+	if (NULL != tmp) {
 		addenv ("TZ", tmp);
 	}
 #ifndef USE_PAM
-	else if ((cp = getdef_str ("ENV_TZ")))
-		addenv (*cp == '/' ? tz (cp) : cp, NULL);
+	else {
+		cp = getdef_str ("ENV_TZ");
+		if (NULL != cp) {
+			addenv (('/' == *cp) ? tz (cp) : cp, NULL);
+		}
+	}
 #endif				/* !USE_PAM */
 	/* 
 	 * Add the clock frequency so that profiling commands work
 	 * correctly.
 	 */
-	if ((tmp = getenv ("HZ"))) {
+	tmp = getenv ("HZ");
+	if (NULL != tmp) {
 		addenv ("HZ", tmp);
 	}
 #ifndef USE_PAM
-	else if ((cp = getdef_str ("ENV_HZ")))
-		addenv (cp, NULL);
+	else {
+		cp = getdef_str ("ENV_HZ");
+		if (NULL != cp) {
+			addenv (cp, NULL);
+		}
+	}
 #endif				/* !USE_PAM */
 }
 
@@ -332,11 +349,11 @@
 	int reason = PW_LOGIN;
 	int delay;
 	int retries;
-	int failed;
+	bool failed;
 	int flag;
-	int subroot = 0;
+	bool subroot = false;
 #ifndef USE_PAM
-	int is_console;
+	bool is_console;
 #endif
 	int err;
 	const char *cp;
@@ -361,9 +378,9 @@
 
 	sanitize_env ();
 
-	setlocale (LC_ALL, "");
-	bindtextdomain (PACKAGE, LOCALEDIR);
-	textdomain (PACKAGE);
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
 
 	initenv ();
 
@@ -387,26 +404,28 @@
 			 * normal user name passed after all options
 			 * --benc
 			 */
-			if (optarg != NULL && optarg != argv[optind - 1])
+			if (optarg != NULL && optarg != argv[optind - 1]) {
 				usage ();
-			fflg++;
-			if (optarg)
+			}
+			fflg = true;
+			if (optarg) {
 				STRFCPY (username, optarg);
+			}
 			break;
 		case 'h':
-			hflg++;
+			hflg = true;
 			hostname = optarg;
 			reason = PW_TELNET;
 			break;
 #ifdef	RLOGIN
 		case 'r':
-			rflg++;
+			rflg = true;
 			hostname = optarg;
 			reason = PW_RLOGIN;
 			break;
 #endif
 		case 'p':
-			pflg++;
+			pflg = true;
 			break;
 		default:
 			usage ();
@@ -418,8 +437,9 @@
 	 * Neither -h nor -f should be combined with -r.
 	 */
 
-	if (rflg && (hflg || fflg))
+	if (rflg && (hflg || fflg)) {
 		usage ();
+	}
 #endif
 
 	/*
@@ -431,8 +451,9 @@
 		exit (1);
 	}
 
-	if (!isatty (0) || !isatty (1) || !isatty (2))
+	if ((isatty (0) == 0) || (isatty (1) == 0) || (isatty (2) == 0)) {
 		exit (1);	/* must be a terminal */
+	}
 
 	/*
 	 * Be picky if run by normal users (possible if installed setuid
@@ -460,7 +481,8 @@
 		 * gethostbyname() is not 100% reliable (the remote host may
 		 * be unknown, etc.).  --marekm
 		 */
-		if ((he = gethostbyname (hostname))) {
+		he = gethostbyname (hostname);
+		if (NULL != he) {
 			utent.ut_addr = *((int32_t *) (he->h_addr_list[0]));
 #endif
 #ifdef UT_HOST
@@ -482,18 +504,22 @@
 		 * workaround for init/getty leaving junk in ut_host at least in
 		 * some version of RedHat.  --marekm
 		 */
-		else if (amroot)
+		else if (amroot) {
 			memzero (utent.ut_host, sizeof utent.ut_host);
+		}
 #endif
-		if (fflg)
-			preauth_flag++;
-		if (hflg)
+		if (fflg) {
+			preauth_flag = true;
+		}
+		if (hflg) {
 			reason = PW_RLOGIN;
+		}
 #ifdef RLOGIN
-		if (rflg
+		if (   rflg
 		    && do_rlogin (hostname, username, sizeof username,
-				  term, sizeof term))
-			preauth_flag++;
+				  term, sizeof term)) {
+			preauth_flag = true;
+		}
 #endif
 
