From b1056a520bd46e79dce2342d732dbf7a40d23d1e Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Wed, 5 Mar 2008 20:21:38 +0000
Subject: Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-03-05  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Avoid
        unnecessary x_strdup() of resp.
        * modules/pam_ftp/pam_ftp(pam_sm_authenticate): Call _pam_overwrite()
        before dropping password resp.
---
 modules/pam_cracklib/pam_cracklib.c | 12 ++----------
 modules/pam_ftp/pam_ftp.c           |  2 ++
 2 files changed, 4 insertions(+), 10 deletions(-)

(limited to 'modules')

diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index 532a72b2..0c39f89d 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -642,16 +642,12 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 				 options.prompt_type[0]?" ":"");
 
 	    if (retval == PAM_SUCCESS) {     /* a good conversation */
-	        token1 = x_strdup(resp);
+	        token1 = resp;
                 if (token1 == NULL) {
 		    pam_syslog(pamh, LOG_NOTICE,
                                "could not recover authentication token 1");
 		    retval = PAM_AUTHTOK_RECOVERY_ERR;
 		}
-                /*
-                 * tidy up the conversation (resp_retcode) is ignored
-                 */
-                _pam_drop(resp);
             } else {
                 retval = (retval == PAM_SUCCESS) ?
                          PAM_AUTHTOK_RECOVERY_ERR:retval ;
@@ -710,16 +706,12 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 				 PROMPT2, options.prompt_type,
 				 options.prompt_type[0]?" ":"");
 	    if (retval == PAM_SUCCESS) {     /* a good conversation */
-	        token2 = x_strdup(resp);
+	        token2 = resp;
 	        if (token2 == NULL) {
 		    pam_syslog(pamh,LOG_NOTICE,
 			       "could not recover authentication token 2");
 		    retval = PAM_AUTHTOK_RECOVERY_ERR;
 		}
-                /*
-                 * tidy up the conversation (resp_retcode) is ignored
-                 */
-	        _pam_drop(resp);
             }
 
 	    /* No else, the a retval == PAM_SUCCESS path can change retval
diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c
index 11cdf590..7c546511 100644
--- a/modules/pam_ftp/pam_ftp.c
+++ b/modules/pam_ftp/pam_ftp.c
@@ -162,6 +162,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
 			       GUEST_LOGIN_PROMPT);
 
 	if (retval != PAM_SUCCESS) {
+	    _pam_overwrite (resp);
 	    _pam_drop (resp);
 	    return ((retval == PAM_CONV_AGAIN)
 		    ? PAM_INCOMPLETE:PAM_AUTHINFO_UNAVAIL);
@@ -200,6 +201,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
 	}
 
 	/* clean up */
+	_pam_overwrite(resp);
 	_pam_drop(resp);
 
 	/* success or failure */
-- 
cgit v1.2.3