diff options
| author | Steve Langasek <vorlon@debian.org> | 2000-12-20 05:15:05 +0000 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2000-12-20 05:15:05 +0000 |
| commit | 38da6ae394a4b2f18e210369562928dc0e404f54 (patch) | |
| tree | d5ee266e4c99c2a950ec6ad7fabc016c140a66c0 /modules/pam_unix/pam_unix_passwd.c | |
| parent | e23b51cda072fbd6fc65f5ff43d196eeea28cac5 (diff) | |
| download | pam-38da6ae394a4b2f18e210369562928dc0e404f54.tar.gz pam-38da6ae394a4b2f18e210369562928dc0e404f54.tar.bz2 pam-38da6ae394a4b2f18e210369562928dc0e404f54.zip | |
Relevant BUGIDs: 126431, 126423
Purpose of commit: new feature / bugfix
Commit summary:
---------------
This changes the format of pam_unix log messages, per bug 126423. The
change is extensive (every call to _log_err() now has an additional
argument) but straightforward.
These changes to the logging code incidentally fix the problem reported in
bug 126431.
Diffstat (limited to 'modules/pam_unix/pam_unix_passwd.c')
| -rw-r--r-- | modules/pam_unix/pam_unix_passwd.c | 58 |
1 files changed, 34 insertions, 24 deletions
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index e4998afd..5d8d2d7d 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -178,29 +178,31 @@ static char *crypt_md5_wrapper(const char *pass_new) return x; } -static char *getNISserver(void) +static char *getNISserver(pam_handle_t *pamh) { char *master; char *domainname; int port, err; if ((err = yp_get_default_domain(&domainname)) != 0) { - _log_err(LOG_WARNING, "can't get local yp domain: %s\n", + _log_err(LOG_WARNING, pamh, "can't get local yp domain: %s\n", yperr_string(err)); return NULL; } if ((err = yp_master(domainname, "passwd.byname", &master)) != 0) { - _log_err(LOG_WARNING, "can't find the master ypserver: %s\n", + _log_err(LOG_WARNING, pamh, "can't find the master ypserver: %s\n", yperr_string(err)); return NULL; } port = getrpcport(master, YPPASSWDPROG, YPPASSWDPROC_UPDATE, IPPROTO_UDP); if (port == 0) { - _log_err(LOG_WARNING, "yppasswdd not running on NIS master host\n"); + _log_err(LOG_WARNING, pamh, + "yppasswdd not running on NIS master host\n"); return NULL; } if (port >= IPPORT_RESERVED) { - _log_err(LOG_WARNING, "yppasswd daemon running on illegal port.\n"); + _log_err(LOG_WARNING, pamh, + "yppasswd daemon running on illegal port.\n"); return NULL; } return master; @@ -424,8 +426,8 @@ static int _update_shadow(const char *forwho, char *towhat) return retval; } -static int _do_setpass(const char *forwho, char *fromwhat, char *towhat, - unsigned int ctrl, int remember) +static int _do_setpass(pam_handle_t* pamh, const char *forwho, char *fromwhat, + char *towhat, unsigned int ctrl, int remember) { struct passwd *pwd = NULL; int retval = 0; @@ -448,7 +450,7 @@ static int _do_setpass(const char *forwho, char *fromwhat, char *towhat, int err = 0; /* Make RPC call to NIS server */ - if ((master = getNISserver()) == NULL) + if ((master = getNISserver(pamh)) == NULL) return PAM_TRY_AGAIN; /* Initialize password information */ @@ -595,7 +597,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh if (pass_new == NULL || (pass_old && !strcmp(pass_old, pass_new))) { if (on(UNIX_DEBUG, ctrl)) { - _log_err(LOG_DEBUG, "bad authentication token"); + _log_err(LOG_DEBUG, pamh, "bad authentication token"); } _make_remark(pamh, ctrl, PAM_ERROR_MSG, pass_new == NULL ? "No password supplied" : "Password unchanged"); @@ -609,7 +611,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh retval = pam_get_item(pamh, PAM_USER, (const void **) &user); if (retval != PAM_SUCCESS) { if (on(UNIX_DEBUG, ctrl)) { - _log_err(LOG_ERR, "Can not get username"); + _log_err(LOG_ERR, pamh, "Can not get username"); return PAM_AUTHTOK_ERR; } } @@ -669,7 +671,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, return PAM_AUTHTOK_LOCK_BUSY; } #endif - ctrl = _set_ctrl(flags, &remember, argc, argv); + ctrl = _set_ctrl(pamh, flags, &remember, argc, argv); /* * First get the name of a user @@ -683,17 +685,19 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, * alphanumeric character. */ if (user == NULL || !isalnum(*user)) { - _log_err(LOG_ERR, "bad username [%s]", user); + _log_err(LOG_ERR, pamh, "bad username [%s]", user); #ifdef USE_LCKPWDF ulckpwdf(); #endif return PAM_USER_UNKNOWN; } if (retval == PAM_SUCCESS && on(UNIX_DEBUG, ctrl)) - _log_err(LOG_DEBUG, "username [%s] obtained", user); + _log_err(LOG_DEBUG, pamh, "username [%s] obtained", + user); } else { if (on(UNIX_DEBUG, ctrl)) - _log_err(LOG_DEBUG, "password - could not identify user"); + _log_err(LOG_DEBUG, pamh, + "password - could not identify user"); #ifdef USE_LCKPWDF ulckpwdf(); #endif @@ -728,7 +732,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, #define greeting "Changing password for " Announce = (char *) malloc(sizeof(greeting) + strlen(user)); if (Announce == NULL) { - _log_err(LOG_CRIT, "password - out of memory"); + _log_err(LOG_CRIT, pamh, + "password - out of memory"); #ifdef USE_LCKPWDF ulckpwdf(); #endif @@ -749,7 +754,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, free(Announce); if (retval != PAM_SUCCESS) { - _log_err(LOG_NOTICE + _log_err(LOG_NOTICE, pamh ,"password - (old) token not obtained"); #ifdef USE_LCKPWDF ulckpwdf(); @@ -776,7 +781,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, retval = pam_set_item(pamh, PAM_OLDAUTHTOK, (const void *) pass_old); pass_old = NULL; if (retval != PAM_SUCCESS) { - _log_err(LOG_CRIT, "failed to set PAM_OLDAUTHTOK"); + _log_err(LOG_CRIT, pamh, + "failed to set PAM_OLDAUTHTOK"); } retval = _unix_verify_shadow(user, ctrl); if (retval == PAM_AUTHTOK_ERR) { @@ -821,7 +827,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, D(("pass_old [%s]", pass_old)); if (retval != PAM_SUCCESS) { - _log_err(LOG_NOTICE, "user not authenticated"); + _log_err(LOG_NOTICE, pamh, "user not authenticated"); #ifdef USE_LCKPWDF ulckpwdf(); #endif @@ -829,7 +835,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, } retval = _unix_verify_shadow(user, ctrl); if (retval != PAM_SUCCESS) { - _log_err(LOG_NOTICE, "user not authenticated 2"); + _log_err(LOG_NOTICE, pamh, "user not authenticated 2"); #ifdef USE_LCKPWDF ulckpwdf(); #endif @@ -859,7 +865,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, if (retval != PAM_SUCCESS) { if (on(UNIX_DEBUG, ctrl)) { - _log_err(LOG_ALERT + _log_err(LOG_ALERT, pamh ,"password - new password not obtained"); } pass_old = NULL; /* tidy up */ @@ -883,7 +889,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, } if (retval != PAM_SUCCESS) { - _log_err(LOG_NOTICE, "new password not acceptable"); + _log_err(LOG_NOTICE, pamh, + "new password not acceptable"); _pam_overwrite(pass_new); _pam_overwrite(pass_old); pass_new = pass_old = NULL; /* tidy up */ @@ -926,7 +933,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, char *e; if (temp == NULL) { - _log_err(LOG_CRIT, "out of memory for password"); + _log_err(LOG_CRIT, pamh, + "out of memory for password"); _pam_overwrite(pass_new); _pam_overwrite(pass_old); pass_new = pass_old = NULL; /* tidy up */ @@ -960,13 +968,15 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags, /* update the password database(s) -- race conditions..? */ - retval = _do_setpass(user, pass_old, tpass, ctrl, remember); + retval = _do_setpass(pamh, user, pass_old, tpass, ctrl, + remember); _pam_overwrite(pass_new); _pam_overwrite(pass_old); _pam_delete(tpass); pass_old = pass_new = NULL; } else { /* something has broken with the module */ - _log_err(LOG_ALERT, "password received unknown request"); + _log_err(LOG_ALERT, pamh, + "password received unknown request"); retval = PAM_ABORT; } |