aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorTomas Mraz <tmraz@fedoraproject.org>2018-12-10 16:41:47 +0100
committerTomas Mraz <tmraz@fedoraproject.org>2018-12-11 08:26:54 +0100
commit00b38702c70ad3847a2b3d38930a6a390df81645 (patch)
tree22a46ef4932f29987169268e60fe730505a164aa /modules
parentd8d11db2cef65da5d2afa7acf21aa9c8cd88abed (diff)
downloadpam-00b38702c70ad3847a2b3d38930a6a390df81645.tar.gz
pam-00b38702c70ad3847a2b3d38930a6a390df81645.tar.bz2
pam-00b38702c70ad3847a2b3d38930a6a390df81645.zip
Move the duplicated search_key function to pam_modutil.
* libpam/pam_modutil_searchkey.c: New source file with pam_modutil_search_key(). * libpam/Makefile.am: Add the pam_modutil_searchkey.c. * libpam/include/security/pam_modutil.h: Add the pam_modutil_search_key() prototype. * libpam/libpam.map: Add the pam_modutil_search_key() into a new version. * modules/pam_faildelay/pam_faildelay.c: Drop search_key() and use pam_modutil_search_key(). * modules/pam_umask/pam_umask.c: Likewise. * modules/pam_unix/support.c: Likewise.
Diffstat (limited to 'modules')
-rw-r--r--modules/pam_faildelay/pam_faildelay.c75
-rw-r--r--modules/pam_umask/pam_umask.c80
-rw-r--r--modules/pam_unix/support.c78
3 files changed, 7 insertions, 226 deletions
diff --git a/modules/pam_faildelay/pam_faildelay.c b/modules/pam_faildelay/pam_faildelay.c
index 7ea8f837..215074b2 100644
--- a/modules/pam_faildelay/pam_faildelay.c
+++ b/modules/pam_faildelay/pam_faildelay.c
@@ -75,81 +75,10 @@
#include <security/pam_modules.h>
#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
-
-#define BUF_SIZE 8192
#define LOGIN_DEFS "/etc/login.defs"
-static char *
-search_key (const char *filename)
-{
- FILE *fp;
- char *buf = NULL;
- size_t buflen = 0;
- char *retval = NULL;
-
- fp = fopen (filename, "r");
- if (NULL == fp)
- return NULL;
-
- while (!feof (fp))
- {
- char *tmp, *cp;
-#if defined(HAVE_GETLINE)
- ssize_t n = getline (&buf, &buflen, fp);
-#elif defined (HAVE_GETDELIM)
- ssize_t n = getdelim (&buf, &buflen, '\n', fp);
-#else
- ssize_t n;
-
- if (buf == NULL)
- {
- buflen = BUF_SIZE;
- buf = malloc (buflen);
- }
- buf[0] = '\0';
- if (fgets (buf, buflen - 1, fp) == NULL)
- break;
- else if (buf != NULL)
- n = strlen (buf);
- else
- n = 0;
-#endif /* HAVE_GETLINE / HAVE_GETDELIM */
- cp = buf;
-
- if (n < 1)
- break;
-
- tmp = strchr (cp, '#'); /* remove comments */
- if (tmp)
- *tmp = '\0';
- while (isspace ((int)*cp)) /* remove spaces and tabs */
- ++cp;
- if (*cp == '\0') /* ignore empty lines */
- continue;
-
- if (cp[strlen (cp) - 1] == '\n')
- cp[strlen (cp) - 1] = '\0';
-
- tmp = strsep (&cp, " \t=");
- if (cp != NULL)
- while (isspace ((int)*cp) || *cp == '=')
- ++cp;
-
- if (strcasecmp (tmp, "FAIL_DELAY") == 0)
- {
- retval = strdup (cp);
- break;
- }
- }
- fclose (fp);
-
- free (buf);
-
- return retval;
-}
-
-
/* --- authentication management functions (only) --- */
int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
@@ -171,7 +100,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
if (delay == -1)
{
char *endptr;
- char *val = search_key (LOGIN_DEFS);
+ char *val = pam_modutil_search_key (pamh, LOGIN_DEFS, "FAIL_DELAY");
const char *val_orig = val;
if (val == NULL)
diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c
index ab490645..3dcc5b10 100644
--- a/modules/pam_umask/pam_umask.c
+++ b/modules/pam_umask/pam_umask.c
@@ -56,7 +56,6 @@
#include <security/pam_modutil.h>
#include <security/pam_ext.h>
-#define BUF_SIZE 4096
#define LOGIN_DEFS "/etc/login.defs"
#define LOGIN_CONF "/etc/default/login"
@@ -86,81 +85,8 @@ parse_option (const pam_handle_t *pamh, const char *argv, options_t *options)
pam_syslog (pamh, LOG_ERR, "Unknown option: `%s'", argv);
}
-static char *
-search_key (const char *filename)
-{
- FILE *fp;
- char *buf = NULL;
- size_t buflen = 0;
- char *retval = NULL;
-
- fp = fopen (filename, "r");
- if (NULL == fp)
- return NULL;
-
- while (!feof (fp))
- {
- char *tmp, *cp;
-#if defined(HAVE_GETLINE)
