New upstream version 1.1.5

author: Steve Langasek <steve.langasek@ubuntu.com> 2019-01-03 21:13:04 -0800
committer: Steve Langasek <steve.langasek@ubuntu.com> 2019-01-03 21:13:04 -0800
commit: c55c14c5c6762139ec6695d84ea0e2e917da5264 (patch)
tree: 9e6119760c93841b2bc3e05680ac9e4e15ae9c25 /modules/pam_env
parent: f3c0273b7bd2d7fdcac3fe3604cedd82afc57f49 (diff)
parent: fc772e7236a7aea9c9c26b0be2ee6f3ed8ae444a (diff)
1 files changed, 30 insertions, 15 deletions
diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index 8ac8ed33..e04f5b53 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -68,8 +68,8 @@ static int  _check_var(pam_handle_t *, VAR *);           /* This is the real mea
 static void _clean_var(VAR *);
 static int  _expand_arg(pam_handle_t *, char **);
 static const char * _pam_get_item_byname(pam_handle_t *, const char *);
-static int  _define_var(pam_handle_t *, VAR *);
-static int  _undefine_var(pam_handle_t *, VAR *);
+static int  _define_var(pam_handle_t *, int, VAR *);
+static int  _undefine_var(pam_handle_t *, int, VAR *);
 
 /* This is a flag used to designate an empty string */
 static char quote='Z';
@@ -99,7 +99,7 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
 	if (!strcmp(*argv,"debug"))
 	    ctrl |= PAM_DEBUG_ARG;
 	else if (!strncmp(*argv,"conffile=",9)) {
-	  if (*argv+9 == '\0') {
+	  if ((*argv)[9] == '\0') {
 	    pam_syslog(pamh, LOG_ERR,
 		       "conffile= specification missing argument - ignored");
 	  } else {
@@ -107,7 +107,7 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
 	    D(("new Configuration File: %s", *conffile));
 	  }
 	} else if (!strncmp(*argv,"envfile=",8)) {
-	  if (*argv+8 == '\0') {
+	  if ((*argv)[8] == '\0') {
 	    pam_syslog (pamh, LOG_ERR,
 			"envfile= specification missing argument - ignored");
 	  } else {
@@ -115,7 +115,7 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
 	    D(("new Env File: %s", *envfile));
 	  }
 	} else if (!strncmp(*argv,"user_envfile=",13)) {
-	  if (*argv+13 == '\0') {
+	  if ((*argv)[13] == '\0') {
 	    pam_syslog (pamh, LOG_ERR,
 			"user_envfile= specification missing argument - ignored");
 	  } else {
@@ -134,7 +134,7 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv,
 }
 
 static int
-_parse_config_file(pam_handle_t *pamh, const char *file)
+_parse_config_file(pam_handle_t *pamh, int ctrl, const char *file)
 {
     int retval;
     char buffer[BUF_SIZE];
@@ -168,10 +168,10 @@ _parse_config_file(pam_handle_t *pamh, const char *file)
 	retval = _check_var(pamh, var);
 
 	if (DEFINE_VAR == retval) {
-	  retval = _define_var(pamh, var);
+	  retval = _define_var(pamh, ctrl, var);
 
 	} else if (UNDEFINE_VAR == retval) {
-	  retval = _undefine_var(pamh, var);
+	  retval = _undefine_var(pamh, ctrl, var);
 	}
       }
       if (PAM_SUCCESS != retval && ILLEGAL_VAR != retval
@@ -191,7 +191,7 @@ _parse_config_file(pam_handle_t *pamh, const char *file)
 }
 
 static int
-_parse_env_file(pam_handle_t *pamh, const char *file)
+_parse_env_file(pam_handle_t *pamh, int ctrl, const char *file)
 {
     int retval=PAM_SUCCESS, i, t;
     char buffer[BUF_SIZE], *key, *mark;
@@ -267,6 +267,9 @@ _parse_env_file(pam_handle_t *pamh, const char *file)
 	if (retval != PAM_SUCCESS) {
 	    D(("error setting env \"%s\"", key));
 	    break;
+	} else if (ctrl & PAM_DEBUG_ARG) {
+	    pam_syslog(pamh, LOG_DEBUG,
+		       "pam_putenv(\"%s\")", key);
 	}
     }
 