 		OPENLOG ("login");
@@ -512,8 +538,9 @@
 			 */
 			long limit = getdef_long ("ULIMIT", -1L);
 
-			if (limit != -1)
+			if (limit != -1) {
 				set_filesize_limit (limit);
+			}
 		}
 
 #endif
@@ -521,60 +548,78 @@
 		 * The entire environment will be preserved if the -p flag
 		 * is used.
 		 */
-		if (pflg)
-			while (*envp)	/* add inherited environment, */
-				addenv (*envp++, NULL);	/* some variables change later */
+		if (pflg) {
+			while (NULL != *envp) {	/* add inherited environment, */
+				addenv (*envp, NULL);	/* some variables change later */
+				envp++;
+			}
+		}
 
 #ifdef RLOGIN
-		if (term[0] != '\0')
+		if (term[0] != '\0') {
 			addenv ("TERM", term);
-		else
+		} else
 #endif
+		{
 			/* preserve TERM from getty */
-		if (!pflg && (tmp = getenv ("TERM")))
-			addenv ("TERM", tmp);
+			if (!pflg) {
+				tmp = getenv ("TERM");
+				if (NULL != tmp) {
+					addenv ("TERM", tmp);
+				}
+			}
+		}
 
 		init_env ();
 
 		if (optind < argc) {	/* get the user name */
-			if (rflg || (fflg && username[0]))
+			if (rflg || (fflg && ('\0' != username[0]))) {
 				usage ();
+			}
 
 			STRFCPY (username, argv[optind]);
 			strzero (argv[optind]);
 			++optind;
 		}
-		if (optind < argc)	/* now set command line variables */
+		if (optind < argc) {	/* now set command line variables */
 			set_env (argc - optind, &argv[optind]);
+		}
 
-		if (rflg || hflg)
+		if (rflg || hflg) {
 			cp = hostname;
-		else
+		} else {
+			/* FIXME: What is the priority:
+			 *        UT_HOST or HAVE_UTMPX_H? */
 #ifdef	UT_HOST
-		if (utent.ut_host[0])
-			cp = utent.ut_host;
-		else
+			if ('\0' != utent.ut_host[0]) {
+				cp = utent.ut_host;
+			} else
 #endif
 #if HAVE_UTMPX_H
-		if (utxent.ut_host[0])
-			cp = utxent.ut_host;
-		else
+			if ('\0' != utxent.ut_host[0]) {
+				cp = utxent.ut_host;
+			} else
 #endif
-			cp = "";
+			{
+				cp = "";
+			}
+		}
 
-		if (*cp)
+		if ('\0' != *cp) {
 			snprintf (fromhost, sizeof fromhost,
 			          " on '%.100s' from '%.200s'", tty, cp);
-		else
+		} else {
 			snprintf (fromhost, sizeof fromhost,
 			          " on '%.100s'", tty);
+		}
 
 	      top:
 		/* only allow ALARM sec. for login */
 		signal (SIGALRM, alarm_handler);
 		timeout = getdef_num ("LOGIN_TIMEOUT", ALARM);
-		if (timeout > 0)
+		if (timeout > 0) {
 			alarm (timeout);
+		}
 
 		environ = newenvp;	/* make new environment active */
 		delay = getdef_num ("FAIL_DELAY", 1);
@@ -604,20 +649,21 @@
 		retcode = pam_fail_delay (pamh, 1000000 * delay);
 		PAM_FAIL_CHECK;
 #endif
-		/* if fflg == 1, then the user has already been authenticated */
+		/* if fflg, then the user has already been authenticated */
 		if (!fflg || (getuid () != 0)) {
 			int failcount = 0;
 			char hostn[256];
 			char loginprompt[256];	/* That's one hell of a prompt :) */
 
