aboutsummaryrefslogtreecommitdiff
path: root/lib/ldappass.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ldappass.c')
-rw-r--r--lib/ldappass.c107
1 files changed, 78 insertions, 29 deletions
diff --git a/lib/ldappass.c b/lib/ldappass.c
index 968078c..247cf16 100644
--- a/lib/ldappass.c
+++ b/lib/ldappass.c
@@ -50,3 +50,3 @@ chk_md5 (const char *db_pass, const char *pass)
struct gpam_md5_ctx md5context;
- gray_slist_t slist = gray_slist_create ();
+ gray_slist_t slist;
ssize_t size;
@@ -54,2 +54,6 @@ chk_md5 (const char *db_pass, const char *pass)
int rc;
+
+ slist = gray_slist_create ();
+ if (!slist)
+ return errno_to_pam(errno);
@@ -62,8 +66,17 @@ chk_md5 (const char *db_pass, const char *pass)
{
+ rc = errno_to_pam(errno);
gray_slist_free(&slist);
- return PAM_AUTH_ERR;
+ return rc;
}
p = gray_slist_finish(slist);
- rc = memcmp (md5digest, p, sizeof md5digest) == 0 ?
- PAM_SUCCESS : PAM_AUTH_ERR;
+ if (p)
+ {
+ rc = memcmp (md5digest, p, sizeof md5digest) == 0
+ ? PAM_SUCCESS
+ : PAM_AUTH_ERR;
+ }
+ else
+ {
+ rc = errno_to_pam(errno);
+ }
gray_slist_free(&slist);
@@ -79,5 +92,9 @@ chk_smd5 (const char *db_pass, const char *pass)
struct gpam_md5_ctx md5context;
- gray_slist_t slist = gray_slist_create();
+ gray_slist_t slist;
ssize_t size;
+ slist = gray_slist_create();
+ if (!slist)
+ return errno_to_pam(errno);
+
size = gray_base64_decode(slist, db_pass, strlen (db_pass));
@@ -85,5 +102,5 @@ chk_smd5 (const char *db_pass, const char *pass)
{
- _pam_log(LOG_ERR, "malformed SMD5 password: %s", db_pass);
+ rc = errno_to_pam(errno);
gray_slist_free(&slist);
- return PAM_AUTH_ERR;
+ return rc;
}
@@ -91,10 +108,18 @@ chk_smd5 (const char *db_pass, const char *pass)
d1 = gray_slist_finish(slist);
-
- gpam_md5_init_ctx (&md5context);
- gpam_md5_process_bytes (pass, strlen (pass), &md5context);
- gpam_md5_process_bytes (d1 + 16, size - 16, &md5context);
- gpam_md5_finish_ctx (&md5context, md5digest);
+ if (d1)
+ {
+ gpam_md5_init_ctx (&md5context);
+ gpam_md5_process_bytes (pass, strlen (pass), &md5context);
+ gpam_md5_process_bytes (d1 + 16, size - 16, &md5context);
+ gpam_md5_finish_ctx (&md5context, md5digest);
- rc = memcmp (md5digest, d1, sizeof md5digest) == 0 ?
- PAM_SUCCESS : PAM_AUTH_ERR;
+ rc = memcmp (md5digest, d1, sizeof md5digest) == 0
+ ? PAM_SUCCESS
+ : PAM_AUTH_ERR;
+ }
+ else
+ {
+ rc = errno_to_pam(gray_slist_err(slist));
+ }
+
gray_slist_free(&slist);
@@ -110,5 +135,9 @@ chk_sha (const char *db_pass, const char *pass)
struct gpam_sha1_ctx sha1context;
- gray_slist_t slist = gray_slist_create();
+ gray_slist_t slist;
ssize_t size;
-
+
+ slist = gray_slist_create();
+ if (!slist)
+ return errno_to_pam(errno);
+
gpam_sha1_init_ctx (&sha1context);
@@ -120,4 +149,5 @@ chk_sha (const char *db_pass, const char *pass)
{
+ rc = errno_to_pam(errno);
gray_slist_free(&slist);
- return 1;
+ return rc;
}
@@ -125,4 +155,12 @@ chk_sha (const char *db_pass, const char *pass)
d1 = gray_slist_finish(slist);
- rc = memcmp (sha1digest, d1, sizeof sha1digest) == 0 ?
- PAM_SUCCESS : PAM_AUTH_ERR;
+ if (d1)
+ {
+ rc = memcmp (sha1digest, d1, sizeof sha1digest) == 0
+ ? PAM_SUCCESS
+ : PAM_AUTH_ERR;
+ }
+ else
+ {
+ rc = errno_to_pam(errno);
+ }
gray_slist_free(&slist);
@@ -138,5 +176,9 @@ chk_ssha (const char *db_pass, const char *pass)
struct gpam_sha1_ctx sha1context;
- gray_slist_t slist = gray_slist_create();
+ gray_slist_t slist;
ssize_t size;
+ slist = gray_slist_create();
+ if (!slist)
+ return errno_to_pam(errno);
+
size = gray_base64_decode(slist, db_pass, strlen (db_pass));
@@ -144,15 +186,22 @@ chk_ssha (const char *db_pass, const char *pass)
{
- _pam_log (LOG_ERR, "malformed SSHA1 password: %s", db_pass);
+ rc = errno_to_pam(errno);
gray_slist_free(&slist);
- return 1;
+ return rc;
}
d1 = gray_slist_finish(slist);
-
- gpam_sha1_init_ctx (&sha1context);
- gpam_sha1_process_bytes (pass, strlen (pass), &sha1context);
- gpam_sha1_process_bytes (d1 + 20, size - 20, &sha1context);
- gpam_sha1_finish_ctx (&sha1context, sha1digest);
+ if (d1)
+ {
+ gpam_sha1_init_ctx (&sha1context);
+ gpam_sha1_process_bytes (pass, strlen (pass), &sha1context);
+ gpam_sha1_process_bytes (d1 + 20, size - 20, &sha1context);
+ gpam_sha1_finish_ctx (&sha1context, sha1digest);
- rc = memcmp (sha1digest, d1, sizeof sha1digest) == 0 ?
- PAM_SUCCESS : PAM_AUTH_ERR;
+ rc = memcmp (sha1digest, d1, sizeof sha1digest) == 0
+ ? PAM_SUCCESS
+ : PAM_AUTH_ERR;
+ }
+ else
+ {
+ rc = errno_to_pam(errno);
+ }
gray_slist_free(&slist);

Return to:

Send suggestions and report system problems to the System administrator.