Relevant BUGIDs: none

Purpose of commit: new feature Commit summary: --------------- Change major version number back to "0". Add more patches from ALT-Linux/OWL:
author: Thorsten Kukuk <kukuk@thkukuk.de> 2005-08-23 13:44:21 +0000
committer: Thorsten Kukuk <kukuk@thkukuk.de> 2005-08-23 13:44:21 +0000
commit: 48f76ecb25bae6ab86468be253b17de38b55b08d (patch)
tree: ad3b365b0f607537b0c46d92f34de4c1392fa57b /modules
parent: ed5d20953e60da5aefb4214305e11810633567e8 (diff)
2 files changed, 69 insertions, 65 deletions
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index d21ad16a..10ff8969 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -61,6 +61,7 @@ static const char *limits_def_names[] = {
 };
 
 struct user_limits_struct {
+    int supported;
     int src_soft;
     int src_hard;
     struct rlimit limit;
@@ -73,7 +74,6 @@ struct pam_limit_s {
     int flag_numsyslogins; /* whether to limit logins only for a
 			      specific user or to count all logins */
     int priority;	 /* the priority to run user process with */
-    int supported[RLIM_NLIMITS];
     struct user_limits_struct limits[RLIM_NLIMITS];
     char conf_file[BUFSIZ];
     int utmp_after_pam_call;
@@ -229,13 +229,12 @@ static int init_limits(struct pam_limit_s *pl)
     for(i = 0; i < RLIM_NLIMITS; i++) {
 	int r = getrlimit(i, &pl->limits[i].limit);
 	if (r == -1) {
-	    if (errno == EINVAL) {
-		pl->supported[i] = 0;
-	    } else {
+	    pl->limits[i].supported = 0;
+	    if (errno != EINVAL) {
 		retval = !PAM_SUCCESS;
 	    }
 	} else {
-	    pl->supported[i] = 1;
+	    pl->limits[i].supported = 1;
 	    pl->limits[i].src_soft = LIMITS_DEF_NONE;
 	    pl->limits[i].src_hard = LIMITS_DEF_NONE;
 	}
@@ -570,12 +569,17 @@ static int setup_limits(pam_handle_t *pamh,
     }
 
     for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) {
-        if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max)
-            pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max;
-	if (!pl->supported[i]) {
+	if (!pl->limits[i].supported) {
 	    /* skip it if its not known to the system */
 	    continue;
 	}
+	if (pl->limits[i].src_soft == LIMITS_DEF_NONE &&
+	    pl->limits[i].src_hard == LIMITS_DEF_NONE) {
+	    /* skip it if its not initialized */
+	    continue;
+	}
+        if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max)
+            pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max;
 	status |= setrlimit(i, &pl->limits[i].limit);
     }
 
@@ -634,7 +638,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
     retval = init_limits(&pl);
     if (retval != PAM_SUCCESS) {
         _pam_log(LOG_WARNING, "cannot initialize");
-        return PAM_IGNORE;
+        return PAM_ABORT;
     }
 
     retval = parse_config_file(pamh, pwd->pw_name, ctrl, &pl);
@@ -644,7 +648,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
     }
     if (retval != PAM_SUCCESS) {
         _pam_log(LOG_WARNING, "error parsing the configuration file");
-        return PAM_IGNORE;
+        return retval;
     }
 
     if (ctrl & PAM_DO_SETREUID) {
diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c
index 291d76d9..5cea38bf 100644
--- a/modules/pam_motd/pam_motd.c
+++ b/modules/pam_motd/pam_motd.c
@@ -47,23 +47,17 @@ pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED,
 static char default_motd[] = DEFAULT_MOTD;
 
 PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
-                   const char **argv)
+int pam_sm_open_session(pam_handle_t *pamh, int flags,
+			int argc, const char **argv)
 {
-     int retval = PAM_IGNORE;
-     int fd;
-     char *mtmp=NULL;
-     char *motd_path=NULL;
-     const void *void_conv;
-     const struct pam_conv *conversation;
-     struct pam_message message;
-     struct pam_message *pmessage = &message;
-     struct pam_response *resp = NULL;
-     struct stat st;
-
-     if (flags & PAM_SILENT) {
+    int retval = PAM_IGNORE;
+    int fd;
+    char *motd_path = NULL;
+    char *mtmp = NULL;
+
+    if (flags & PAM_SILENT) {
 	return retval;
-     }
+    }
 
     for (; argc-- > 0; ++argv) {
         if (!strncmp(*argv,"motd=",5)) {
@@ -75,49 +69,55 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
                 D(("failed to duplicate motd path - ignored"));
             }
 	}
-     }
+    }
 
-     if (motd_path == NULL)
+    if (motd_path == NULL)
 	motd_path = default_motd;
 
-     message.msg_style = PAM_TEXT_INFO;
-
-     if ((fd = open(motd_path, O_RDONLY, 0)) >= 0) {
-       if (motd_path != default_motd)
-         free(motd_path);
-       /* fill in message buffer with contents of motd */
-       if ((fstat(fd, &st) < 0) || !st.st_size) {
-         close(fd);
-         return retval;
-       }
-       message.msg = mtmp = malloc(st.st_size+1);
-       /* if malloc failed... */
-       if (!message.msg) {
-           close(fd);
-           return retval;
-       }
-       if (_pammodutil_read(fd, mtmp, st.st_size) == st.st_size) {
-	   if (mtmp[st.st_size-1] == '\n')
-		mtmp[st.st_size-1] = '\0';
-	   else
-		mtmp[st.st_size] = '\0';
-	   close(fd);
-
- 	   /* Use conversation function to give user contents of motd */
-	   if (pam_get_item(pamh, PAM_CONV, &void_conv) ==
-	               PAM_SUCCESS && void_conv) {
-	       conversation = void_conv;
-	       conversation->conv(1, (const struct pam_message **)&pmessage,
-	            &resp, conversation->appdata_ptr);
-	       if (resp)
-	           _pam_drop_reply(resp, 1);
-           }
-       }
-       free(mtmp);
-     } else {
-       if (motd_path != default_motd)
-         free(motd_path);
-     }
+    while ((fd = open(motd_path, O_RDONLY, 0)) >= 0) {
+	const void *void_conv = NULL;
+	struct pam_message message;
+	struct pam_message *pmessage = &message;
+	struct pam_response *resp = NULL;
+	struct stat st;
+
+	/* fill in message buffer with contents of motd */
+	if ((fstat(fd, &st) < 0) || !st.st_size || st.st_size > 0x10000)
+	    break;
+
+	if (!(message.msg = mtmp = malloc(st.st_size+1)))
+	    break;
+
+	if (_pammodutil_read(fd, mtmp, st.st_size) != st.st_size)
+	    break;
+
+	if (mtmp[st.st_size-1] == '\n')
+	    mtmp[st.st_size-1] = '\0';
+	else
+	    mtmp[st.st_size] = '\0';
+
+	message.msg_style = PAM_TEXT_INFO;
+
+	/* Use conversation function to give user contents of motd */
+	if (pam_get_item(pamh, PAM_CONV, &void_conv) == PAM_SUCCESS
+	    && void_conv) {
+	    const struct pam_conv *conversation = void_conv;
+	    conversation->conv(1, (const struct pam_message **)&pmessage,
+			       &resp, conversation->appdata_ptr);
+	    if (resp)
+		_pam_drop_reply(resp, 1);
+	}
+
+	break;
+    }
+
+    free(mtmp);
+
+    if (fd >= 0)
+	close(fd);
+
+    if (motd_path != default_motd)
+	free(motd_path);
 
      return retval;
 }
author	Thorsten Kukuk <kukuk@thkukuk.de>	2005-08-23 13:44:21 +0000
committer	Thorsten Kukuk <kukuk@thkukuk.de>	2005-08-23 13:44:21 +0000
commit	48f76ecb25bae6ab86468be253b17de38b55b08d (patch)
tree	ad3b365b0f607537b0c46d92f34de4c1392fa57b /modules
parent	ed5d20953e60da5aefb4214305e11810633567e8 (diff)