diff options
| author | Steve Langasek <vorlon@debian.org> | 2001-07-10 20:24:16 +0000 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2001-07-10 20:24:16 +0000 |
| commit | 1c3bff246cd5c22565ba6fbec1658852c9f99224 (patch) | |
| tree | 64d882a1c56887e470b6d55fe7d6dd5fdf9228e2 /modules/pam_unix/support.c | |
| parent | e5d527e8dfba82f1c47f6b1d3751cf2f17cf2cab (diff) | |
Relevant BUGIDs: 440107
Purpose of commit: bugfix/cleanup
Commit summary:
---------------
Removed superfluous use of static variables in md5 and bigcrypt routines,
bringing us a step closer to thread-safeness. Eliminated some variable
indirection along the way.
Diffstat (limited to 'modules/pam_unix/support.c')
| -rw-r--r-- | modules/pam_unix/support.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 69071408..964d1a46 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -570,6 +570,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name if (!strncmp(salt, "$1$", 3)) { pp = Goodcrypt_md5(p, salt); if (strcmp(pp, salt) != 0) { + _pam_delete(pp); pp = Brokencrypt_md5(p, salt); } } else { @@ -661,7 +662,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name if (salt) _pam_delete(salt); if (pp) - _pam_overwrite(pp); + _pam_delete(pp); D(("done [%d].", retval)); @@ -682,7 +683,6 @@ int _unix_read_password(pam_handle_t * pamh { int authtok_flag; int retval; - const char *item; char *token; D(("called")); @@ -704,16 +704,14 @@ int _unix_read_password(pam_handle_t * pamh */ if (on(UNIX_TRY_FIRST_PASS, ctrl) || on(UNIX_USE_FIRST_PASS, ctrl)) { - retval = pam_get_item(pamh, authtok_flag, (const void **) &item); + retval = pam_get_item(pamh, authtok_flag, (const void **) pass); if (retval != PAM_SUCCESS) { /* very strange. */ _log_err(LOG_ALERT, pamh ,"pam_get_item returned error to unix-read-password" ); return retval; - } else if (item != NULL) { /* we have a password! */ - *pass = item; - item = NULL; + } else if (*pass != NULL) { /* we have a password! */ return PAM_SUCCESS; } else if (on(UNIX_USE_FIRST_PASS, ctrl)) { return PAM_AUTHTOK_RECOVER_ERR; /* didn't work */ @@ -812,9 +810,10 @@ int _unix_read_password(pam_handle_t * pamh _pam_delete(token); /* clean it up */ if (retval != PAM_SUCCESS || (retval = pam_get_item(pamh, authtok_flag - ,(const void **) &item)) + ,(const void **) pass)) != PAM_SUCCESS) { + *pass = NULL; _log_err(LOG_CRIT, pamh, "error manipulating password"); return retval; @@ -833,13 +832,10 @@ int _unix_read_password(pam_handle_t * pamh _pam_delete(token); return retval; } - item = token; + *pass = token; token = NULL; /* break link to password */ } - *pass = item; - item = NULL; /* break link to password */ - return PAM_SUCCESS; } |