diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 17:05:01 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 17:27:13 -0800 |
| commit | 419bd504587ec2bfc9085fe56e7a53433fd1eae6 (patch) | |
| tree | d516c2ccae28dbd020cb69f50162f5d32acd7648 /libpam/pam_end.c | |
| parent | c68dce23face9f26b651917b418c7f80931fa7b7 (diff) | |
| parent | 9c52e721044e7501c3d4567b36d222dc7326224a (diff) | |
| download | pam-419bd504587ec2bfc9085fe56e7a53433fd1eae6.tar.gz pam-419bd504587ec2bfc9085fe56e7a53433fd1eae6.tar.bz2 pam-419bd504587ec2bfc9085fe56e7a53433fd1eae6.zip | |
merge upstream version 1.0.1
Diffstat (limited to 'libpam/pam_end.c')
| -rw-r--r-- | libpam/pam_end.c | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/libpam/pam_end.c b/libpam/pam_end.c new file mode 100644 index 00000000..a2d94085 --- /dev/null +++ b/libpam/pam_end.c @@ -0,0 +1,92 @@ +/* pam_end.c */ + +/* + * $Id: pam_end.c,v 1.7 2008/01/28 14:50:21 kukuk Exp $ + */ + +#include "pam_private.h" + +#include <stdlib.h> + +int pam_end(pam_handle_t *pamh, int pam_status) +{ + int ret; + + D(("entering pam_end()")); + + IF_NO_PAMH("pam_end", pamh, PAM_SYSTEM_ERR); + + if (__PAM_FROM_MODULE(pamh)) { + D(("called from module!?")); + return PAM_SYSTEM_ERR; + } + +#ifdef HAVE_LIBAUDIT + _pam_audit_end(pamh, pam_status); +#endif + + /* first liberate the modules (it is not inconcevible that the + modules may need to use the service_name etc. to clean up) */ + + _pam_free_data(pamh, pam_status); + + /* now drop all modules */ + + if ((ret = _pam_free_handlers(pamh)) != PAM_SUCCESS) { + return ret; /* error occurred */ + } + + /* from this point we cannot call the modules any more. Free the remaining + memory used by the Linux-PAM interface */ + + _pam_drop_env(pamh); /* purge the environment */ + + _pam_overwrite(pamh->authtok); /* blank out old token */ + _pam_drop(pamh->authtok); + + _pam_overwrite(pamh->oldauthtok); /* blank out old token */ + _pam_drop(pamh->oldauthtok); + + _pam_overwrite(pamh->former.prompt); + _pam_drop(pamh->former.prompt); /* drop saved prompt */ + + _pam_overwrite(pamh->service_name); + _pam_drop(pamh->service_name); + + _pam_overwrite(pamh->user); + _pam_drop(pamh->user); + + _pam_overwrite(pamh->prompt); + _pam_drop(pamh->prompt); /* prompt for pam_get_user() */ + + _pam_overwrite(pamh->tty); + _pam_drop(pamh->tty); + + _pam_overwrite(pamh->rhost); + _pam_drop(pamh->rhost); + + _pam_overwrite(pamh->ruser); + _pam_drop(pamh->ruser); + + _pam_drop(pamh->pam_conversation); + pamh->fail_delay.delay_fn_ptr = NULL; + + _pam_drop(pamh->former.substates); + + _pam_overwrite(pamh->xdisplay); + _pam_drop(pamh->xdisplay); + + _pam_overwrite(pamh->xauth.name); + _pam_drop(pamh->xauth.name); + _pam_overwrite_n(pamh->xauth.data, (unsigned int)pamh->xauth.datalen); + _pam_drop(pamh->xauth.data); + _pam_overwrite_n((char *)&pamh->xauth, sizeof(pamh->xauth)); + + /* and finally liberate the memory for the pam_handle structure */ + + _pam_drop(pamh); + + D(("exiting pam_end() successfully")); + + return PAM_SUCCESS; +} |