Relevant BUGIDs: rhbz#495941

Purpose of commit: bugfix Commit summary: --------------- 2009-04-16 Tomáš Mráz <t8m@centrum.cz> * modules/pam_succeed_if/pam_succeed_if.c (evaluate): Add user parameter. Use user instead of pwd->pw_name in comparsions. (pam_sm_authenticate): Pass the original user to evaluate().
author: Tomas Mraz <tm@t8m.info> 2009-04-16 13:54:46 +0000
committer: Tomas Mraz <tm@t8m.info> 2009-04-16 13:54:46 +0000
commit: 91defb2140f9141d74543f57598410daab8d43a0 (patch)
tree: 29ea17ac76cbfbe6ac1fa2e9e18cf4c8a8a596ce
parent: 1ef664f13fcbbaa5f0643788473c09bc7381b0e1 (diff)
download: pam-91defb2140f9141d74543f57598410daab8d43a0.tar.gz
pam-91defb2140f9141d74543f57598410daab8d43a0.tar.bz2
pam-91defb2140f9141d74543f57598410daab8d43a0.zip
2 files changed, 13 insertions, 7 deletions
diff --git a/ChangeLog b/ChangeLog
index 11489a25..d9a99ff6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2009-04-16  Tomáš Mráz <t8m@centrum.cz>
+
+	* modules/pam_succeed_if/pam_succeed_if.c (evaluate): Add user
+	parameter. Use user instead of pwd->pw_name in comparsions.
+	(pam_sm_authenticate): Pass the original user to evaluate().
+
 2009-04-14  Amitakhya Phukan <aphukan@fedoraproject.org>
 
 	* po/as.po: Updated translations.
diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c
index cf95d38e..e728d2e1 100644
--- a/modules/pam_succeed_if/pam_succeed_if.c
+++ b/modules/pam_succeed_if/pam_succeed_if.c
@@ -250,7 +250,7 @@ evaluate_notinnetgr(const char *host, const char *user, const char *group)
 static int
 evaluate(pam_handle_t *pamh, int debug,
 	 const char *left, const char *qual, const char *right,
-	 struct passwd *pwd)
+	 struct passwd *pwd, const char *user)
 {
 	char buf[LINE_MAX] = "";
 	const char *attribute = left;
@@ -258,7 +258,7 @@ evaluate(pam_handle_t *pamh, int debug,
 	if ((strcasecmp(left, "login") == 0) ||
 	    (strcasecmp(left, "name") == 0) ||
 	    (strcasecmp(left, "user") == 0)) {
-		snprintf(buf, sizeof(buf), "%s", pwd->pw_name);
+		snprintf(buf, sizeof(buf), "%s", user);
 		left = buf;
 	}
 	if (strcasecmp(left, "uid") == 0) {
@@ -350,25 +350,25 @@ evaluate(pam_handle_t *pamh, int debug,
 	}
 	/* User is in this group. */
 	if (strcasecmp(qual, "ingroup") == 0) {
-		return evaluate_ingroup(pamh, pwd->pw_name, right);
+		return evaluate_ingroup(pamh, user, right);
 	}
 	/* User is not in this group. */
 	if (strcasecmp(qual, "notingroup") == 0) {
-		return evaluate_notingroup(pamh, pwd->pw_name, right);
+		return evaluate_notingroup(pamh, user, right);
 	}
 	/* (Rhost, user) is in this netgroup. */
 	if (strcasecmp(qual, "innetgr") == 0) {
 		const void *rhost;
 		if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
 			rhost = NULL;
-		return evaluate_innetgr(rhost, pwd->pw_name, right);
+		return evaluate_innetgr(rhost, user, right);
 	}
 	/* (Rhost, user) is not in this group. */
 	if (strcasecmp(qual, "notinnetgr") == 0) {
 		const void *rhost;
 		if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
 			rhost = NULL;
-		return evaluate_notinnetgr(rhost, pwd->pw_name, right);
+		return evaluate_notinnetgr(rhost, user, right);
 	}
 	/* Fail closed. */
 	return PAM_SERVICE_ERR;
@@ -477,7 +477,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
 			count++;
 			ret = evaluate(pamh, debug,
 				       left, qual, right,
-				       pwd);
+				       pwd, user);
 			if (ret != PAM_SUCCESS) {
 				if(!quiet_fail)
 					pam_syslog(pamh, LOG_INFO,
author	Tomas Mraz <tm@t8m.info>	2009-04-16 13:54:46 +0000
committer	Tomas Mraz <tm@t8m.info>	2009-04-16 13:54:46 +0000
commit	91defb2140f9141d74543f57598410daab8d43a0 (patch)
tree	29ea17ac76cbfbe6ac1fa2e9e18cf4c8a8a596ce
parent	1ef664f13fcbbaa5f0643788473c09bc7381b0e1 (diff)
download	pam-91defb2140f9141d74543f57598410daab8d43a0.tar.gz pam-91defb2140f9141d74543f57598410daab8d43a0.tar.bz2 pam-91defb2140f9141d74543f57598410daab8d43a0.zip