summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--modules/pam_env/pam_env.c17
2 files changed, 21 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 93ca6af9..57ec8afd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2008-07-26 Steve Langasek <vorlon@debian.org>
+
+ * modules/pam_env/pam_env.c: Fix module to skip over
+ non-alphanumeric variable names, and to handle the case when
+ asked to delete a non-existent variable.
+
2008-07-13 Tomas Mraz <t8m@centrum.cz>
* modules/pam_mail/pam_mail.8.xml: Module supports session and
diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index bcbb1881..80a20cd6 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -232,9 +232,14 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *env_file)
for ( i = 0 ; key[i] != '=' && key[i] != '\0' ; i++ )
if (!isalnum(key[i]) && key[i] != '_') {
- D(("key is not alpha numeric - '%s', ignoring", key));
- continue;
+ pam_syslog(pamh, LOG_ERR,
+ "non-alphanumeric key '%s' in %s', ignoring",
+ key, file);
+ break;
}
+ /* non-alphanumeric key, ignore this line */
+ if (key[i] != '=' && key[i] != '\0')
+ continue;
/* now we try to be smart about quotes around the value,
but not too smart, we can't get all fancy with escaped
@@ -248,6 +253,14 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *env_file)
key[i] = '\0';
}
+ /* if this is a request to delete a variable, check that it's
+ actually set first, so we don't get a vague error back from
+ pam_putenv() */
+ for (i = 0; key[i] != '=' && key[i] != '\0'; i++);
+
+ if (key[i] == '\0' && !pam_getenv(pamh,key))
+ continue;
+
/* set the env var, if it fails, we break out of the loop */
retval = pam_putenv(pamh, key);
if (retval != PAM_SUCCESS) {