 			/* Make the login prompt look like we want it */
-			if (!gethostname (hostn, sizeof (hostn)))
+			if (gethostname (hostn, sizeof (hostn)) == 0) {
 				snprintf (loginprompt,
 					  sizeof (loginprompt),
 					  _("%s login: "), hostn);
-			else
+			} else {
 				snprintf (loginprompt,
 					  sizeof (loginprompt), _("login: "));
+			}
 
 			retcode =
 			    pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
@@ -627,8 +673,9 @@
 			   set it to NULL */
 			pam_get_item (pamh, PAM_USER,
 				      (const void **)ptr_pam_user);
-			if (pam_user[0] == '\0')
+			if (pam_user[0] == '\0') {
 				pam_set_item (pamh, PAM_USER, NULL);
+			}
 
 			/*
 			 * There may be better ways to deal with some of
@@ -639,29 +686,32 @@
 			 * MAX_LOGIN_TRIES?
 			 */
 			failcount = 0;
-			while (1) {
+			while (true) {
 			  const char *failent_user;
-			  failed = 0;
+			  failed = false;
 
 			  failcount++;
-			  if (delay > 0)
+			  if (delay > 0) {
 			    retcode = pam_fail_delay(pamh, 1000000*delay);
+			  }
 
 			  retcode = pam_authenticate (pamh, 0);
 
 			  pam_get_item (pamh, PAM_USER,
 					(const void **) ptr_pam_user);
 
-			  if (pam_user && pam_user[0]) {
+			  if ((NULL != pam_user) && ('\0' != pam_user[0])) {
 			    pwd = xgetpwnam(pam_user);
-			    if (pwd) {
+			    if (NULL != pwd) {
 			      pwent = *pwd;
 			      failent_user = pwent.pw_name;
 			    } else {
-			      if (getdef_bool("LOG_UNKFAIL_ENAB") && pam_user)
+			      if (   getdef_bool("LOG_UNKFAIL_ENAB")
+			          && (NULL != pam_user)) {
 				failent_user = pam_user;
-			      else
+			      } else {
 				failent_user = "UNKNOWN";
+			      }
 			    }
 			  } else {
 			    pwd = NULL;
@@ -687,11 +737,12 @@
 			    SYSLOG ((LOG_NOTICE,"FAILED LOGIN (%d)%s FOR `%s', %s",
 				   failcount, fromhost, failent_user,
 				   pam_strerror (pamh, retcode)));
-			    failed = 1;
+			    failed = true;
 			  }
 
-			  if (!failed)
+			  if (!failed) {
 			    break;
+			  }
 
 #ifdef WITH_AUDIT
 				{
@@ -701,7 +752,7 @@
 					audit_fd = audit_open ();
 					/* local, no need for xgetpwnam */
 					pw = getpwnam (username);
-					if (pw) {
+					if (NULL != pw) {
 						snprintf (buf, sizeof (buf),
 						  "uid=%d", pw->pw_uid);
 						audit_log_user_message
@@ -720,10 +771,10 @@
 				}
 #endif				/* WITH_AUDIT */
 
-			  fprintf(stderr,"\nLogin incorrect\n");
+			  fprintf (stderr, "\nLogin incorrect\n");
 
 			  /* Let's give it another go around */
-			  pam_set_item(pamh,PAM_USER,NULL);
+			  pam_set_item (pamh, PAM_USER, NULL);
 			}
 
