summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--modules/pam_localuser/pam_localuser.c19
1 files changed, 7 insertions, 12 deletions
diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c
index e6dd72d0..249d09cf 100644
--- a/modules/pam_localuser/pam_localuser.c
+++ b/modules/pam_localuser/pam_localuser.c
@@ -95,29 +95,18 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
}
}
- /* open the file */
- fp = fopen(filename, "r");
- if(fp == NULL) {
- pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m",
- filename);
- return PAM_SERVICE_ERR;
- }
-
if(pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) {
pam_syslog (pamh, LOG_ERR, "user name not specified yet");
- fclose(fp);
return PAM_SERVICE_ERR;
}
if ((user_len = strlen(user)) == 0) {
pam_syslog (pamh, LOG_ERR, "user name not valid");
- fclose(fp);
return PAM_SERVICE_ERR;
}
if (user_len > sizeof(line) - sizeof(":")) {
pam_syslog (pamh, LOG_ERR, "user name too long");
- fclose(fp);
return PAM_SERVICE_ERR;
}
@@ -126,10 +115,16 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
* "root:x" is not a local user name even if the passwd file
* contains a line starting with "root:x:".
*/
- fclose(fp);
return PAM_PERM_DENIED;
}
+ /* Open the passwd file. */
+ if ((fp = fopen(filename, "r")) == NULL) {
+ pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m",
+ filename);
+ return PAM_SERVICE_ERR;
+ }
+
/*
* Scan the file using fgets() instead of fgetpwent_r() because
* the latter is not flexible enough in handling long lines
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 21:04:11 +0000