New upstream version 0.99.7.1

1 files changed, 216 insertions, 226 deletions

diff --git a/Linux-PAM/modules/pam_mail/pam_mail.c b/Linux-PAM/modules/pam_mail/pam_mail.c
index 7987cb28..7d43d5e0 100644
--- a/Linux-PAM/modules/pam_mail/pam_mail.c
+++ b/Linux-PAM/modules/pam_mail/pam_mail.c
@@ -1,14 +1,12 @@
 /* pam_mail module */
 
 /*
- * $Id: pam_mail.c,v 1.6 2004/11/16 14:27:41 toady Exp $
- *
  * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
  * $HOME additions by David Kinchlea <kinch@kinch.ark.com> 1997/1/7
  * mailhash additions by Chris Adams <cadams@ro.com> 1998/7/11
  */
 
-#include <security/_pam_aconf.h>
+#include "config.h"
 
 #include <ctype.h>
 #include <pwd.h>
@@ -21,18 +19,16 @@
 #include <sys/types.h>
 #include <unistd.h>
 #include <dirent.h>
+#include <errno.h>
 
-#ifdef WANT_PWDB
-#include <pwdb/pwdb_public.h>
+#ifdef HAVE_PATHS_H
+#include <paths.h>
 #endif
 
 #define DEFAULT_MAIL_DIRECTORY    PAM_PATH_MAILDIR
 #define MAIL_FILE_FORMAT          "%s%s/%s"
 #define MAIL_ENV_NAME             "MAIL"
 #define MAIL_ENV_FORMAT           MAIL_ENV_NAME "=%s"
-#define YOUR_MAIL_VERBOSE_FORMAT  "You have %s mail in %s."
-#define YOUR_MAIL_STANDARD_FORMAT "You have %smail."
-#define NO_MAIL_STANDARD_FORMAT   "No mail."
 
 /*
  * here, we make a definition for the externally accessible function
@@ -46,20 +42,8 @@
 
 #include <security/pam_modules.h>
 #include <security/_pam_macros.h>
-#include <security/_pam_modutil.h>
-
-/* some syslogging */
-
-static void _log_err(int err, const char *format, ...)
-{
-    va_list args;
-
-    va_start(args, format);
-    openlog("PAM-mail", LOG_CONS|LOG_PID, LOG_AUTH);
-    vsyslog(err, format, args);
-    va_end(args);
-    closelog();
-}
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
 
 /* argument parsing */
 
@@ -74,8 +58,14 @@ static void _log_err(int err, const char *format, ...)
 #define PAM_STANDARD_MAIL	0x0400
 #define PAM_QUIET_MAIL		0x1000
 
-static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
-		      int *hashcount)
+#define HAVE_NEW_MAIL           0x1
+#define HAVE_OLD_MAIL           0x2
+#define HAVE_NO_MAIL            0x3
+#define HAVE_MAIL               0x4
+
+static int
+_pam_parse (const pam_handle_t *pamh, int flags, int argc,
+	    const char **argv, const char **maildir, size_t *hashcount)
 {
     int ctrl=0;
 
@@ -97,18 +87,18 @@ static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
 	else if (!strcmp(*argv,"standard"))
 	    ctrl |= PAM_STANDARD_MAIL | PAM_EMPTY_TOO;
 	else if (!strncmp(*argv,"dir=",4)) {
-	    *maildir = x_strdup(4+*argv);
-	    if (*maildir != NULL) {
+	    *maildir = 4 + *argv;
+	    if (**maildir != '\0') {
 		D(("new mail directory: %s", *maildir));
 		ctrl |= PAM_NEW_MAIL_DIR;
 	    } else {
-		_log_err(LOG_CRIT,
-			 "failed to duplicate mail directory - ignored");
+		pam_syslog(pamh, LOG_ERR,
+			   "dir= specification missing argument - ignored");
 	    }
 	} else if (!strncmp(*argv,"hash=",5)) {
 	    char *ep = NULL;
-	    *hashcount = strtol(*argv+5,&ep,10);
-	    if (!ep || (*hashcount < 0)) {
+	    *hashcount = strtoul(*argv+5,&ep,10);
+	    if (!ep) {
 		*hashcount = 0;
 	    }
 	} else if (!strcmp(*argv,"close")) {
@@ -120,90 +110,56 @@ static int _pam_parse(int flags, int argc, const char **argv, char **maildir,
 	} else if (!strcmp(*argv,"empty")) {
 	    ctrl |= PAM_EMPTY_TOO;
 	} else {
-	    _log_err(LOG_ERR,"pam_parse: unknown option; %s",*argv);
+	    pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
 	}
     }
 