 			/* We don't get here unless they were authenticated above */
@@ -745,7 +796,7 @@
 		retcode =
 		    pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
 		pwd = xgetpwnam (pam_user);
-		if (!pwd) {
+		if (NULL == pwd) {
 			SYSLOG ((LOG_ERR, "xgetpwnam(%s) failed",
 				 getdef_bool ("LOG_UNKFAIL_ENAB") ?
 				 pam_user : "UNKNOWN"));
@@ -757,8 +808,9 @@
 			PAM_FAIL_CHECK;
 		}
 
-		if (setup_groups (pwd))
+		if (setup_groups (pwd) != 0) {
 			exit (1);
+		}
 
 		pwent = *pwd;
 
@@ -770,14 +822,14 @@
 		PAM_FAIL_CHECK;
 
 #else				/* ! USE_PAM */
-		while (1) {	/* repeatedly get login/password pairs */
-			failed = 0;	/* haven't failed authentication yet */
-			if (!username[0]) {	/* need to get a login id */
+		while (true) {	/* repeatedly get login/password pairs */
+			failed = false;	/* haven't failed authentication yet */
+			if ('\0' == username[0]) {	/* need to get a login id */
 				if (subroot) {
 					closelog ();
 					exit (1);
 				}
-				preauth_flag = 0;
+				preauth_flag = false;
 				login_prompt (_("\n%s login: "), username,
 					      sizeof username);
 				continue;
@@ -785,32 +837,36 @@
 #endif				/* ! USE_PAM */
 
 #ifdef USE_PAM
-		if (!(pwd = xgetpwnam (pam_user))) {
+		pwd = xgetpwnam (pam_user);
+		if (NULL == pwd) {
 			pwent.pw_name = pam_user;
 #else
-		if (!(pwd = xgetpwnam (username))) {
+		pwd = xgetpwnam (username);
+		if (NULL == pwd) {
 			pwent.pw_name = username;
 #endif
 			strcpy (temp_pw, "!");
 			pwent.pw_passwd = temp_pw;
 			pwent.pw_shell = temp_shell;
 
-			preauth_flag = 0;
-			failed = 1;
+			preauth_flag = false;
+			failed = true;
 		} else {
 			pwent = *pwd;
 		}
 #ifndef USE_PAM
 		spwd = NULL;
-		if (pwd && strcmp (pwd->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+		if (   (NULL != pwd)
+		    && (strcmp (pwd->pw_passwd, SHADOW_PASSWD_STRING) == 0)) {
 			/* !USE_PAM, no need for xgetspnam */
 			spwd = getspnam (username);
-			if (spwd)
+			if (NULL != spwd) {
 				pwent.pw_passwd = spwd->sp_pwdp;
-			else
+			} else {
 				SYSLOG ((LOG_WARN,
 					 "no shadow password for `%s'%s",
 					 username, fromhost));
+			}
 		}
 
 		/*
@@ -818,19 +874,23 @@
 		 * is locked and the user cannot login, even if they have
 		 * been "pre-authenticated."
 		 */
-		if (pwent.pw_passwd[0] == '!' || pwent.pw_passwd[0] == '*')
-			failed = 1;
+		if (   ('!' == pwent.pw_passwd[0])
+		    || ('*' == pwent.pw_passwd[0])) {
+			failed = true;
+		}
 
 		/*
 		 * The -r and -f flags provide a name which has already
 		 * been authenticated by some server.
 		 */
-		if (preauth_flag)
+		if (preauth_flag) {
 			goto auth_ok;
+		}
 
-		if (pw_auth
-		    (pwent.pw_passwd, username, reason, (char *) 0) == 0)
+		if (pw_auth (pwent.pw_passwd, username,
+		             reason, (char *) 0) == 0) {
 			goto auth_ok;
+		}
 
