diff options
| author | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
| commit | f6d08ed47a3da3c08345bce2ca366e961c52ad7c (patch) | |
| tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /libpam/pam_handlers.c | |
| parent | 668b13da8f830c38388cecac45539972e80cb246 (diff) | |
| parent | 9e5bea9e146dee574796259ca464ad2435be3590 (diff) | |
| download | pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.gz pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.bz2 pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.zip | |
New upstream version 1.4.0
Diffstat (limited to 'libpam/pam_handlers.c')
| -rw-r--r-- | libpam/pam_handlers.c | 95 |
1 files changed, 55 insertions, 40 deletions
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c index 106ef7c2..ffa5e4ae 100644 --- a/libpam/pam_handlers.c +++ b/libpam/pam_handlers.c @@ -7,6 +7,7 @@ */ #include "pam_private.h" +#include "pam_inline.h" #include <stdlib.h> #include <stdio.h> @@ -280,9 +281,14 @@ _pam_open_config_file(pam_handle_t *pamh , char **path , FILE **file) { - char *p; + const char *pamd_dirs[] = { PAM_CONFIG_DF, PAM_CONFIG_DIST_DF +#ifdef VENDORDIR + , PAM_CONFIG_DIST2_DF +#endif + }; + char *p = NULL; FILE *f; - int err = 0; + size_t i; /* Absolute path */ if (service[0] == '/') { @@ -291,45 +297,40 @@ _pam_open_config_file(pam_handle_t *pamh pam_syslog(pamh, LOG_CRIT, "strdup failed"); return PAM_BUF_ERR; } + } else if (pamh->confdir != NULL) { + if (asprintf (&p, "%s/%s", pamh->confdir, service) < 0) { + pam_syslog(pamh, LOG_CRIT, "asprintf failed"); + return PAM_BUF_ERR; + } + } - f = fopen(service, "r"); + if (p != NULL) { + D(("opening %s", p)); + f = fopen(p, "r"); if (f != NULL) { *path = p; *file = f; return PAM_SUCCESS; } - _pam_drop(p); return PAM_ABORT; } - /* Local Machine Configuration /etc/pam.d/ */ - if (asprintf (&p, PAM_CONFIG_DF, service) < 0) { - pam_syslog(pamh, LOG_CRIT, "asprintf failed"); - return PAM_BUF_ERR; - } - D(("opening %s", p)); - f = fopen(p, "r"); - if (f != NULL) { - *path = p; - *file = f; - return PAM_SUCCESS; - } + for (i = 0; i < PAM_ARRAY_SIZE(pamd_dirs); i++) { + if (asprintf (&p, pamd_dirs[i], service) < 0) { + pam_syslog(pamh, LOG_CRIT, "asprintf failed"); + return PAM_BUF_ERR; + } - /* System Configuration /usr/lib/pam.d/ */ - _pam_drop(p); - if (asprintf (&p, PAM_CONFIG_DIST_DF, service) < 0) { - pam_syslog(pamh, LOG_CRIT, "asprintf failed"); - return PAM_BUF_ERR; - } - D(("opening %s", p)); - f = fopen(p, "r"); - if (f != NULL) { + D(("opening %s", p)); + f = fopen(p, "r"); + if (f != NULL) { *path = p; *file = f; return PAM_SUCCESS; + } + _pam_drop(p); } - _pam_drop(p); return PAM_ABORT; } @@ -446,8 +447,14 @@ int _pam_init_handlers(pam_handle_t *pamh) struct stat test_d; /* Is there a PAM_CONFIG_D directory? */ - if ((stat(PAM_CONFIG_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) || - (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode))) { + if (pamh->confdir != NULL || + (stat(PAM_CONFIG_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) || + (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) +#ifdef PAM_CONFIG_DIST2_D + || (stat(PAM_CONFIG_DIST2_D, &test_d) == 0 + && S_ISDIR(test_d.st_mode)) +#endif + ) { char *path = NULL; int read_something=0; @@ -474,7 +481,8 @@ int _pam_init_handlers(pam_handle_t *pamh) #ifdef PAM_READ_BOTH_CONFS D(("checking %s", PAM_CONFIG)); - if ((f = fopen(PAM_CONFIG,"r")) != NULL) { + if (pamh->confdir == NULL + && (f = fopen(PAM_CONFIG,"r")) != NULL) { retval = _pam_parse_conf_file(pamh, f, NULL, PAM_T_ANY, 0, 1); fclose(f); } else @@ -551,7 +559,7 @@ int _pam_init_handlers(pam_handle_t *pamh) /* * This is where we read a line of the PAM config file. The line may be - * preceeded by lines of comments and also extended with "\\\n" + * preceded by lines of comments and also extended with "\\\n" */ static int _pam_assemble_line(FILE *f, char *buffer, int buf_len) @@ -665,7 +673,6 @@ _pam_load_module(pam_handle_t *pamh, const char *mod_path, int handler_type) { int x = 0; int success; - char *mod_full_isa_path=NULL, *isa=NULL; struct loaded_module *mod; D(("_pam_load_module: loading module `%s'", mod_path)); @@ -704,19 +711,27 @@ _pam_load_module(pam_handle_t *pamh, const char *mod_path, int handler_type) D(("_pam_load_module: _pam_dlopen'ed")); D(("_pam_load_module: dlopen'ed")); if (mod->dl_handle == NULL) { - if (strstr(mod_path, "$ISA")) { - mod_full_isa_path = malloc(strlen(mod_path) + strlen(_PAM_ISA) + 1); + const char *isa = strstr(mod_path, "$ISA"); + size_t isa_len = strlen("$ISA"); + + if (isa != NULL) { + size_t pam_isa_len = strlen(_PAM_ISA); + char *mod_full_isa_path = + malloc(strlen(mod_path) - isa_len + pam_isa_len + 1); + if (mod_full_isa_path == NULL) { D(("_pam_load_module: couldn't get memory for mod_path")); pam_syslog(pamh, LOG_CRIT, "no memory for module path"); success = PAM_ABORT; } else { - strcpy(mod_full_isa_path, mod_path); - isa = strstr(mod_full_isa_path, "$ISA"); - if (isa) { - memmove(isa + strlen(_PAM_ISA), isa + 4, strlen(isa + 4) + 1); - memmove(isa, _PAM_ISA, strlen(_PAM_ISA)); - } + char *p = mod_full_isa_path; + + memcpy(p, mod_path, isa - mod_path); + p += isa - mod_path; + memcpy(p, _PAM_ISA, pam_isa_len); + p += pam_isa_len; + strcpy(p, isa + isa_len); + mod->dl_handle = _pam_dlopen(mod_full_isa_path); _pam_drop(mod_full_isa_path); } @@ -1019,7 +1034,7 @@ void _pam_free_handlers_aux(struct handler **hp) D(("called.")); while (h) { last = h; - _pam_drop(h->argv); /* This is all alocated in a single chunk */ + _pam_drop(h->argv); /* This is all allocated in a single chunk */ _pam_drop(h->mod_name); h = h->next; memset(last, 0, sizeof(*last)); |