summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2000-08-03 19:03:52 +0000
committerSteve Langasek <vorlon@debian.org>2000-08-03 19:03:52 +0000
commit7e0abd7e80ba3bb7acb5e1436216c90bed8edcd2 (patch)
tree40b59c235aacba4b6b8990151f34657f4e34e529
parent1604b1f342173581481ae4a673c13fccba4520e3 (diff)
Relevant BUGIDs: 111035
Purpose of commit: bugfix to pam_unix_auth Commit summary: --------------- Fix for 'likeauth' handling in the pam_unix_auth module. If pam_setcred needs to return the same value as returned by pam_authenticate, malloc() space for this return value and pass its address to pam_set_data(). Also, changes pam_sm_setcred() so that it reads this value properly.
-rw-r--r--modules/pam_unix/pam_unix_auth.c19
1 files changed, 14 insertions, 5 deletions
diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c
index 3c301df0..a16118d6 100644
--- a/modules/pam_unix/pam_unix_auth.c
+++ b/modules/pam_unix/pam_unix_auth.c
@@ -85,11 +85,12 @@
#define AUTH_RETURN \
{ \
- if (on(UNIX_LIKE_AUTH, ctrl)) { \
+ if (on(UNIX_LIKE_AUTH, ctrl) && ret_data) { \
D(("recording return code for next time [%d]", \
retval)); \
+ *ret_data = retval; \
pam_set_data(pamh, "unix_setcred_return", \
- (void *) &retval, NULL); \
+ (void *) ret_data, NULL); \
} \
D(("done. [%s]", pam_strerror(pamh, retval))); \
return retval; \
@@ -99,13 +100,17 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
,int argc, const char **argv)
{
unsigned int ctrl;
- int retval;
+ int retval, *ret_data = NULL;
const char *name, *p;
D(("called."));
ctrl = _set_ctrl(flags, NULL, argc, argv);
+ /* Get a few bytes so we can pass our return value to
+ pam_sm_setcred(). */
+ ret_data = malloc(sizeof(int));
+
/* get the user'name' */
retval = pam_get_user(pamh, &name, "login: ");
@@ -197,12 +202,16 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t * pamh, int flags
retval = PAM_SUCCESS;
if (on(UNIX_LIKE_AUTH, ctrl)) {
- int *pretval = &retval;
+ int *pretval = NULL;
D(("recovering return code from auth call"));
pam_get_data(pamh, "unix_setcred_return", (const void **) &pretval);
pam_set_data(pamh, "unix_setcred_return", NULL, NULL);
- D(("recovered data indicates that old retval was %d", retval));
+ if(pretval) {
+ retval = *pretval;
+ free(pretval);
+ D(("recovered data indicates that old retval was %d", retval));
+ }
}
return retval;
}