summaryrefslogtreecommitdiffabout
authorSergey Poznyakoff <gray@gnu.org.ua>2012-12-08 14:59:13 (GMT)
committer Sergey Poznyakoff <gray@gnu.org.ua>2012-12-08 14:59:13 (GMT)
commitb8a5067f0c6a189998bfb8e64982915303495d66 (patch) (side-by-side diff)
tree1d911f0d42ed6dc085cf6f7895bebbc8df7e64b6
parentd211d9ec0cf708b047a0fb0d4019a16a806bbf4c (diff)
downloadpam-modules-b8a5067f0c6a189998bfb8e64982915303495d66.tar.gz
pam-modules-b8a5067f0c6a189998bfb8e64982915303495d66.tar.bz2
Make pam_fshadow reentrant.
* pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global variables, in case pam_fshadow is called twice in the same stack. Do not register rexp in pam data, this hurts reentrability. (pam_sm_authenticate): Free rexp.
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--pam_fshadow/pam_fshadow.c22
1 files changed, 10 insertions, 12 deletions
diff --git a/pam_fshadow/pam_fshadow.c b/pam_fshadow/pam_fshadow.c
index bd09458..196acd2 100644
--- a/pam_fshadow/pam_fshadow.c
+++ b/pam_fshadow/pam_fshadow.c
@@ -83,6 +83,12 @@ _pam_parse(pam_handle_t *pamh, int argc, const char **argv)
{
int retval = PAM_SUCCESS;
+ memset(&rexp, 0, sizeof(rexp));
+ regex_str = NULL;
+ regex_flags = REG_EXTENDED;
+ username_index = 1;
+ domain_index = 2;
+
gray_log_init(0, MODULE_NAME, LOG_AUTHPRIV);
if (gray_parseopt(pam_opt, argc, argv))
return PAM_AUTHINFO_UNAVAIL;
@@ -119,18 +125,8 @@ _pam_parse(pam_handle_t *pamh, int argc, const char **argv)
regex_str);
regfree(&rexp);
retval = PAM_AUTHINFO_UNAVAIL;
- } else {
+ } else
cntl_flags |= CNTL_REGEX;
- rc = pam_set_data(pamh, "REGEX", &rexp,
- gray_cleanup_regex);
-
- if (rc != PAM_SUCCESS) {
- _pam_log(LOG_NOTICE,
- "can't keep data [%s]: %s",
- "REGEX",
- pam_strerror(pamh, rc));
- }
- }
}
return retval;
@@ -398,6 +394,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
retval = pam_get_user(pamh, &username, NULL);
if (retval != PAM_SUCCESS || !username) {
DEBUG(1,("can not get the username"));
+ if (cntl_flags & CNTL_REGEX)
+ regfree(&rexp);
return PAM_SERVICE_ERR;
}
@@ -423,8 +421,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
username,
regex_str));
}
+ regfree(&rexp);
}
-
/* Get the password */
if (_pam_get_password(pamh, &password, "Password:"))

Return to:

Send suggestions and report system problems to the System administrator.