summaryrefslogtreecommitdiff
path: root/modules/pam_filter/pam_filter.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_filter/pam_filter.c')
-rw-r--r--modules/pam_filter/pam_filter.c60
1 files changed, 26 insertions, 34 deletions
diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c
index 8ab7981a..2f0af4fb 100644
--- a/modules/pam_filter/pam_filter.c
+++ b/modules/pam_filter/pam_filter.c
@@ -1,5 +1,5 @@
/*
- * $Id$
+ * pam_filter module
*
* written by Andrew Morgan <morgan@transmeta.com> with much help from
* Richard Stevens' UNIX Network Programming book.
@@ -25,11 +25,6 @@
#include <signal.h>
-#define PAM_SM_AUTH
-#define PAM_SM_ACCOUNT
-#define PAM_SM_SESSION
-#define PAM_SM_PASSWORD
-
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include "pam_filter.h"
@@ -114,38 +109,37 @@ static int process_args(pam_handle_t *pamh
return -1;
}
- for (size=i=0; i<argc; ++i) {
- size += strlen(argv[i])+1;
- }
-
/* the "ARGS" variable */
-#define ARGS_OFFSET 5 /* strlen('ARGS='); */
#define ARGS_NAME "ARGS="
+#define ARGS_OFFSET (sizeof(ARGS_NAME) - 1)
+
+ size = sizeof(ARGS_NAME);
- size += ARGS_OFFSET;
+ for (i=0; i<argc; ++i) {
+ size += strlen(argv[i]) + (i != 0);
+ }
- levp[0] = (char *) malloc(size);
+ levp[0] = malloc(size);
if (levp[0] == NULL) {
pam_syslog(pamh, LOG_CRIT, "no memory for filter arguments");
- if (levp) {
- free(levp);
- }
+ free(levp);
return -1;
}
- strncpy(levp[0],ARGS_NAME,ARGS_OFFSET);
- for (i=0,size=ARGS_OFFSET; i<argc; ++i) {
+ strcpy(levp[0], ARGS_NAME);
+ size = ARGS_OFFSET;
+ for (i=0; i<argc; ++i) {
+ if (i)
+ levp[0][size++] = ' ';
strcpy(levp[0]+size, argv[i]);
size += strlen(argv[i]);
- levp[0][size++] = ' ';
}
- levp[0][--size] = '\0'; /* <NUL> terminate */
/* the "SERVICE" variable */
-#define SERVICE_OFFSET 8 /* strlen('SERVICE='); */
#define SERVICE_NAME "SERVICE="
+#define SERVICE_OFFSET (sizeof(SERVICE_NAME) - 1)
retval = pam_get_item(pamh, PAM_SERVICE, &tmp);
if (retval != PAM_SUCCESS || tmp == NULL) {
@@ -168,17 +162,16 @@ static int process_args(pam_handle_t *pamh
return -1;
}
- strncpy(levp[1],SERVICE_NAME,SERVICE_OFFSET);
+ strcpy(levp[1], SERVICE_NAME);
strcpy(levp[1]+SERVICE_OFFSET, tmp);
levp[1][size] = '\0'; /* <NUL> terminate */
/* the "USER" variable */
-#define USER_OFFSET 5 /* strlen('USER='); */
#define USER_NAME "USER="
+#define USER_OFFSET (sizeof(USER_NAME) - 1)
- if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS ||
- user == NULL) {
+ if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) {
user = "<unknown>";
}
size = USER_OFFSET+strlen(user);
@@ -194,14 +187,14 @@ static int process_args(pam_handle_t *pamh
return -1;
}
- strncpy(levp[2],USER_NAME,USER_OFFSET);
+ strcpy(levp[2], USER_NAME);
strcpy(levp[2]+USER_OFFSET, user);
levp[2][size] = '\0'; /* <NUL> terminate */
/* the "USER" variable */
-#define TYPE_OFFSET 5 /* strlen('TYPE='); */
#define TYPE_NAME "TYPE="
+#define TYPE_OFFSET (sizeof(TYPE_NAME) - 1)
size = TYPE_OFFSET+strlen(type);
@@ -217,7 +210,7 @@ static int process_args(pam_handle_t *pamh
return -1;
}
- strncpy(levp[3],TYPE_NAME,TYPE_OFFSET);
+ strcpy(levp[3], TYPE_NAME);
strcpy(levp[3]+TYPE_OFFSET, type);
levp[3][size] = '\0'; /* <NUL> terminate */
@@ -253,7 +246,7 @@ static void free_evp(char *evp[])
static int
set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
- const char **evp, const char *filtername)
+ char * const evp[], const char *filtername)
{
int status=-1;
char* terminal = NULL;
@@ -296,7 +289,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
struct termios t_mode = stored_mode;
t_mode.c_iflag = 0; /* no input control */
- t_mode.c_oflag &= ~OPOST; /* no ouput post processing */
+ t_mode.c_oflag &= ~OPOST; /* no output post processing */
/* no signals, canonical input, echoing, upper/lower output */
#ifdef XCASE
@@ -376,7 +369,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
/* grant slave terminal */
if (grantpt (fd[0]) < 0) {
- pam_syslog(pamh, LOG_ERR, "Cannot grant acccess to slave terminal");
+ pam_syslog(pamh, LOG_ERR, "Cannot grant access to slave terminal");
return PAM_ABORT;
}
@@ -444,7 +437,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
close(fd[1]);
- /* the current process is now aparently working with filtered
+ /* the current process is now apparently working with filtered
stdio/stdout/stderr --- success! */
return PAM_SUCCESS;
@@ -632,8 +625,7 @@ static int need_a_filter(pam_handle_t *pamh
}
if (retval == PAM_SUCCESS && (ctrl & which_run)) {
- retval = set_filter(pamh, flags, ctrl
- , (const char **)evp, filterfile);
+ retval = set_filter(pamh, flags, ctrl, evp, filterfile);
}
if (retval == PAM_SUCCESS
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-22 01:46:52 +0000