     if ((*hashcount != 0) && !(ctrl & PAM_NEW_MAIL_DIR)) {
-	*maildir = x_strdup(DEFAULT_MAIL_DIRECTORY);
+	*maildir = DEFAULT_MAIL_DIRECTORY;
 	ctrl |= PAM_NEW_MAIL_DIR;
     }
 
     return ctrl;
 }
 
-/* a front end for conversations */
-
-static int converse(pam_handle_t *pamh, int ctrl, int nargs
-		    , struct pam_message **message
-		    , struct pam_response **response)
-{
-    int retval;
-    struct pam_conv *conv;
-
-    D(("begin to converse"));
-
-    retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
-    if ( retval == PAM_SUCCESS && conv ) {
-
-	retval = conv->conv(nargs, ( const struct pam_message ** ) message
-			    , response, conv->appdata_ptr);
-
-	D(("returned from application's conversation function"));
-
-	if (retval != PAM_SUCCESS && (PAM_DEBUG_ARG & ctrl) ) {
-	    _log_err(LOG_DEBUG, "conversation failure [%s]"
-		     , pam_strerror(pamh, retval));
-	}
-
-    } else {
-	_log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
-		 , pam_strerror(pamh, retval));
-	if (retval == PAM_SUCCESS)
-	  retval = PAM_BAD_ITEM; /* conv was NULL */
-    }
-
-    D(("ready to return from module conversation"));
-
-    return retval;                  /* propagate error status */
-}
-
-static int get_folder(pam_handle_t *pamh, int ctrl,
-		      char **path_mail, char **folder_p, int hashcount)
+static int
+get_folder(pam_handle_t *pamh, int ctrl,
+	   const char *path_mail, char **folder_p, size_t hashcount)
 {
     int retval;
     const char *user, *path;
-    char *folder;
-    const struct passwd *pwd=NULL;
+    char *folder = NULL;
+    const struct passwd *pwd = NULL;
 
     retval = pam_get_user(pamh, &user, NULL);
     if (retval != PAM_SUCCESS || user == NULL) {
-	_log_err(LOG_ERR, "no user specified");
-	return PAM_USER_UNKNOWN;
+	pam_syslog(pamh, LOG_ERR, "cannot determine username");
+	retval = PAM_USER_UNKNOWN;
+	goto get_folder_cleanup;
     }
 
     if (ctrl & PAM_NEW_MAIL_DIR) {
-	path = *path_mail;
-	if (*path == '~') {       /* support for $HOME delivery */
-	    pwd = _pammodutil_getpwnam(pamh, user);
+	path = path_mail;
+	if (*path == '~') {	/* support for $HOME delivery */
+	    pwd = pam_modutil_getpwnam(pamh, user);
 	    if (pwd == NULL) {
-		_log_err(LOG_ERR, "user [%s] unknown", user);
-		_pam_overwrite(*path_mail);
-		_pam_drop(*path_mail);
-		return PAM_USER_UNKNOWN;
+		pam_syslog(pamh, LOG_ERR, "user unknown");
+		retval = PAM_USER_UNKNOWN;
+		goto get_folder_cleanup;
 	    }
 	    /*
 	     * "~/xxx" and "~xxx" are treated as same
 	     */
 	    if (!*++path || (*path == '/' && !*++path)) {
-		_log_err(LOG_ALERT, "badly formed mail path [%s]", *path_mail);
-		_pam_overwrite(*path_mail);
-		_pam_drop(*path_mail);
-		return PAM_ABORT;
+		pam_syslog(pamh, LOG_ERR,
+			   "badly formed mail path [%s]", path_mail);
+		retval = PAM_SERVICE_ERR;
+		goto get_folder_cleanup;
 	    }
 	    ctrl |= PAM_HOME_MAIL;
 	    if (hashcount != 0) {
-		_log_err(LOG_ALERT, "can't do hash= and home directory mail");
+		pam_syslog(pamh, LOG_ERR,
+			   "cannot do hash= and home directory mail");
 	    }
 	}
     } else {
@@ -212,153 +168,188 @@ static int get_folder(pam_handle_t *pamh, int ctrl,
 
