pam_tty_audit: Fix regression introduced by adding the uid range support.

* modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): Fix constification and
remove unneeded code carried from pam_limits.
(pam_sm_open_session): When multiple enable/disable options are present do not
stop after first match.

1 files changed, 3 insertions, 5 deletions

diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c
index c76026a0..79e5d511 100644
--- a/modules/pam_tty_audit/pam_tty_audit.c
+++ b/modules/pam_tty_audit/pam_tty_audit.c
@@ -207,7 +207,7 @@ parse_uid_range(pam_handle_t *pamh, const char *s,
                 uid_t *min_uid, uid_t *max_uid)
 {
     const char *range = s;
-    char *pmax;
+    const char *pmax;
     char *endptr;
     enum uid_range rv = UID_RANGE_MM;
 
@@ -215,9 +215,6 @@ parse_uid_range(pam_handle_t *pamh, const char *s,
         return UID_RANGE_NONE;
     ++pmax;
 
-    if (range[0] == '@' || range[0] == '%')
-        ++range;
-
     if (range[0] == ':')
         rv = UID_RANGE_ONE;
     else {
@@ -298,7 +295,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	  if (copy == NULL)
 	    return PAM_SESSION_ERR;
 	  for (tok = strtok_r (copy, ",", &tok_data);
-	       tok != NULL && command == CMD_NONE;
+	       tok != NULL && command != this_command;
 	       tok = strtok_r (NULL, ",", &tok_data))
 	    {
 	      uid_t min_uid = 0, max_uid = 0;
@@ -319,6 +316,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
 		case UID_RANGE_ONE:
 		    if (pwd->pw_uid == max_uid)
 			command = this_command;
+		    break;
 		case UID_RANGE_ERR:
 		    break;
 		}