Make pam_fshadow reentrant.

* pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global
variables, in case pam_fshadow is called twice in the same
stack. Do not register rexp in pam data, this hurts
reentrability.
(pam_sm_authenticate): Free rexp.

1 files changed, 10 insertions, 12 deletions

diff --git a/pam_fshadow/pam_fshadow.c b/pam_fshadow/pam_fshadow.c
index bd09458..196acd2 100644
--- a/pam_fshadow/pam_fshadow.c
+++ b/pam_fshadow/pam_fshadow.c
@@ -85,2 +85,8 @@ _pam_parse(pam_handle_t *pamh, int argc, const char **argv)
 	
+	memset(&rexp, 0, sizeof(rexp));
+	regex_str = NULL;
+	regex_flags = REG_EXTENDED;
+	username_index = 1;
+	domain_index = 2;
+
 	gray_log_init(0, MODULE_NAME, LOG_AUTHPRIV);
@@ -121,14 +127,4 @@ _pam_parse(pam_handle_t *pamh, int argc, const char **argv)
 			retval = PAM_AUTHINFO_UNAVAIL;
-		} else {
+		} else
 			cntl_flags |= CNTL_REGEX;
-			rc = pam_set_data(pamh, "REGEX", &rexp,
-					  gray_cleanup_regex);
-			
-			if (rc != PAM_SUCCESS) {
-				_pam_log(LOG_NOTICE, 
-					 "can't keep data [%s]: %s",
-					 "REGEX",
-					 pam_strerror(pamh, rc));
-			}
-		}
 	}
@@ -400,2 +396,4 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
 		DEBUG(1,("can not get the username"));
+		if (cntl_flags & CNTL_REGEX)
+			regfree(&rexp);
 		return PAM_SERVICE_ERR;
@@ -425,4 +423,4 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
 		}
+		regfree(&rexp);
 	}
-