[Pkg-shadow-commits] r2349 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Sep 6 13:28:04 UTC 2008
Author: nekral-guest
Date: 2008-09-06 13:28:02 +0000 (Sat, 06 Sep 2008)
New Revision: 2349
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/chage.c
upstream/trunk/src/chfn.c
upstream/trunk/src/chgpasswd.c
upstream/trunk/src/chpasswd.c
upstream/trunk/src/chsh.c
upstream/trunk/src/groupadd.c
upstream/trunk/src/groupdel.c
upstream/trunk/src/groupmems.c
upstream/trunk/src/groupmod.c
upstream/trunk/src/newusers.c
upstream/trunk/src/useradd.c
upstream/trunk/src/userdel.c
upstream/trunk/src/usermod.c
Log:
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
handle, but terminate the PAM transaction as soon as possible if
there are no PAM session opened.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/ChangeLog 2008-09-06 13:28:02 UTC (rev 2349)
@@ -1,5 +1,14 @@
2008-09-06 Nicolas François <nicolas.francois at centraliens.net>
+ * src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
+ src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
+ src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
+ src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
+ handle, but terminate the PAM transaction as soon as possible if
+ there are no PAM session opened.
+
+2008-09-06 Nicolas François <nicolas.francois at centraliens.net>
+
* src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
Modified: upstream/trunk/src/chage.c
===================================================================
--- upstream/trunk/src/chage.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/chage.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -83,10 +83,6 @@
static long inactdays;
static long expdays;
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
-
#define EPOCH "1969-12-31"
/* local function prototypes */
@@ -132,16 +128,6 @@
}
#endif
-#ifdef USE_PAM
- if (NULL != pamh) {
- /* If there is a PAM error, pam_end will be called by the
- * caller.
- * We always end the pam transaction with PAM_SUCCESS here.
- */
- (void) pam_end (pamh, PAM_SUCCESS);
- }
-#endif
-
exit (code);
}
@@ -499,6 +485,7 @@
static void check_perms (void)
{
#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@@ -515,34 +502,26 @@
}
#ifdef USE_PAM
- retval = PAM_SUCCESS;
-
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
- if (PAM_SUCCESS != retval) {
- (void) pam_end (pamh, retval);
- }
}
if (PAM_SUCCESS == retval) {
retval = pam_acct_mgmt (pamh, 0);
- if (PAM_SUCCESS != retval) {
- (void) pam_end (pamh, retval);
- }
}
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
- pamh = NULL;
fail_exit (E_NOPERM);
}
#endif /* USE_PAM */
@@ -912,10 +891,6 @@
SYSLOG ((LOG_INFO, "changed password expiry for %s", user_name));
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
closelog ();
exit (E_SUCCESS);
}
Modified: upstream/trunk/src/chfn.c
===================================================================
--- upstream/trunk/src/chfn.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/chfn.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -69,9 +69,6 @@
static bool wflg = false; /* -w - set work phone number */
static bool hflg = false; /* -h - set home phone number */
static bool oflg = false; /* -o - set other information */
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
static bool pw_locked = false;
/*
@@ -338,6 +335,7 @@
static void check_perms (const struct passwd *pw)
{
#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
int retval;
struct passwd *pampw;
#endif
@@ -377,32 +375,25 @@
}
#else /* !USE_PAM */
- retval = PAM_SUCCESS;
-
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (pampw == NULL) {
+ if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (retval == PAM_SUCCESS) {
+ } else {
retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_acct_mgmt (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval != PAM_SUCCESS) {
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (E_NOPERM);
}
@@ -725,10 +716,6 @@
nscd_flush_cache ("passwd");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
closelog ();
exit (E_SUCCESS);
}
Modified: upstream/trunk/src/chgpasswd.c
===================================================================
--- upstream/trunk/src/chgpasswd.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/chgpasswd.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -68,10 +68,6 @@
#endif
static bool gr_locked = false;
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
-
/* local function prototypes */
static void fail_exit (int code);
static void usage (void);
@@ -251,15 +247,14 @@
static void check_perms (void)
{
#ifdef USE_PAM
- int retval = PAM_SUCCESS;
+ pam_handle_t *pamh = NULL;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
}
@@ -271,8 +266,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -528,10 +525,6 @@
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return (0);
}
Modified: upstream/trunk/src/chpasswd.c
===================================================================
--- upstream/trunk/src/chpasswd.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/chpasswd.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -64,10 +64,6 @@
static bool pw_locked = false;
static bool spw_locked = false;
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
-
/* local function prototypes */
static void fail_exit (int code);
static void usage (void);
@@ -245,15 +241,14 @@
static void check_perms (void)
{
#ifdef USE_PAM
- int retval = PAM_SUCCESS;
+ pam_handle_t *pamh = NULL;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
}
@@ -265,8 +260,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -513,10 +510,6 @@
nscd_flush_cache ("passwd");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return (0);
}
Modified: upstream/trunk/src/chsh.c
===================================================================
--- upstream/trunk/src/chsh.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/chsh.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -64,9 +64,6 @@
static char loginsh[BUFSIZ]; /* Name of new login shell */
/* command line options */
static bool sflg = false; /* -s - set shell from command line */
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
static bool pw_locked = false;
/* external identifiers */
@@ -251,6 +248,7 @@
static void check_perms (const struct passwd *pw)
{
#ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
int retval;
struct passwd *pampw;
#endif
@@ -306,14 +304,10 @@
}
#else /* !USE_PAM */
- retval = PAM_SUCCESS;
-
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
}
@@ -325,8 +319,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (E_NOPERM);
}
@@ -544,10 +540,6 @@
nscd_flush_cache ("passwd");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
closelog ();
exit (E_SUCCESS);
}
Modified: upstream/trunk/src/groupadd.c
===================================================================
--- upstream/trunk/src/groupadd.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/groupadd.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -87,11 +87,6 @@
#endif
static bool gr_locked = false;
-
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
-
/* local function prototypes */
static void usage (void);
static void new_grent (struct group *grent);
@@ -400,14 +395,6 @@
}
#endif
-#ifdef USE_PAM
- if (NULL != pamh) {
- /* If there is a PAM error, fail_exit is not called.