     /* put folder together */
 
+    hashcount = hashcount < strlen(user) ? hashcount : strlen(user);
+
+    retval = PAM_BUF_ERR;
     if (ctrl & PAM_HOME_MAIL) {
-	folder = malloc(sizeof(MAIL_FILE_FORMAT)
-			+strlen(pwd->pw_dir)+strlen(path));
+        if (pwd == NULL) {
+	    pwd = pam_modutil_getpwnam(pamh, user);
+	    if (pwd == NULL) {
+		pam_syslog(pamh, LOG_ERR, "user unknown");
+		retval = PAM_USER_UNKNOWN;
+		goto get_folder_cleanup;
+	    }
+	}
+	if (asprintf(&folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path) < 0)
+	    goto get_folder_cleanup;
     } else {
-	folder = malloc(sizeof(MAIL_FILE_FORMAT)+strlen(path)+strlen(user)
-			+2*hashcount);
-    }
+	int rc;
+	size_t i;
+	char *hash;
 
-    if (folder != NULL) {
-	if (ctrl & PAM_HOME_MAIL) {
-	    sprintf(folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path);
-	} else {
-	    int i;
-	    char *hash = malloc(2*hashcount+1);
+	if ((hash = malloc(2 * hashcount + 1)) == NULL)
+	    goto get_folder_cleanup;
 
-	    if (hash) {
-		for (i = 0; i < hashcount; i++) {
-		    hash[2*i] = '/';
-		    hash[2*i+1] = user[i];
-		}
-		hash[2*i] = '\0';
-		sprintf(folder, MAIL_FILE_FORMAT, path, hash, user);
-		_pam_overwrite(hash);
-		_pam_drop(hash);
-	    } else {
-	      _pam_drop(folder);
-	      _log_err(LOG_CRIT, "out of memory for mail folder");
-	      return PAM_BUF_ERR;
-	    }
+	for (i = 0; i < hashcount; i++) {
+	    hash[2 * i] = '/';
+	    hash[2 * i + 1] = user[i];
 	}
-	D(("folder =[%s]", folder));
+	hash[2 * i] = '\0';
+
+	rc = asprintf(&folder, MAIL_FILE_FORMAT, path, hash, user);
+	_pam_overwrite(hash);
+	_pam_drop(hash);
+	if (rc < 0)
+	    goto get_folder_cleanup;
     }
+    D(("folder=[%s]", folder));
+    retval = PAM_SUCCESS;
 
     /* tidy up */
 
-    _pam_overwrite(*path_mail);
-    _pam_drop(*path_mail);
+  get_folder_cleanup:
     user = NULL;
-
-    if (folder == NULL) {
-	_log_err(LOG_CRIT, "out of memory for mail folder");
-	return PAM_BUF_ERR;
-    }
+    path = NULL;
 
     *folder_p = folder;
     folder = NULL;
 
-    return PAM_SUCCESS;
+    if (retval == PAM_BUF_ERR)
+	pam_syslog(pamh, LOG_CRIT, "out of memory for mail folder");
+
+    return retval;
 }
 
-static const char *get_mail_status(int ctrl, const char *folder)
+static int
+get_mail_status(pam_handle_t *pamh, int ctrl, const char *folder)
 {
-    const char *type = NULL;
-    static char dir[256];
+    int type = 0;
     struct stat mail_st;
-    struct dirent **namelist;
-    int i;
 
