diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2018-08-15 22:22:31 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2018-08-15 22:22:31 +0300 |
commit | 7a40b7873bd666809183cdd952d6e2a8f1870981 (patch) | |
tree | 0ae71532dc78f597b717152b564d6681d1ad832a /pam_sql/pam_sql.c | |
parent | 988b8e27f5df26d7e9f6fd7984677873ca1c40cb (diff) | |
download | pam-modules-7a40b7873bd666809183cdd952d6e2a8f1870981.tar.gz pam-modules-7a40b7873bd666809183cdd952d6e2a8f1870981.tar.bz2 |
Major cleanup
* lib/graypam.h (gray_pam_init)
(gray_raise,gray_malloc,gray_zalloc,gray_calloc)
(gray_realloc,gray_strdup): Remove.
(gray_slist_err,gray_slist_clrerr): New functions.
(gray_slist_append,gray_slist_append_char): Return ssize_t.
(gray_slist_coalesce): Likewise.
(gray_slist_grow_backslash_num)
(gray_slist_grow_backslash): Return int.
(errno_to_pam): New function.
(gray_set_transform_expr): Return int.
* lib/mem.c (gray_raise,gray_malloc,gray_zalloc,gray_calloc)
(gray_realloc,gray_strdup): Remove.
(gray_2nrealloc): Rewrite.
* lib/base64.c: Check return from gray_slist_append_char
* lib/env.c: Check return values from gray_slist functions
* lib/ldappass.c: Likewise.
* lib/slist.c (gray_slist_bucket) <ec>: New member.
(gray_slist_err,gray_slist_clrerr): New functions.
(gray_slist_append,gray_slist_append_char): Return ssize_t.
(gray_slist_coalesce): Likewise.
(gray_slist_grow_backslash_num)
(gray_slist_grow_backslash): Return int.
* lib/transform.c: Use standard memory allocation functions.
* pam_ldaphome/pam_ldaphome.c: Likewise.
* pam_innetgr/pam_innetgr.c: Likewise.
* pam_log/pam_log.c: Likewise.
* pam_regex/pam_regex.c: Likewise.
* pam_sql/pam_mysql.c: Likewise.
* pam_sql/pam_pgsql.c: Likewise.
Diffstat (limited to 'pam_sql/pam_sql.c')
-rw-r--r-- | pam_sql/pam_sql.c | 73 |
1 files changed, 36 insertions, 37 deletions
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c index 359ba64..6707eb3 100644 --- a/pam_sql/pam_sql.c +++ b/pam_sql/pam_sql.c | |||
@@ -156,66 +156,56 @@ gpam_sql_check_boolean_config(const char *name, int defval) | |||
156 | if (value) | 156 | if (value) |
157 | defval = gray_boolean_true_p(value); | 157 | defval = gray_boolean_true_p(value); |
158 | return defval; | 158 | return defval; |
159 | } | 159 | } |
160 | 160 | ||
161 | 161 | ||
162 | const char * | 162 | int |
163 | gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist, | 163 | gpam_sql_get_query(pam_handle_t *pamh, const char *name, int required, |
164 | int required) | 164 | gray_slist_t *pslist, const char **retptr) |
165 | { | 165 | { |
166 | gray_slist_t slist; | 166 | gray_slist_t slist; |
167 | const char *query = gpam_sql_find_config(name); | 167 | const char *query = gpam_sql_find_config(name); |
168 | char *retval; | ||
168 | 169 | ||
169 | if (!query) { | 170 | if (!query) { |
170 | if (required) | 171 | if (required) { |
171 | gray_raise("%s: %s not defined", gpam_sql_config_file, name); | 172 | _pam_log(LOG_ERR, "%s: %s not defined", |
172 | return NULL; | 173 | gpam_sql_config_file, name); |
173 | } | 174 | return PAM_AUTHINFO_UNAVAIL; |
174 | |||
175 | slist = gray_slist_create(); | ||
176 | gray_expand_string(pamh, query, slist); | ||
177 | gray_slist_append_char(slist, 0); | ||
178 | *pslist = slist; | ||
179 | return gray_slist_finish(slist); | ||
180 | } | 175 | } |
181 | 176 | *pslist = NULL; | |
182 | static const char * | 177 | *retptr = NULL; |
183 | get_query2(pam_handle_t *pamh, const char *name1, const char *name2, | 178 | return PAM_SUCCESS; |
184 | gray_slist_t *pslist, int required) | ||
185 | { | ||
186 | gray_slist_t slist; | ||
187 | const char *query = gpam_sql_find_config(name1); | ||
188 | |||
189 | if (!query) | ||
190 | query = gpam_sql_find_config(name2); | ||
191 | |||
192 | if (!query) { | ||
193 | if (required) | ||
194 | gray_raise("%s: %s not defined", | ||
195 | gpam_sql_config_file, name1); | ||
196 | return NULL; | ||
197 | } | 179 | } |
198 | 180 | ||
199 | slist = gray_slist_create(); | 181 | slist = gray_slist_create(); |
182 | if (!slist) | ||
183 | return errno_to_pam(errno); | ||
200 | gray_expand_string(pamh, query, slist); | 184 | gray_expand_string(pamh, query, slist); |
201 | gray_slist_append_char(slist, 0); | 185 | gray_slist_append_char(slist, 0); |
