diff options
| author | Steve Langasek <vorlon@debian.org> | 2019-01-22 14:54:11 -0800 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2019-01-22 14:54:11 -0800 |
| commit | f00afb1ef201b2eef7f9ddbe5a0c6ca802cf49bb (patch) | |
| tree | 402838c53047b0e21466a653ae88d86a8e4b7b65 /modules/pam_unix/pam_unix_auth.c | |
| parent | 795badba7f95e737f979917859cd32c9bd47bcad (diff) | |
| parent | 1cad9fb2a0d729c5b5e5aa7297c521df7d5a2d33 (diff) | |
| download | pam-f00afb1ef201b2eef7f9ddbe5a0c6ca802cf49bb.tar.gz pam-f00afb1ef201b2eef7f9ddbe5a0c6ca802cf49bb.tar.bz2 pam-f00afb1ef201b2eef7f9ddbe5a0c6ca802cf49bb.zip | |
New upstream version 1.3.0
Diffstat (limited to 'modules/pam_unix/pam_unix_auth.c')
| -rw-r--r-- | modules/pam_unix/pam_unix_auth.c | 31 |
1 files changed, 14 insertions, 17 deletions
diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c index 44573e6c..673861e4 100644 --- a/modules/pam_unix/pam_unix_auth.c +++ b/modules/pam_unix/pam_unix_auth.c @@ -50,11 +50,7 @@ /* indicate the following groups are defined */ -#ifdef PAM_STATIC -# include "pam_unix_static.h" -#else -# define PAM_SM_AUTH -#endif +#define PAM_SM_AUTH #define _PAM_EXTERN_FUNCTIONS #include <security/_pam_macros.h> @@ -82,14 +78,13 @@ #define AUTH_RETURN \ do { \ - if (on(UNIX_LIKE_AUTH, ctrl) && ret_data) { \ + if (ret_data) { \ D(("recording return code for next time [%d]", \ retval)); \ *ret_data = retval; \ pam_set_data(pamh, "unix_setcred_return", \ (void *) ret_data, setcred_free); \ - } else if (ret_data) \ - free (ret_data); \ + } \ D(("done. [%s]", pam_strerror(pamh, retval))); \ return retval; \ } while (0) @@ -108,16 +103,15 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) unsigned int ctrl; int retval, *ret_data = NULL; const char *name; - const void *p; + const char *p; D(("called.")); ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); /* Get a few bytes so we can pass our return value to - pam_sm_setcred(). */ - if (on(UNIX_LIKE_AUTH, ctrl)) - ret_data = malloc(sizeof(int)); + pam_sm_setcred() and pam_sm_acct_mgmt(). */ + ret_data = malloc(sizeof(int)); /* get the user'name' */ @@ -157,8 +151,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) } /* get this user's authentication token */ - retval = _unix_read_password(pamh, ctrl, NULL, _("Password: "), NULL - ,_UNIX_AUTHTOK, &p); + retval = pam_get_authtok(pamh, PAM_AUTHTOK, &p , NULL); if (retval != PAM_SUCCESS) { if (retval != PAM_CONV_AGAIN) { pam_syslog(pamh, LOG_CRIT, @@ -194,20 +187,24 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) */ int -pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED, - int argc UNUSED, const char **argv UNUSED) +pam_sm_setcred (pam_handle_t *pamh, int flags, + int argc, const char **argv) { int retval; const void *pretval = NULL; + unsigned int ctrl; D(("called.")); + ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); + retval = PAM_SUCCESS; D(("recovering return code from auth call")); /* We will only find something here if UNIX_LIKE_AUTH is set -- don't worry about an explicit check of argv. */ - if (pam_get_data(pamh, "unix_setcred_return", &pretval) == PAM_SUCCESS + if (on(UNIX_LIKE_AUTH, ctrl) + && pam_get_data(pamh, "unix_setcred_return", &pretval) == PAM_SUCCESS && pretval) { retval = *(const int *)pretval; pam_set_data(pamh, "unix_setcred_return", NULL, NULL); |