-    if (stat(folder, &mail_st) == 0) {
-	if (S_ISDIR(mail_st.st_mode)) { /* Assume Maildir format */
-	    sprintf(dir, "%.250s/new", folder);
+    if (stat(folder, &mail_st) < 0)
+	return 0;
+
+    if (S_ISDIR(mail_st.st_mode)) {	/* Assume Maildir format */
+	int i, save_errno;
+	char *dir;
+	struct dirent **namelist;
+
+	if (asprintf(&dir, "%s/new", folder) < 0) {
+	    pam_syslog(pamh, LOG_CRIT, "out of memory");
+	    goto get_mail_status_cleanup;
+	}
+	i = scandir(dir, &namelist, 0, alphasort);
+	save_errno = errno;
+	_pam_overwrite(dir);
+	_pam_drop(dir);
+	if (i < 0) {
+	    type = 0;
+	    namelist = NULL;
+	    if (save_errno == ENOMEM) {
+		pam_syslog(pamh, LOG_CRIT, "out of memory");
+		goto get_mail_status_cleanup;
+	    }
+	}
+	type = (i > 2) ? HAVE_NEW_MAIL : 0;
+	while (--i >= 0)
+	    _pam_drop(namelist[i]);
+	_pam_drop(namelist);
+	if (type == 0) {
+	    if (asprintf(&dir, "%s/cur", folder) < 0) {
+		pam_syslog(pamh, LOG_CRIT, "out of memory");
+		goto get_mail_status_cleanup;
+	    }
 	    i = scandir(dir, &namelist, 0, alphasort);
-	    if (i > 2) {
-		type = "new";
-		while (--i)
-		    free(namelist[i]);
-	    } else {
-		while (--i >= 0)
-		    free(namelist[i]);
-		sprintf(dir, "%.250s/cur", folder);
-		i = scandir(dir, &namelist, 0, alphasort);
-		if (i > 2) {
-		    type = "old";
-		    while (--i)
-			free(namelist[i]);
-		} else if (ctrl & PAM_EMPTY_TOO) {
-		    while (--i >= 0)
-			free(namelist[i]);
-		    type = "no";
-		} else {
-		    type = NULL;
+	    save_errno = errno;
+	    _pam_overwrite(dir);
+	    _pam_drop(dir);
+	    if (i < 0) {
+		type = 0;
+		namelist = NULL;
+		if (save_errno == ENOMEM) {
+		    pam_syslog(pamh, LOG_CRIT, "out of memory");
+		    goto get_mail_status_cleanup;
 		}
 	    }
+	    if (i > 2)
+	        type = HAVE_OLD_MAIL;
+	    else
+	        type = (ctrl & PAM_EMPTY_TOO) ? HAVE_NO_MAIL : 0;
+	    while (--i >= 0)
+		_pam_drop(namelist[i]);
+	    _pam_drop(namelist);
+	}
+    } else {
+	if (mail_st.st_size > 0) {
+	    if (mail_st.st_atime < mail_st.st_mtime)	/* new */
+	        type = HAVE_NEW_MAIL;
+	    else		/* old */
+	        type = (ctrl & PAM_STANDARD_MAIL) ? HAVE_MAIL : HAVE_OLD_MAIL;
+	} else if (ctrl & PAM_EMPTY_TOO) {
+	    type = HAVE_NO_MAIL;
 	} else {
-	    if (mail_st.st_size > 0) {
-		if (mail_st.st_atime < mail_st.st_mtime) /* new */
-		    type = (ctrl & PAM_STANDARD_MAIL) ? "new " : "new";
-		else /* old */
-		    type = (ctrl & PAM_STANDARD_MAIL) ? "" : "old";
-	    } else if (ctrl & PAM_EMPTY_TOO) {
-		type = "no";
-	    } else {
-		type = NULL;
-	    }
+	    type = 0;
 	}
     }
 
