summaryrefslogtreecommitdiff
path: root/modules/pam_tally
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2006-05-02 10:06:10 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2006-05-02 10:06:10 +0000
commit83a4eb58b6acfa6d28985a7581b8d549738f5a82 (patch)
tree8e4d7468aa42a98dfceab5275e7d9bd63a59c5d1 /modules/pam_tally
parent68deffc465fe3224b639c8482e23d717ea532900 (diff)
Relevant BUGIDs: 1478180
Purpose of commit: bugfix Commit summary: --------------- 2006-05-02 Thorsten Kukuk <kukuk@suse.de> * modules/pam_tally/pam_tally.c: Always close file handle in error case, don't close it depending on *TALLY value [#1478180]
Diffstat (limited to 'modules/pam_tally')
-rw-r--r--modules/pam_tally/pam_tally.c44
1 files changed, 21 insertions, 23 deletions
diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c
index 9abe7d49..71dc70bd 100644
--- a/modules/pam_tally/pam_tally.c
+++ b/modules/pam_tally/pam_tally.c
@@ -379,26 +379,27 @@ static int
set_tally(pam_handle_t *pamh, tally_t tally, uid_t uid,
const char *filename, FILE **TALLY, struct fail_s *fsp)
{
- if ( tally!=TALLY_HI )
- {
- if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
- pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
- return PAM_AUTH_ERR;
- }
- fsp->fs_faillog.fail_cnt = tally;
- if (fwrite((char *) &fsp->fs_faillog,
+ int retval = PAM_SUCCESS;
+
+ if ( tally!=TALLY_HI ) {
+ if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
+ pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
+ retval = PAM_AUTH_ERR;
+ } else {
+ fsp->fs_faillog.fail_cnt = tally;
+ if (fwrite((char *) &fsp->fs_faillog,
sizeof(struct faillog), 1, *TALLY)==0 ) {
- pam_syslog(pamh, LOG_ALERT, "update (fwrite) failed for %s", filename);
- return PAM_AUTH_ERR;
- }
+ pam_syslog(pamh, LOG_ALERT, "update (fwrite) failed for %s", filename);
+ retval = PAM_AUTH_ERR;
}
+ }
if ( fclose(*TALLY) ) {
pam_syslog(pamh, LOG_ALERT, "update (fclose) failed for %s", filename);
return PAM_AUTH_ERR;
}
*TALLY=NULL;
- return PAM_SUCCESS;
+ return retval;
}
/*---------------------------------------------------------------------*/
@@ -415,7 +416,7 @@ set_tally(pam_handle_t *pamh, tally_t tally, uid_t uid,
static int
tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
- uid_t uid, const char *user, struct tally_options *opts)
+ uid_t uid, const char *user, struct tally_options *opts)
{
tally_t
tally = 0; /* !TALLY_HI --> Log opened for update */
@@ -429,7 +430,7 @@ tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
int i;
i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
/* to remember old fail time (for locktime) */
fsp->fs_fail_time = fsp->fs_faillog.fail_time;
@@ -475,14 +476,14 @@ tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
}
i=set_tally(pamh, tally, uid, opts->filename, &TALLY, fsp );
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
return PAM_SUCCESS;
}
static int
tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
- const char *user, struct tally_options *opts)
+ const char *user, struct tally_options *opts)
{
tally_t
deny = opts->deny;
@@ -496,7 +497,6 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
int i;
i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
- if (TALLY) fclose(TALLY);
if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) { /* magic_root skips tally check */
@@ -558,7 +558,7 @@ tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts)
int i;
i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
/* resets if not magic root
*/
@@ -574,7 +574,7 @@ tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts)
}
i=set_tally(pamh, tally, uid, opts->filename, &TALLY, fsp);
- if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); }
+ if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
return PAM_SUCCESS;
}
@@ -732,7 +732,7 @@ static int cline_quiet = 0;
*/
static const char *
-pam_errors( int i )
+pam_errors( int i )
{
switch (i) {
case PAM_AUTH_ERR: return _("Authentication error");
@@ -743,7 +743,7 @@ pam_errors( int i )
}
static int
-getopts( char **argv )
+getopts( char **argv )
{
const char *pname = *argv;
for ( ; *argv ; (void)(*argv && ++argv) ) {
@@ -801,7 +801,6 @@ int main ( int argc UNUSED, char **argv )
i=get_tally(NULL, &tally, uid, cline_filename, &TALLY, fsp);
if ( i != PAM_SUCCESS ) {
- if (TALLY) fclose(TALLY);
fprintf(stderr,"%s: %s\n",*argv,pam_errors(i));
exit(0);
}
@@ -812,7 +811,6 @@ int main ( int argc UNUSED, char **argv )
i=set_tally(NULL, cline_reset, uid, cline_filename, &TALLY, fsp);
if ( i != PAM_SUCCESS ) {
- if (TALLY) fclose(TALLY);
fprintf(stderr,"%s: %s\n",*argv,pam_errors(i));
exit(0);
}