 		/*
 		 * Don't log unknown usernames - I mistyped the password for
@@ -838,10 +898,10 @@
 		 * for those who really want to log them.  --marekm
 		 */
 		SYSLOG ((LOG_WARN, "invalid password for `%s' %s",
-			 (pwd
+			 (   (NULL != pwd)
 			  || getdef_bool ("LOG_UNKFAIL_ENAB")) ?
 			 username : "UNKNOWN", fromhost));
-		failed = 1;
+		failed = true;
 
 	      auth_ok:
 		/*
@@ -849,39 +909,44 @@
 		 * If you reach this far, your password has been
 		 * authenticated and so on.
 		 */
-		if (!failed && pwent.pw_name && pwent.pw_uid == 0
+		if (   !failed
+		    && (NULL != pwent.pw_name)
+		    && (0 == pwent.pw_uid)
 		    && !is_console) {
 			SYSLOG ((LOG_CRIT, "ILLEGAL ROOT LOGIN %s", fromhost));
-			failed = 1;
+			failed = true;
 		}
-		if (!failed
+		if (   !failed
 		    && !login_access (username, *hostname ? hostname : tty)) {
 			SYSLOG ((LOG_WARN, "LOGIN `%s' REFUSED %s",
 				 username, fromhost));
-			failed = 1;
+			failed = true;
 		}
-		if (pwd && getdef_bool ("FAILLOG_ENAB") &&
-		    !failcheck (pwent.pw_uid, &faillog, failed)) {
+		if (   (NULL != pwd)
+		    && getdef_bool ("FAILLOG_ENAB")
+		    && !failcheck (pwent.pw_uid, &faillog, failed)) {
 			SYSLOG ((LOG_CRIT,
 				 "exceeded failure limit for `%s' %s",
 				 username, fromhost));
-			failed = 1;
+			failed = true;
 		}
-		if (!failed)
+		if (!failed) {
 			break;
+		}
 
 		/* don't log non-existent users */
-		if (pwd && getdef_bool ("FAILLOG_ENAB"))
+		if ((NULL != pwd) && getdef_bool ("FAILLOG_ENAB")) {
 			failure (pwent.pw_uid, tty, &faillog);
+		}
 		if (getdef_str ("FTMP_FILE") != NULL) {
 			const char *failent_user;
 
 #if HAVE_UTMPX_H
 			failent = utxent;
-			if (sizeof (failent.ut_tv) == sizeof (struct timeval))
-				gettimeofday ((struct timeval *)
-					      &failent.ut_tv, NULL);
-			else {
+			if (sizeof (failent.ut_tv) == sizeof (struct timeval)) {
+				gettimeofday ((struct timeval *) &failent.ut_tv,
+				              NULL);
+			} else {
 				struct timeval tv;
 
 				gettimeofday (&tv, NULL);
@@ -892,13 +957,14 @@
 			failent = utent;
 			failent.ut_time = time (NULL);
 #endif
-			if (pwd) {
+			if (NULL != pwd) {
 				failent_user = pwent.pw_name;
 			} else {
-				if (getdef_bool ("LOG_UNKFAIL_ENAB"))
+				if (getdef_bool ("LOG_UNKFAIL_ENAB")) {
 					failent_user = username;
-				else
+				} else {
 					failent_user = "UNKNOWN";
+				}
 			}
 			strncpy (failent.ut_user, failent_user,
 				 sizeof (failent.ut_user));
@@ -907,9 +973,11 @@
 		}
 		memzero (username, sizeof username);
 
-		if (--retries <= 0)
+		retries--;
+		if (retries <= 0) {
 			SYSLOG ((LOG_CRIT, "REPEATED login failures%s",
 				 fromhost));
+		}
 		/*
 		 * If this was a passwordless account and we get here, login
 		 * was denied (securetty, faillog, etc.). There was no
@@ -917,21 +985,23 @@
 		 * guys won't see that the passwordless account exists at
 		 * all).  --marekm
 		 */
-		if (pwent.pw_passwd[0] == '\0')
+		if (pwent.pw_passwd[0] == '\0') {
 			pw_auth ("!", username, reason, (char *) 0);
+		}
 