@@ -287,6 +290,7 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len)
     char *p = buffer;
     char *s, *os;
     int used = 0;
+    int whitespace;
 
     /* loop broken with a 'break' when a non-'\\n' ended line is read */
 
@@ -309,8 +313,10 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len)
 
 	/* skip leading spaces --- line may be blank */
 
-	s = p + strspn(p, " \n\t");
+	whitespace = strspn(p, " \n\t");
+	s = p + whitespace;
 	if (*s && (*s != '#')) {
+	    used += whitespace;
 	    os = s;
 
 	    /*
@@ -564,6 +570,7 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
 	D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
 	pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>",
 		 tmp, tmpptr);
+	return PAM_BUF_ERR;
       }
       continue;
     }
@@ -625,6 +632,7 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
 	    D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
 	    pam_syslog (pamh, LOG_ERR,
 			"Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
+	    return PAM_BUF_ERR;
 	  }
 	}
       }           /* if ('{' != *orig++) */
@@ -636,6 +644,7 @@ static int _expand_arg(pam_handle_t *pamh, char **value)
 	D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
 	pam_syslog(pamh, LOG_ERR,
 		   "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
+	return PAM_BUF_ERR;
       }
     }
   }              /* for (;*orig;) */
@@ -691,7 +700,7 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
   return itemval;
 }
 
-static int _define_var(pam_handle_t *pamh, VAR *var)
+static int _define_var(pam_handle_t *pamh, int ctrl, VAR *var)
 {
   /* We have a variable to define, this is a simple function */
 
@@ -705,16 +714,22 @@ static int _define_var(pam_handle_t *pamh, VAR *var)
   }
 
   retval = pam_putenv(pamh, envvar);
+  if (ctrl & PAM_DEBUG_ARG) {
+    pam_syslog(pamh, LOG_DEBUG, "pam_putenv(\"%s\")", envvar);
+  }
   _pam_drop(envvar);
   D(("Exit."));
   return retval;
 }
 
-static int _undefine_var(pam_handle_t *pamh, VAR *var)
+static int _undefine_var(pam_handle_t *pamh, int ctrl, VAR *var)
 {
   /* We have a variable to undefine, this is a simple function */
 
   D(("Called and exit."));
+  if (ctrl & PAM_DEBUG_ARG) {
+    pam_syslog(pamh, LOG_DEBUG, "remove variable \"%s\"", var->name);
+  }
   return pam_putenv(pamh, var->name);
 }
 
@@ -762,10 +777,10 @@ handle_env (pam_handle_t *pamh, int argc, const char **argv)
   ctrl = _pam_parse(pamh, argc, argv, &conf_file, &env_file,
 		    &readenv, &user_env_file, &user_readenv);
 
-  retval = _parse_config_file(pamh, conf_file);
+  retval = _parse_config_file(pamh, ctrl, conf_file);
 
   if(readenv && retval == PAM_SUCCESS) {
-    retval = _parse_env_file(pamh, env_file);
+    retval = _parse_env_file(pamh, ctrl, env_file);
     if (retval == PAM_IGNORE)
       retval = PAM_SUCCESS;
   }
@@ -795,7 +810,7 @@ handle_env (pam_handle_t *pamh, int argc, const char **argv)
 	if (pam_modutil_drop_priv(pamh, &privs, user_entry)) {
 	  retval = PAM_SESSION_ERR;
 	} else {
-	  retval = _parse_config_file(pamh, envpath);
+	  retval = _parse_config_file(pamh, ctrl, envpath);
 	  if (pam_modutil_regain_priv(pamh, &privs))
 	    retval = PAM_SESSION_ERR;
 	}
author	Steve Langasek <steve.langasek@ubuntu.com>	2019-01-03 21:13:04 -0800
committer	Steve Langasek <steve.langasek@ubuntu.com>	2019-01-03 21:13:04 -0800
commit	c55c14c5c6762139ec6695d84ea0e2e917da5264 (patch)
tree	9e6119760c93841b2bc3e05680ac9e4e15ae9c25 /modules/pam_env
parent	f3c0273b7bd2d7fdcac3fe3604cedd82afc57f49 (diff)
parent	fc772e7236a7aea9c9c26b0be2ee6f3ed8ae444a (diff)