aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2008-03-19 09:50:00 +0000
committerSergey Poznyakoff <gray@gnu.org.ua>2008-03-19 09:50:00 +0000
commit06aaf68ec3764ec42b6226f27e294bb9f7b7fed6 (patch)
tree063e13431f9ac790d983c4bea91ec94457986c1b
parent80aafa9dcf019a68ce2a9958f4ec09026c44f2dc (diff)
downloadpam-modules-06aaf68ec3764ec42b6226f27e294bb9f7b7fed6.tar.gz
pam-modules-06aaf68ec3764ec42b6226f27e294bb9f7b7fed6.tar.bz2
* configure.ac: Check for pam libraries and header files.
* pam_sql/pam_mysql.c (mysql_setenv): Protect by #ifdef HAVE_PAM_MISC_SETENV. Prevent coredumps on NULL values. * pam_sql/pam_pgsql.c (pgsql_setenv): Likewise. * pam_sql/Makefile.am (pam_mysql_la_LDADD,pam_pgsql_la_LDADD): Add @PAM_MISC@. * pam_sql/pam_sql.c (read_config): Read lines of arbitrary length. git-svn-id: file:///svnroot/pam-modules/trunk@90 56984be4-0537-0410-a56c-fcb268c96130
-rw-r--r--configure.ac14
-rw-r--r--pam_sql/Makefile.am4
-rw-r--r--pam_sql/pam_mysql.c22
-rw-r--r--pam_sql/pam_pgsql.c13
-rw-r--r--pam_sql/pam_sql.c17
5 files changed, 51 insertions, 19 deletions
diff --git a/configure.ac b/configure.ac
index c7b0987..1fdc24a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -34,11 +34,21 @@ AC_PROG_INSTALL
AM_PROG_LIBTOOL
dnl Checks for libraries.
+AC_CHECK_LIB(pam, pam_get_item,:,
+ [AC_MSG_ERROR([Required library libpam is not found])])
AC_CHECK_LIB(crypt, crypt)
-
+AC_SUBST(PAM_MISC)
+AH_TEMPLATE([HAVE_PAM_MISC_SETENV],[Define if pam_misc_setenv is available.])
+AC_CHECK_LIB(pam_misc, pam_misc_setenv,
+ [PAM_MISC=-lpam_misc
+ AC_DEFINE([HAVE_PAM_MISC_SETENV],1)],:,[-lpam])
+
dnl Checks for header files.
AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h syslog.h unistd.h crypt.h)
+AC_CHECK_HEADERS(security/pam_appl.h security/pam_modules.h,
+ :,
+ AC_MSG_ERROR([Required PAM header files not found]))
+AC_CHECK_HEADERS(fcntl.h syslog.h unistd.h crypt.h security/_pam_aconf.h)
AC_CHECK_HEADER(shadow.h,
[],
[AC_MSG_ERROR(shadow.h is not present on your system)])
diff --git a/pam_sql/Makefile.am b/pam_sql/Makefile.am
index 36cea87..49d0e8c 100644
--- a/pam_sql/Makefile.am
+++ b/pam_sql/Makefile.am
@@ -15,9 +15,9 @@ EXTRA_PROGRAMS = pam_mysql.la pam_pgsql.la
EXTRA_DIST = sha1.h sha1.c pam_sql.c md5.c md5.h
LDADD = ../lib/libgraypam.la
pam_mysql_la_SOURCES = pam_mysql.c pam_sql.c
-pam_mysql_la_LDADD = -lpam @MYSQLLIBS@
+pam_mysql_la_LDADD = -lpam @PAM_MISC@ @MYSQLLIBS@
pam_pgsql_la_SOURCES = pam_pgsql.c pam_sql.c
-pam_pgsql_la_LDADD = -lpam @PGSQLLIBS@
+pam_pgsql_la_LDADD = -lpam @PAM_MISC@ @PGSQLLIBS@
AM_LDFLAGS = -version-info @VI_CURRENT@:@VI_REVISION@:@VI_AGE@
AM_CPPFLAGS=-DSYSCONFDIR=\"${sysconfdir}\"
diff --git a/pam_sql/pam_mysql.c b/pam_sql/pam_mysql.c
index 00478ca..2c0d578 100644
--- a/pam_sql/pam_mysql.c
+++ b/pam_sql/pam_mysql.c
@@ -304,10 +304,8 @@ mysql_do_query(MYSQL *mysql, const char *query)
static int