 		/*
 		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
 		 * to login the user again. If the earlier alarm occurs
 		 * before the sleep() below completes, login will exit.
 		 */
-		if (delay > 0)
+		if (delay > 0) {
 			sleep (delay);
+		}
 
 		puts (_("Login incorrect"));
 
 		/* allow only one attempt with -r or -f */
-		if (rflg || fflg || retries <= 0) {
+		if (rflg || fflg || (retries <= 0)) {
 			closelog ();
 			exit (1);
 		}
@@ -944,8 +1014,8 @@
 	 * authenticated. now prints a message, as suggested
 	 * by Ivan Nejgebauer <ian at unsux.ns.ac.yu>.  --marekm
 	 */
-	if (getdef_bool ("PORTTIME_CHECKS_ENAB") &&
-	    !isttytime (pwent.pw_name, tty, time ((time_t *) 0))) {
+	if (   getdef_bool ("PORTTIME_CHECKS_ENAB")
+	    && !isttytime (pwent.pw_name, tty, time ((time_t *) 0))) {
 		SYSLOG ((LOG_WARN, "invalid login time for `%s'%s",
 			 username, fromhost));
 		closelog ();
@@ -956,8 +1026,9 @@
 	check_nologin ();
 #endif
 
-	if (getenv ("IFS"))	/* don't export user IFS ... */
+	if (getenv ("IFS")) {	/* don't export user IFS ... */
 		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
+	}
 
 #ifdef USE_PAM
 	setutmp (pam_user, tty, hostname);	/* make entry in utmp & wtmp files */
@@ -967,7 +1038,7 @@
 	if (pwent.pw_shell[0] == '*') {	/* subsystem root */
 		pwent.pw_shell++;	/* skip the '*' */
 		subsystem (&pwent);	/* figure out what to execute */
-		subroot++;	/* say I was here again */
+		subroot = true;	/* say I was here again */
 		endpwent ();	/* close all of the file which were */
 		endgrent ();	/* open in the original rooted file */
 		endspent ();	/* system. they will be re-opened */
@@ -990,8 +1061,9 @@
 #endif				/* WITH_AUDIT */
 
 #ifndef USE_PAM			/* pam_lastlog handles this */
-	if (getdef_bool ("LASTLOG_ENAB"))	/* give last login and log this one */
+	if (getdef_bool ("LASTLOG_ENAB")) {	/* give last login and log this one */
 		dolastlog (&lastlog, &pwent, utent.ut_line, hostname);
+	}
 #endif
 
 #ifndef USE_PAM			/* PAM handles this as well */
@@ -1007,8 +1079,9 @@
 			pwd = getpwnam (username);
 			/* !USE_PAM, no need for xgetspnam */
 			spwd = getspnam (username);
-			if (pwd)
+			if (pwd) {
 				pwent = *pwd;
+			}
 		}
 	}
 	setup_limits (&pwent);	/* nice, ulimit etc. */
@@ -1028,7 +1101,7 @@
 			 Prog, strerror (errno));
 		PAM_END;
 		exit (0);
-	} else if (child) {
+	} else if (child != 0) {
 		/*
 		 * parent - wait for child to finish, then cleanup
 		 * session
@@ -1042,8 +1115,9 @@
 	/* If we were init, we need to start a new session */
 	if (getppid() == 1) {
 		setsid();
-		if (ioctl(0, TIOCSCTTY, 1))
-			fprintf(stderr,_("TIOCSCTTY failed on %s"),tty);
+		if (ioctl(0, TIOCSCTTY, 1) != 0) {
+			fprintf (stderr,_("TIOCSCTTY failed on %s"),tty);
+		}
 	}
 