- * We always end the pam transaction with PAM_SUCCESS here.
- */
- (void) pam_end (pamh, PAM_SUCCESS);
- }
-#endif
exit (code);
}
@@ -579,34 +566,29 @@
static void check_perms (void)
{
#ifdef USE_PAM
- int retval = PAM_SUCCESS;
+ pam_handle_t *pamh = NULL;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (pampw == NULL) {
+ if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
+ } else {
+ retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
}
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("groupadd", pampw->pw_name,
- &conv, &pamh);
- }
-
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
- if (retval != PAM_SUCCESS) {
- (void) pam_end (pamh, retval);
- }
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_acct_mgmt (pamh, 0);
- if (retval != PAM_SUCCESS) {
- (void) pam_end (pamh, retval);
- }
}
- if (retval != PAM_SUCCESS) {
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -661,10 +643,6 @@
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
exit (E_SUCCESS);
/* NOT REACHED */
}
Modified: upstream/trunk/src/groupdel.c
===================================================================
--- upstream/trunk/src/groupdel.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/groupdel.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -337,16 +337,12 @@
OPENLOG ("groupdel");
#ifdef USE_PAM
- retval = PAM_SUCCESS;
-
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("groupdel", pampw->pw_name,
&conv, &pamh);
}
@@ -360,8 +356,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -435,10 +433,6 @@
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return E_SUCCESS;
}
Modified: upstream/trunk/src/groupmems.c
===================================================================
--- upstream/trunk/src/groupmems.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/groupmems.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -440,7 +440,7 @@
if (!list) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- int retval = PAM_SUCCESS;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
@@ -459,7 +459,9 @@
retval = pam_acct_mgmt (pamh, 0);
}
- (void) pam_end (pamh, retval);
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
fail_exit (1);
Modified: upstream/trunk/src/groupmod.c
===================================================================
--- upstream/trunk/src/groupmod.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/groupmod.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -702,16 +702,12 @@
OPENLOG ("groupmod");
#ifdef USE_PAM
- retval = PAM_SUCCESS;
-
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (pampw == NULL) {
+ if (NULL == pamh) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("groupmod", pampw->pw_name,
&conv, &pamh);
}
@@ -725,8 +721,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
fail_exit (1);
}
@@ -810,9 +808,6 @@
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
exit (E_SUCCESS);
/* NOT REACHED */
}
Modified: upstream/trunk/src/newusers.c
===================================================================
--- upstream/trunk/src/newusers.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/newusers.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -83,10 +83,6 @@
static bool gr_locked = false;
static bool spw_locked = false;
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
-
/* local function prototypes */
static void usage (void);
static void fail_exit (int);
@@ -566,15 +562,14 @@
static void check_perms (void)
{
#ifdef USE_PAM
- int retval = PAM_SUCCESS;
+ pam_handle_t *pamh = NULL;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
}
@@ -586,8 +581,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
fail_exit (1);
}
@@ -945,10 +942,6 @@
nscd_flush_cache ("passwd");
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return 0;
}
Modified: upstream/trunk/src/useradd.c
===================================================================
--- upstream/trunk/src/useradd.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/useradd.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -1793,9 +1793,7 @@
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("useradd", pampw->pw_name,
&conv, &pamh);
}
@@ -1809,8 +1807,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
fail_exit (1);
}
@@ -1952,10 +1952,6 @@
nscd_flush_cache ("passwd");
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return E_SUCCESS;
}
Modified: upstream/trunk/src/userdel.c
===================================================================
--- upstream/trunk/src/userdel.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/userdel.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -838,9 +838,7 @@
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (retval == PAM_SUCCESS) {
+ } else {
retval = pam_start ("userdel", pampw->pw_name,
&conv, &pamh);
}
@@ -854,8 +852,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (E_PW_UPDATE);
}
@@ -1000,9 +1000,6 @@
nscd_flush_cache ("passwd");
nscd_flush_cache ("group");
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
exit ((0 != errors) ? E_HOMEDIR : E_SUCCESS);
/* NOT REACHED */
}
Modified: upstream/trunk/src/usermod.c
===================================================================
--- upstream/trunk/src/usermod.c 2008-09-06 12:51:53 UTC (rev 2348)
+++ upstream/trunk/src/usermod.c 2008-09-06 13:28:02 UTC (rev 2349)
@@ -1659,9 +1659,7 @@
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
- }
-
- if (PAM_SUCCESS == retval) {
+ } else {
retval = pam_start ("usermod", pampw->pw_name,
&conv, &pamh);
}
@@ -1675,8 +1673,10 @@
retval = pam_acct_mgmt (pamh, 0);
}
- if (PAM_SUCCESS != retval) {
+ if (NULL != pamh) {
(void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -1722,10 +1722,6 @@
user_gid, gflg ? user_newgid : user_gid);
}
-#ifdef USE_PAM
- (void) pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
exit (E_SUCCESS);
/* NOT REACHED */
}
More information about the Pkg-shadow-commits
mailing list