[Pkg-shadow-commits] r2434 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Sep 20 21:17:28 UTC 2008
Author: nekral-guest
Date: 2008-09-20 21:17:26 +0000 (Sat, 20 Sep 2008)
New Revision: 2434
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/login.c
Log:
* src/login.c: Always check the return value of the pam_* APIs.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-09-20 20:20:19 UTC (rev 2433)
+++ upstream/trunk/ChangeLog 2008-09-20 21:17:26 UTC (rev 2434)
@@ -1,5 +1,9 @@
2008-09-20 Nicolas François <nicolas.francois at centraliens.net>
+ * src/login.c: Always check the return value of the pam_* APIs.
+
+2008-09-20 Nicolas François <nicolas.francois at centraliens.net>
+
* src/login.c: Use a dynamic buffer for usernames.
* src/login.c: Copy the name of the user authenticated by PAM to
username. This simplify later logging (avoid USE_PAM
Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c 2008-09-20 20:20:19 UTC (rev 2433)
+++ upstream/trunk/src/login.c 2008-09-20 21:17:26 UTC (rev 2434)
@@ -668,9 +668,11 @@
/* if we didn't get a user on the command line,
set it to NULL */
- pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
+ retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
+ PAM_FAIL_CHECK;
if (pam_user[0] == '\0') {
- pam_set_item (pamh, PAM_USER, NULL);
+ retcode = pam_set_item (pamh, PAM_USER, NULL);
+ PAM_FAIL_CHECK;
}
/*
@@ -690,13 +692,19 @@
#ifdef HAS_PAM_FAIL_DELAY
if (delay > 0) {
retcode = pam_fail_delay(pamh, 1000000*delay);
+ PAM_FAIL_CHECK;
}
#endif
retcode = pam_authenticate (pamh, 0);
- pam_get_item (pamh, PAM_USER,
- (const void **) ptr_pam_user);
+ {
+ int saved_retcode = retcode;
+ retcode = pam_get_item (pamh, PAM_USER,
+ (const void **) ptr_pam_user);
+ PAM_FAIL_CHECK;
+ retcode = saved_retcode;
+ }
if ((NULL != pam_user) && ('\0' != pam_user[0])) {
pwd = xgetpwnam(pam_user);
@@ -759,8 +767,13 @@
fprintf (stderr, "\nLogin incorrect\n");
- /* Let's give it another go around */
- pam_set_item (pamh, PAM_USER, NULL);
+ /*
+ * Let's give it another go around.
+ * Even if a username was given on the command
+ * line, prompt again for the username.
+ */
+ retcode = pam_set_item (pamh, PAM_USER, NULL);
+ PAM_FAIL_CHECK;
}
/* We don't get here unless they were authenticated above */
@@ -778,6 +791,7 @@
First get the username that we are actually using, though.
*/
retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
+ PAM_FAIL_CHECK;
if (NULL != username) {
free (username);
}
More information about the Pkg-shadow-commits
mailing list