 	/* We call set_groups() above because this clobbers pam_groups.so */
@@ -1052,7 +1126,9 @@
 #else
 	if (change_uid (&pwent))
 #endif
+	{
 		exit (1);
+	}
 
 	setup_env (&pwent);	/* set env vars, cd to the home dir */
 
@@ -1061,7 +1137,7 @@
 		const char *const *env;
 
 		env = (const char *const *) pam_getenvlist (pamh);
-		while (env && *env) {
+		while ((NULL != env) && (NULL != *env)) {
 			addenv (*env, NULL);
 			env++;
 		}
@@ -1080,12 +1156,12 @@
 		 */
 #ifndef USE_PAM
 		motd ();	/* print the message of the day */
-		if (getdef_bool ("FAILLOG_ENAB")
-		    && faillog.fail_cnt != 0) {
+		if (   getdef_bool ("FAILLOG_ENAB")
+		    && (0 != faillog.fail_cnt)) {
 			failprint (&faillog);
 			/* Reset the lockout times if logged in */
-			if (faillog.fail_max &&
-			    faillog.fail_cnt >= faillog.fail_max) {
+			if (   (0 != faillog.fail_max)
+			    && (faillog.fail_cnt >= faillog.fail_max)) {
 				puts (_
 				      ("Warning: login re-enabled after temporary lockout."));
 				SYSLOG ((LOG_WARN,
@@ -1093,8 +1169,8 @@
 					 username, (int) faillog.fail_cnt));
 			}
 		}
-		if (getdef_bool ("LASTLOG_ENAB")
-		    && lastlog.ll_time != 0) {
+		if (   getdef_bool ("LASTLOG_ENAB")
+		    && (lastlog.ll_time != 0)) {
 			time_t ll_time = lastlog.ll_time;
 
 #ifdef HAVE_STRFTIME
@@ -1108,10 +1184,11 @@
 				ctime (&ll_time), lastlog.ll_line);
 #endif
 #ifdef HAVE_LL_HOST		/* __linux__ || SUN4 */
-			if (lastlog.ll_host[0])
+			if ('\0' != lastlog.ll_host[0]) {
 				printf (_(" from %.*s"),
 					(int) sizeof lastlog.
 					ll_host, lastlog.ll_host);
+			}
 #endif
 			printf (".\n");
 		}
@@ -1119,11 +1196,14 @@
 
 		mailcheck ();	/* report on the status of mail */
 #endif				/* !USE_PAM */
-	} else
+	} else {
 		addenv ("HUSHLOGIN=TRUE", NULL);
+	}
 
-	if (getdef_str ("TTYTYPE_FILE") != NULL && getenv ("TERM") == NULL)
+	if (   (NULL != getdef_str ("TTYTYPE_FILE"))
+	    && (NULL == getenv ("TERM"))) {
 		ttytype (tty);
+	}
 
 	signal (SIGQUIT, SIG_DFL);	/* default quit signal */
 	signal (SIGTERM, SIG_DFL);	/* default terminate signal */
@@ -1137,21 +1217,25 @@
 #ifdef	SHADOWGRP
 	endsgent ();		/* stop access to shadow group file */
 #endif
-	if (pwent.pw_uid == 0)
+	if (0 == pwent.pw_uid) {
 		SYSLOG ((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
-	else if (getdef_bool ("LOG_OK_LOGINS"))
+	} else if (getdef_bool ("LOG_OK_LOGINS")) {
 #ifdef USE_PAM
 		SYSLOG ((LOG_INFO, "`%s' logged in %s", pam_user, fromhost));
 #else
 		SYSLOG ((LOG_INFO, "`%s' logged in %s", username, fromhost));
 #endif
+	}
 	closelog ();
-	if ((tmp = getdef_str ("FAKE_SHELL")) != NULL)
+	tmp = getdef_str ("FAKE_SHELL");
+	if (NULL != tmp) {
 		err = shell (tmp, pwent.pw_shell, newenvp); /* fake shell */
-	else
+	} else {
 		/* exec the shell finally */
 		err = shell (pwent.pw_shell, (char *) 0, newenvp);
+	}
 	exit (err == ENOENT ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
 	/* NOT REACHED */
 	return 0;
 }
+




More information about the Pkg-shadow-commits mailing list