- ssize_t n = getline (&buf, &buflen, fp);
-#elif defined (HAVE_GETDELIM)
- ssize_t n = getdelim (&buf, &buflen, '\n', fp);
-#else
- ssize_t n;
-
- if (buf == NULL)
- {
- buflen = BUF_SIZE;
- buf = malloc (buflen);
- if (buf == NULL) {
- fclose (fp);
- return NULL;
- }
- }
- buf[0] = '\0';
- if (fgets (buf, buflen - 1, fp) == NULL)
- break;
- else if (buf != NULL)
- n = strlen (buf);
- else
- n = 0;
-#endif /* HAVE_GETLINE / HAVE_GETDELIM */
- cp = buf;
-
- if (n < 1)
- break;
-
- tmp = strchr (cp, '#'); /* remove comments */
- if (tmp)
- *tmp = '\0';
- while (isspace ((int)*cp)) /* remove spaces and tabs */
- ++cp;
- if (*cp == '\0') /* ignore empty lines */
- continue;
-
- if (cp[strlen (cp) - 1] == '\n')
- cp[strlen (cp) - 1] = '\0';
-
- tmp = strsep (&cp, " \t=");
- if (cp != NULL)
- while (isspace ((int)*cp) || *cp == '=')
- ++cp;
-
- if (strcasecmp (tmp, "UMASK") == 0)
- {
- retval = strdup (cp);
- break;
- }
- }
- fclose (fp);
-
- free (buf);
-
- return retval;
-}
-
static int
-get_options (const pam_handle_t *pamh, options_t *options,
+get_options (pam_handle_t *pamh, options_t *options,
int argc, const char **argv)
{
memset (options, 0, sizeof (options_t));
@@ -169,9 +95,9 @@ get_options (const pam_handle_t *pamh, options_t *options,
parse_option (pamh, *argv, options);
if (options->umask == NULL)
- options->umask = search_key (LOGIN_DEFS);
+ options->umask = pam_modutil_search_key (pamh, LOGIN_DEFS, "UMASK");
if (options->umask == NULL)
- options->umask = search_key (LOGIN_CONF);
+ options->umask = pam_modutil_search_key (pamh, LOGIN_CONF, "UMASK");
return 0;
}
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index ea5594d2..75851508 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -31,80 +31,6 @@
#include "support.h"
#include "passverify.h"
-static char *
-search_key (const char *key, const char *filename)
-{
- FILE *fp;
- char *buf = NULL;
- size_t buflen = 0;
- char *retval = NULL;
-
- fp = fopen (filename, "r");
- if (NULL == fp)
- return NULL;
-
- while (!feof (fp))
- {
- char *tmp, *cp;
-#if defined(HAVE_GETLINE)
- ssize_t n = getline (&buf, &buflen, fp);
-#elif defined (HAVE_GETDELIM)
- ssize_t n = getdelim (&buf, &buflen, '\n', fp);
-#else
- ssize_t n;
-
- if (buf == NULL)
- {
- buflen = BUF_SIZE;
- buf = malloc (buflen);
- if (buf == NULL) {
- fclose (fp);
- return NULL;
- }
- }
- buf[0] = '\0';
- if (fgets (buf, buflen - 1, fp) == NULL)
- break;
- else if (buf != NULL)
- n = strlen (buf);
- else
- n = 0;
-#endif /* HAVE_GETLINE / HAVE_GETDELIM */
- cp = buf;
-
- if (n < 1)
- break;
-
- tmp = strchr (cp, '#'); /* remove comments */
- if (tmp)
- *tmp = '\0';
- while (isspace ((int)*cp)) /* remove spaces and tabs */
- ++cp;
- if (*cp == '\0') /* ignore empty lines */
- continue;
-
- if (cp[strlen (cp) - 1] == '\n')
- cp[strlen (cp) - 1] = '\0';
-
- tmp = strsep (&cp, " \t=");
- if (cp != NULL)
- while (isspace ((int)*cp) || *cp == '=')
- ++cp;
-
- if (strcasecmp (tmp, key) == 0)
- {
- retval = strdup (cp);
- break;
- }
- }
- fclose (fp);
-
- free (buf);
-
- return retval;
-}
-
-
/* this is a front-end for module-application conversations */
int _make_remark(pam_handle_t * pamh, unsigned long long ctrl,
@@ -154,7 +80,7 @@ unsigned long long _set_ctrl(pam_handle_t *pamh, int flags, int *remember,
}
/* preset encryption method with value from /etc/login.defs */
- val = search_key ("ENCRYPT_METHOD", LOGIN_DEFS);
+ val = pam_modutil_search_key(pamh, LOGIN_DEFS, "ENCRYPT_METHOD");
if (val) {
for (j = 0; j < UNIX_CTRLS_; ++j) {
if (unix_args[j].token && unix_args[j].is_hash_algo
@@ -172,7 +98,7 @@ unsigned long long _set_ctrl(pam_handle_t *pamh, int flags, int *remember,
/* read number of rounds for crypt algo */
if (rounds && (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl))) {
- val=search_key ("SHA_CRYPT_MAX_ROUNDS", LOGIN_DEFS);
+ val = pam_modutil_search_key(pamh, LOGIN_DEFS, "SHA_CRYPT_MAX_ROUNDS");
if (val) {
*rounds = strtol(val, NULL, 10);
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 13:36:45 +0000