mysql_setenv(pam_handle_t *pamh, MYSQL *mysql, const char *query)
{
+#ifdef HAVE_PAM_MISC_SETENV
MYSQL_RES *result;
- MYSQL_ROW row;
- MYSQL_FIELD *fields;
- size_t nf, i;
DEBUG(10,("Executing %s", query));
if (mysql_query(mysql, query)) {
@@ -319,13 +317,21 @@ mysql_setenv(pam_handle_t *pamh, MYSQL *mysql, const char *query)
mysql_error(mysql));
return PAM_SERVICE_ERR;
}
- row = mysql_fetch_row(result);
- fields = mysql_fetch_fields(result);
- nf = mysql_num_fields(result);
- for (i = 0; i < nf; i++)
- pam_misc_setenv(pamh, fields[i].name, row[i], 0);
+ if (mysql_num_rows(result)) {
+ MYSQL_ROW row = mysql_fetch_row(result);
+ MYSQL_FIELD *fields = mysql_fetch_fields(result);
+ size_t i, nf = mysql_num_fields(result);
+ for (i = 0; i < nf; i++)
+ if (row[i])
+ pam_misc_setenv(pamh, fields[i].name,
+ row[i], 0);
+ }
mysql_free_result(result);
return PAM_SUCCESS;
+#else
+ _pam_log(LOG_ERR, "MySQL: PAM setenv is not available.");
+ return PAM_SERVICE_ERR;
+#endif
}
static int
diff --git a/pam_sql/pam_pgsql.c b/pam_sql/pam_pgsql.c
index 896b1df..65f2670 100644
--- a/pam_sql/pam_pgsql.c
+++ b/pam_sql/pam_pgsql.c
@@ -60,6 +60,7 @@ pgsql_do_query(PGconn **ppgconn, PGresult **pres, const char *query)
static int
pgsql_setenv(pam_handle_t *pamh, PGconn *pgconn, const char *query)
{
+#ifdef HAVE_PAM_MISC_SETENV
int rc;
PGresult *res;
@@ -71,20 +72,26 @@ pgsql_setenv(pam_handle_t *pamh, PGconn *pgconn, const char *query)
} else if (PQresultStatus(res) != PGRES_TUPLES_OK) {
_pam_log(LOG_ERR, "PQexec: query did not return tuples");
rc = PAM_SERVICE_ERR;
- } else {
+ } else if (PQntuples(res) > 0) {
char *p;
int i, nf;
nf = PQnfields(res);
for (i = 0; i < nf; i++) {
p = PQgetvalue(res, 0, i);
- chop(p);
- pam_misc_setenv(pamh, PQfname(res, i), p, 0);
+ if (p) {
+ chop(p);
+ pam_misc_setenv(pamh, PQfname(res, i), p, 0);
+ }
}
rc = PAM_SUCCESS;
}
PQclear(res);
return rc;
+#else
+ _pam_log(LOG_ERR, "MySQL: PAM setenv is not available.");
+ return PAM_SERVICE_ERR;
+#endif
}
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c
index 60640e7..bdeb0f4 100644
--- a/pam_sql/pam_sql.c
+++ b/pam_sql/pam_sql.c
@@ -248,9 +248,18 @@ read_config ()
if (len == 0)
continue;
if (p[len-1] != '\n') {
- _pam_log(LOG_EMERG, "%s:%d: string too long",
- config_file, line);
- continue;
+ if (!slist)
+ slist = gray_slist_create();
+ gray_slist_append(slist, p, len);
+ while (p = fgets(buf, sizeof buf, fp)) {
+ len = strlen(p);
+ gray_slist_append(slist, p, len);
+ if (p[len - 1] == '\n')
+ break;
+ }
+ gray_slist_append_char(slist, 0);
+ p = gray_slist_finish(slist);
+ len = strlen(p);
}
p[len-1] = 0;
@@ -266,7 +275,7 @@ read_config ()
if (!slist)
slist = gray_slist_create();
do {
- gray_slist_append(slist, p, len-2);
+ gray_slist_append(slist, p, len - 1);
p = fgets (buf, sizeof buf, fp);
if (!p)
break;

Return to:

Send suggestions and report system problems to the System administrator.