-    memset(dir, 0, 256);
+  get_mail_status_cleanup:
     memset(&mail_st, 0, sizeof(mail_st));
-    D(("user has %s mail in %s folder", type, folder));
+    D(("user has %d mail in %s folder", type, folder));
     return type;
 }
 
-static int report_mail(pam_handle_t *pamh, int ctrl
-		       , const char *type, const char *folder)
+static int
+report_mail(pam_handle_t *pamh, int ctrl, int type, const char *folder)
 {
     int retval;
 
-    if (!(ctrl & PAM_MAIL_SILENT) || ((ctrl & PAM_QUIET_MAIL) && strcmp(type, "new"))) {
-	char *remark;
-
+    if (!(ctrl & PAM_MAIL_SILENT) ||
+	((ctrl & PAM_QUIET_MAIL) && type == HAVE_NEW_MAIL))
+      {
 	if (ctrl & PAM_STANDARD_MAIL)
-	    if (!strcmp(type, "no"))
-		remark = malloc(strlen(NO_MAIL_STANDARD_FORMAT)+1);
-	    else
-		remark = malloc(strlen(YOUR_MAIL_STANDARD_FORMAT)+strlen(type)+1);
+	  switch (type)
+	    {
+	    case HAVE_NO_MAIL:
+	      retval = pam_info (pamh, "%s", _("No mail."));
+	      break;
+	    case HAVE_NEW_MAIL:
+	      retval = pam_info (pamh, "%s", _("You have new mail."));
+	      break;
+	    case HAVE_OLD_MAIL:
+	      retval = pam_info (pamh, "%s", _("You have old mail."));
+	      break;
+	    case HAVE_MAIL:
+	    default:
+	      retval = pam_info (pamh, "%s", _("You have mail."));
+	      break;
+	    }
 	else
-	    remark = malloc(strlen(YOUR_MAIL_VERBOSE_FORMAT)+strlen(type)+strlen(folder)+1);
-	if (remark == NULL) {
-	    retval = PAM_BUF_ERR;
-	} else {
-	    struct pam_message msg[1], *mesg[1];
-	    struct pam_response *resp=NULL;
-
-	    if (ctrl & PAM_STANDARD_MAIL)
-		if (!strcmp(type, "no"))
-		    sprintf(remark, NO_MAIL_STANDARD_FORMAT);
-		else
-		    sprintf(remark, YOUR_MAIL_STANDARD_FORMAT, type);
-	    else
-		sprintf(remark, YOUR_MAIL_VERBOSE_FORMAT, type, folder);
-
-	    mesg[0] = &msg[0];
-	    msg[0].msg_style = PAM_TEXT_INFO;
-	    msg[0].msg = remark;
-
-	    retval = converse(pamh, ctrl, 1, mesg, &resp);
-
-	    _pam_overwrite(remark);
-	    _pam_drop(remark);
-	    if (resp)
-		_pam_drop_reply(resp, 1);
-	}
-    } else {
+	  switch (type)
+	    {
+	    case HAVE_NO_MAIL:
+	      retval = pam_info (pamh, _("You have no mail in folder %s."),
+				 folder);
+	      break;
+	    case HAVE_NEW_MAIL:
+	      retval = pam_info (pamh, _("You have new mail in folder %s."),
+				 folder);
+	      break;
+	    case HAVE_OLD_MAIL:
+	      retval = pam_info (pamh, _("You have old mail in folder %s."),
+				 folder);
+	      break;
+	    case HAVE_MAIL:
+	    default:
+	      retval = pam_info (pamh, _("You have mail in folder %s."),
+				 folder);
+	      break;
+	    }
+      }
+    else
+      {
 	D(("keeping quiet"));
 	retval = PAM_SUCCESS;
-    }
+      }
 
     D(("returning %s", pam_strerror(pamh, retval)));
     return retval;
@@ -368,9 +359,9 @@ static int _do_mail(pam_handle_t *, int, int, const char **, int);
 