202 | *pslist = slist; | 186 | *pslist = slist; |
203 | return gray_slist_finish(slist); | 187 | retval = gray_slist_finish(slist); |
188 | if (gray_slist_err(slist)) { | ||
189 | int rc = errno_to_pam(gray_slist_err(slist)); | ||
190 | gray_slist_free(&slist); | ||
191 | return rc; | ||
192 | } | ||
193 | *retptr = retval; | ||
194 | return PAM_SUCCESS; | ||
204 | } | 195 | } |
205 | 196 | ||
206 | 197 | ||
207 | /* --- authentication management functions (only) --- */ | 198 | /* --- authentication management functions (only) --- */ |
208 | 199 | ||
209 | PAM_EXTERN int | 200 | PAM_EXTERN int |
210 | pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) | 201 | pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) |
211 | { | 202 | { |
212 | const char *username; | 203 | const char *username; |
213 | char *password; | 204 | char *password; |
214 | int retval = PAM_AUTH_ERR; | 205 | int retval = PAM_AUTH_ERR; |
215 | gray_pam_init(PAM_SERVICE_ERR); | ||
216 | 206 | ||
217 | /* parse arguments */ | 207 | /* parse arguments */ |
218 | _pam_parse(argc, argv); | 208 | _pam_parse(argc, argv); |
219 | 209 | ||
220 | /* Get the username */ | 210 | /* Get the username */ |
221 | retval = pam_get_user(pamh, &username, NULL); | 211 | retval = pam_get_user(pamh, &username, NULL); |
@@ -234,20 +224,25 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) | |||
234 | } | 224 | } |
235 | 225 | ||
236 | if (gray_env_read(gpam_sql_config_file, &config_env)) | 226 | if (gray_env_read(gpam_sql_config_file, &config_env)) |
237 | retval = PAM_SERVICE_ERR; | 227 | retval = PAM_SERVICE_ERR; |
238 | else { | 228 | else { |
239 | gray_slist_t slist; | 229 | gray_slist_t slist; |
230 | char const *query; | ||
231 | |||
240 | /* FIXME: This comment is needed to pacify | 232 | /* FIXME: This comment is needed to pacify |
241 | `make check-sql-config' in doc: | 233 | `make check-sql-config' in doc: |
242 | gpam_sql_find_config("passwd-query") */ | 234 | gpam_sql_find_config("passwd-query") */ |
235 | retval = gpam_sql_get_query(pamh, "passwd-query", 1, | ||
236 | &slist, &query); | ||
237 | if (retval == PAM_SUCCESS) { | ||
243 | retval = gpam_sql_verify_user_pass(pamh, password, | 238 | retval = gpam_sql_verify_user_pass(pamh, password, |
244 | get_query2(pamh, "passwd-query", | 239 | query); |
245 | "query", &slist, 1)); | ||
246 | gray_slist_free(&slist); | 240 | gray_slist_free(&slist); |
247 | } | 241 | } |
242 | } | ||
248 | 243 | ||
249 | gray_env_free(config_env); | 244 | gray_env_free(config_env); |
250 | config_env = NULL; | 245 | config_env = NULL; |
251 | 246 | ||
252 | switch (retval) { | 247 | switch (retval) { |
253 | case PAM_ACCT_EXPIRED: | 248 | case PAM_ACCT_EXPIRED: |
@@ -273,26 +268,30 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) | |||
273 | static int | 268 | static int |
274 | sql_session_mgmt(pam_handle_t *pamh, int flags, | 269 | sql_session_mgmt(pam_handle_t *pamh, int flags, |
275 | int argc, const char **argv, const char *query_name) | 270 | int argc, const char **argv, const char *query_name) |
276 | { | 271 | { |
277 | int retval; | 272 | int retval; |
278 | 273 | ||
279 | gray_pam_init(PAM_SERVICE_ERR); | ||
280 | 274 | ||
281 | /* parse arguments */ | 275 | /* parse arguments */ |
282 | _pam_parse(argc, argv); | 276 | _pam_parse(argc, argv); |
283 | 277 | ||
284 | if (gray_env_read(gpam_sql_config_file, &config_env)) | 278 | if (gray_env_read(gpam_sql_config_file, &config_env)) |
285 | retval = PAM_SERVICE_ERR; | 279 | retval = PAM_SERVICE_ERR; |
286 | else { | 280 | else { |
287 | gray_slist_t slist; | 281 | gray_slist_t slist; |
288 | retval = gpam_sql_acct(pamh, | 282 | char const *query; |
289 | gpam_sql_get_query(pamh, query_name, | 283 | |
290 | &slist, 0)); | 284 | retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query); |
285 | if (retval == PAM_SUCCESS) { | ||
286 | if (query) { | ||
287 | retval = gpam_sql_acct(pamh, query); | ||
291 | gray_slist_free(&slist); | 288 | gray_slist_free(&slist); |
292 | } | 289 | } |
290 | } | ||
291 | } | ||
293 | 292 | ||
294 | gray_env_free(config_env); | 293 | gray_env_free(config_env); |
295 | config_env = NULL; | 294 | config_env = NULL; |
296 | 295 | ||
297 | return retval; | 296 | return retval; |
298 | } | 297 | } |