From 4f8be4a370c231a9c69872c199e1cedf5e3d6b0f Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Sun, 4 Sep 2005 20:55:05 +0000 Subject: Relevant BUGIDs: none Purpose of commit: cleanup Commit summary: --------------- Replace _log_err with pam_syslog --- modules/pam_group/pam_group.c | 103 ++++++++++++++++++++---------------------- 1 file changed, 50 insertions(+), 53 deletions(-) (limited to 'modules/pam_group/pam_group.c') diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index d8d6d43e..99141e7c 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -53,20 +53,10 @@ typedef enum { AND, OR } operator; #include #include #include +#include /* --- static functions for checking whether the user should be let in --- */ -static void _log_err(const char *format, ... ) -{ - va_list args; - - va_start(args, format); - openlog("pam_group", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(LOG_CRIT, format, args); - va_end(args); - closelog(); -} - static void shift_bytes(char *mem, int from, int by) { while (by-- > 0) { @@ -81,14 +71,15 @@ static void shift_bytes(char *mem, int from, int by) * Therefore, always check buf after calling this to see if an error * occurred. */ -static int read_field(int fd, char **buf, int *from, int *to) +static int +read_field (const pam_handle_t *pamh, int fd, char **buf, int *from, int *to) { /* is buf set ? */ if (! *buf) { *buf = (char *) malloc(PAM_GROUP_BUFLEN); if (! *buf) { - _log_err("out of memory"); + pam_syslog(pamh,LOG_ERR,"out of memory"); return -1; } *from = *to = 0; @@ -98,7 +89,7 @@ static int read_field(int fd, char **buf, int *from, int *to) /* do we have a file open ? return error */ if (fd < 0 && *to <= 0) { - _log_err( PAM_GROUP_CONF " not opened"); + pam_syslog(pamh,LOG_ERR, PAM_GROUP_CONF " not opened"); memset(*buf, 0, PAM_GROUP_BUFLEN); _pam_drop(*buf); return -1; @@ -127,7 +118,7 @@ static int read_field(int fd, char **buf, int *from, int *to) i = read(fd, *to + *buf, PAM_GROUP_BUFLEN - *to); if (i < 0) { - _log_err("error reading " PAM_GROUP_CONF); + pam_syslog(pamh,LOG_ERR,"error reading " PAM_GROUP_CONF); close(fd); return -1; } else if (!i) { @@ -167,7 +158,7 @@ static int read_field(int fd, char **buf, int *from, int *to) *to -= j-i; ++i; } else { - _log_err("internal error in " __FILE__ + pam_syslog(pamh,LOG_ERR,"internal error in " __FILE__ " at line %d", __LINE__ ); close(fd); return -1; @@ -275,9 +266,11 @@ static int logic_member(const char *string, int *at) typedef enum { VAL, OP } expect; -static boolean logic_field(const void *me, const char *x, int rule, - boolean (*agrees)(const void *, const char * - , int, int)) +static boolean +logic_field (const pam_handle_t *pamh, const void *me, + const char *x, int rule, + boolean (*agrees)(const pam_handle_t *pamh, const void *, + const char *, int, int)) { boolean left=FALSE, right, not=FALSE; operator oper=OR; @@ -291,14 +284,14 @@ static boolean logic_field(const void *me, const char *x, int rule, if (c == '!') not = !not; else if (isalpha(c) || c == '*') { - right = not ^ agrees(me, x+at, l, rule); + right = not ^ agrees(pamh, me, x+at, l, rule); if (oper == AND) left &= right; else left |= right; next = OP; } else { - _log_err("garbled syntax; expected name (rule #%d)", rule); + pam_syslog(pamh,LOG_ERR,"garbled syntax; expected name (rule #%d)", rule); return FALSE; } } else { /* OP */ @@ -310,7 +303,7 @@ static boolean logic_field(const void *me, const char *x, int rule, oper = OR; break; default: - _log_err("garbled syntax; expected & or | (rule #%d)" + pam_syslog(pamh,LOG_ERR,"garbled syntax; expected & or | (rule #%d)" , rule); D(("%c at %d",c,at)); return FALSE; @@ -324,7 +317,8 @@ static boolean logic_field(const void *me, const char *x, int rule, } static boolean -is_same (const void *A, const char *b, int len, int rule UNUSED) +is_same (const pam_handle_t *pamh UNUSED, + const void *A, const char *b, int len, int rule UNUSED) { int i; const char *a; @@ -379,7 +373,9 @@ static TIME time_now(void) } /* take the current date and see if the range "date" passes it */ -static boolean check_time(const void *AT, const char *times, int len, int rule) +static boolean +check_time (const pam_handle_t *pamh, const void *AT, + const char *times, int len, int rule) { boolean not,pass; int marked_day, time_start, time_end; @@ -391,7 +387,7 @@ static boolean check_time(const void *AT, const char *times, int len, int rule) if (times == NULL) { /* this should not happen */ - _log_err("internal error: " __FILE__ " line %d", __LINE__); + pam_syslog(pamh,LOG_ERR,"internal error: " __FILE__ " line %d", __LINE__); return FALSE; } @@ -415,13 +411,13 @@ static boolean check_time(const void *AT, const char *times, int len, int rule) } j += 2; if (this_day == -1) { - _log_err("bad day specified (rule #%d)", rule); + pam_syslog(pamh,LOG_ERR,"bad day specified (rule #%d)", rule); return FALSE; } marked_day ^= this_day; } if (marked_day == 0) { - _log_err("no day specified"); + pam_syslog(pamh,LOG_ERR,"no day specified"); return FALSE; } D(("day range = 0%o", marked_day)); @@ -445,7 +441,7 @@ static boolean check_time(const void *AT, const char *times, int len, int rule) D(("i=%d, time_end=%d, times[j]='%c'", i, time_end, times[j])); if (i != 5 || time_end == -1) { - _log_err("no/bad times specified (rule #%d)", rule); + pam_syslog(pamh,LOG_ERR,"no/bad times specified (rule #%d)", rule); return TRUE; } D(("times(%d to %d)", time_start,time_end)); @@ -544,7 +540,7 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len) if (tmp != NULL) { (*list) = tmp; } else { - _log_err("out of memory for group list"); + pam_syslog(pamh,LOG_ERR,"out of memory for group list"); free(*list); (*list) = NULL; return -1; @@ -566,7 +562,7 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len) retval = pwdb_locate("group", PWDB_DEFAULT, buf+at , PWDB_ID_UNKNOWN, &pw); if (retval != PWDB_SUCCESS) { - _log_err("bad group: %s; %s", buf+at, pwdb_strerror(retval)); + pam_syslog(pamh,LOG_ERR,"bad group: %s; %s", buf+at, pwdb_strerror(retval)); } else { const struct pwdb_entry *pwe=NULL; @@ -577,7 +573,7 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len) (*list)[len++] = * (const gid_t *) pwe->value; pwdb_entry_delete(&pwe); /* tidy up */ } else { - _log_err("%s group entry is bad; %s" + pam_syslog(pamh,LOG_ERR,"%s group entry is bad; %s" , pwdb_strerror(retval)); } pw = NULL; /* break link - cached for later use */ @@ -589,7 +585,7 @@ static int mkgrplist(pam_handle_t *pamh, char *buf, gid_t **list, int len) grp = _pammodutil_getgrnam(pamh, buf+at); if (grp == NULL) { - _log_err("bad group: %s", buf+at); + pam_syslog(pamh,LOG_ERR,"bad group: %s", buf+at); } else { D(("group %s exists", buf+at)); (*list)[len++] = grp->gr_gid; @@ -654,7 +650,7 @@ static int check_account(pam_handle_t *pamh, const char *service, /* here we get the service name field */ - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (!buffer || !buffer[0]) { /* empty line .. ? */ continue; @@ -662,43 +658,43 @@ static int check_account(pam_handle_t *pamh, const char *service, ++count; D(("working on rule #%d",count)); - good = logic_field(service, buffer, count, is_same); + good = logic_field(pamh,service, buffer, count, is_same); D(("with service: %s", good ? "passes":"fails" )); /* here we get the terminal name field */ - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (!buffer || !buffer[0]) { - _log_err(PAM_GROUP_CONF "; no tty entry #%d", count); + pam_syslog(pamh,LOG_ERR,PAM_GROUP_CONF "; no tty entry #%d", count); continue; } - good &= logic_field(tty, buffer, count, is_same); + good &= logic_field(pamh,tty, buffer, count, is_same); D(("with tty: %s", good ? "passes":"fails" )); /* here we get the username field */ - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (!buffer || !buffer[0]) { - _log_err(PAM_GROUP_CONF "; no user entry #%d", count); + pam_syslog(pamh,LOG_ERR,PAM_GROUP_CONF "; no user entry #%d", count); continue; } - good &= logic_field(user, buffer, count, is_same); + good &= logic_field(pamh,user, buffer, count, is_same); D(("with user: %s", good ? "passes":"fails" )); /* here we get the time field */ - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (!buffer || !buffer[0]) { - _log_err(PAM_GROUP_CONF "; no time entry #%d", count); + pam_syslog(pamh,LOG_ERR,PAM_GROUP_CONF "; no time entry #%d", count); continue; } - good &= logic_field(&here_and_now, buffer, count, check_time); + good &= logic_field(pamh,&here_and_now, buffer, count, check_time); D(("with time: %s", good ? "passes":"fails" )); - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (!buffer || !buffer[0]) { - _log_err(PAM_GROUP_CONF "; no listed groups for rule #%d" + pam_syslog(pamh,LOG_ERR,PAM_GROUP_CONF "; no listed groups for rule #%d" , count); continue; } @@ -720,9 +716,10 @@ static int check_account(pam_handle_t *pamh, const char *service, /* check the line is terminated correctly */ - fd = read_field(fd,&buffer,&from,&to); + fd = read_field(pamh,fd,&buffer,&from,&to); if (buffer && buffer[0]) { - _log_err(PAM_GROUP_CONF "; poorly terminated rule #%d", count); + pam_syslog(pamh,LOG_ERR, + PAM_GROUP_CONF "; poorly terminated rule #%d", count); } if (good > 0) { @@ -747,7 +744,7 @@ static int check_account(pam_handle_t *pamh, const char *service, #endif if ((err = setgroups(no_grps, grps))) { D(("but couldn't set groups %d", err)); - _log_err("unable to set the group membership for user (err=%d)" + pam_syslog(pamh,LOG_ERR,"unable to set the group membership for user (err=%d)" , err); retval = PAM_CRED_ERR; } @@ -793,7 +790,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags, if (pam_get_item(pamh, PAM_SERVICE, &service) != PAM_SUCCESS || service == NULL) { - _log_err("cannot find the current service name"); + pam_syslog(pamh,LOG_ERR,"cannot find the current service name"); return PAM_ABORT; } @@ -801,7 +798,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags, if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL || *user == '\0') { - _log_err("cannot determine the user's name"); + pam_syslog(pamh,LOG_ERR,"cannot determine the user's name"); return PAM_USER_UNKNOWN; } @@ -812,11 +809,11 @@ pam_sm_setcred (pam_handle_t *pamh, int flags, D(("PAM_TTY not set, probing stdin")); tty = ttyname(STDIN_FILENO); if (tty == NULL) { - _log_err("couldn't get the tty name"); + pam_syslog(pamh,LOG_ERR,"couldn't get the tty name"); return PAM_ABORT; } if (pam_set_item(pamh, PAM_TTY, tty) != PAM_SUCCESS) { - _log_err("couldn't set tty name"); + pam_syslog(pamh,LOG_ERR,"couldn't set tty name"); return PAM_ABORT; } } @@ -842,7 +839,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags, (void) pwdb_end(); /* tidy up */ } else { D(("failed to initialize pwdb; %s", pwdb_strerror(retval))); - _log_err("unable to initialize libpwdb"); + pam_syslog(pamh,LOG_ERR,"unable to initialize libpwdb"); retval = PAM_ABORT; } -- cgit v1.2.3