 /* --- authentication functions --- */
 
-PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,
-    const char **argv)
+PAM_EXTERN int
+pam_sm_authenticate (pam_handle_t *pamh UNUSED, int flags UNUSED,
+		     int argc UNUSED, const char **argv UNUSED)
 {
     return PAM_IGNORE;
 }
@@ -408,16 +399,17 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
 static int _do_mail(pam_handle_t *pamh, int flags, int argc,
     const char **argv, int est)
 {
-    int retval, ctrl, hashcount;
-    char *path_mail=NULL, *folder;
-    const char *type;
+    int retval, ctrl, type;
+    size_t hashcount;
+    char *folder = NULL;
+    const char *path_mail = NULL;
 
     /*
      * this module (un)sets the MAIL environment variable, and checks if
      * the user has any new mail.
      */
 
-    ctrl = _pam_parse(flags, argc, argv, &path_mail, &hashcount);
+    ctrl = _pam_parse(pamh, flags, argc, argv, &path_mail, &hashcount);
 
     /* Do we have anything to do? */
 
@@ -426,7 +418,7 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
 
     /* which folder? */
 
-    retval = get_folder(pamh, ctrl, &path_mail, &folder, hashcount);
+    retval = get_folder(pamh, ctrl, path_mail, &folder, hashcount);
     if (retval != PAM_SUCCESS) {
 	D(("failed to find folder"));
 	return retval;
@@ -437,24 +429,21 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
     if (!(ctrl & PAM_NO_ENV) && est) {
 	char *tmp;
 
-	tmp = malloc(strlen(folder)+sizeof(MAIL_ENV_FORMAT));
-	if (tmp != NULL) {
-	    sprintf(tmp, MAIL_ENV_FORMAT, folder);
-	    D(("setting env: %s", tmp));
-	    retval = pam_putenv(pamh, tmp);
-	    _pam_overwrite(tmp);
-	    _pam_drop(tmp);
-	    if (retval != PAM_SUCCESS) {
-		_pam_overwrite(folder);
-		_pam_drop(folder);
-		_log_err(LOG_CRIT, "unable to set " MAIL_ENV_NAME " variable");
-		return retval;
-	    }
-	} else {
-	    _log_err(LOG_CRIT, "no memory for " MAIL_ENV_NAME " variable");
-	    _pam_overwrite(folder);
-	    _pam_drop(folder);
-	    return retval;
+	if (asprintf(&tmp, MAIL_ENV_FORMAT, folder) < 0) {
+	    pam_syslog(pamh, LOG_CRIT,
+		       "no memory for " MAIL_ENV_NAME " variable");
+	    retval = PAM_BUF_ERR;
+	    goto do_mail_cleanup;
+	}
+	D(("setting env: %s", tmp));
+	retval = pam_putenv(pamh, tmp);
+	_pam_overwrite(tmp);
+	_pam_drop(tmp);
+	if (retval != PAM_SUCCESS) {
+	    pam_syslog(pamh, LOG_CRIT,
+		       "unable to set " MAIL_ENV_NAME " variable");
+	    retval = PAM_BUF_ERR;
+	    goto do_mail_cleanup;
 	}
     } else {
 	D(("not setting " MAIL_ENV_NAME " variable"));
@@ -466,10 +455,10 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
 
     if ((est && !(ctrl & PAM_NO_LOGIN))
 	|| (!est && (ctrl & PAM_LOGOUT_TOO))) {
-	type = get_mail_status(ctrl, folder);
-	if (type != NULL) {
+	type = get_mail_status(pamh, ctrl, folder);
+	if (type != 0) {
 	    retval = report_mail(pamh, ctrl, type, folder);
-	    type = NULL;
+	    type = 0;
 	}
     }
 
@@ -477,7 +466,8 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc,
     if ( ! est && ! (ctrl & PAM_NO_ENV) )
 	(void) pam_putenv(pamh, MAIL_ENV_NAME);
 
-    _pam_overwrite(folder); /* clean up */
+  do_mail_cleanup:
+    _pam_overwrite(folder);
     _pam_drop(folder);
 
     /* indicate success or failure */