summaryrefslogtreecommitdiffabout
path: root/pam_sql/pam_sql.c
Side-by-side diff
Diffstat (limited to 'pam_sql/pam_sql.c') (more/less context) (show whitespace changes)
-rw-r--r--pam_sql/pam_sql.c73
1 files changed, 36 insertions, 37 deletions
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c
index 359ba64..6707eb3 100644
--- a/pam_sql/pam_sql.c
+++ b/pam_sql/pam_sql.c
@@ -150,110 +150,105 @@ gpam_sql_find_config(const char *name)
}
int
gpam_sql_check_boolean_config(const char *name, int defval)
{
const char *value = gpam_sql_find_config(name);
if (value)
defval = gray_boolean_true_p(value);
return defval;
}
-const char *
-gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist,
- int required)
+int
+gpam_sql_get_query(pam_handle_t *pamh, const char *name, int required,
+ gray_slist_t *pslist, const char **retptr)
{
gray_slist_t slist;
const char *query = gpam_sql_find_config(name);
+ char *retval;
if (!query) {
- if (required)
- gray_raise("%s: %s not defined", gpam_sql_config_file, name);
- return NULL;
- }
-
- slist = gray_slist_create();
- gray_expand_string(pamh, query, slist);
- gray_slist_append_char(slist, 0);
- *pslist = slist;
- return gray_slist_finish(slist);
+ if (required) {
+ _pam_log(LOG_ERR, "%s: %s not defined",
+ gpam_sql_config_file, name);
+ return PAM_AUTHINFO_UNAVAIL;
}
-
-static const char *
-get_query2(pam_handle_t *pamh, const char *name1, const char *name2,
- gray_slist_t *pslist, int required)
-{
- gray_slist_t slist;
- const char *query = gpam_sql_find_config(name1);
-
- if (!query)
- query = gpam_sql_find_config(name2);
-
- if (!query) {
- if (required)
- gray_raise("%s: %s not defined",
- gpam_sql_config_file, name1);
- return NULL;
+ *pslist = NULL;
+ *retptr = NULL;
+ return PAM_SUCCESS;
}
slist = gray_slist_create();
+ if (!slist)
+ return errno_to_pam(errno);
gray_expand_string(pamh, query, slist);
gray_slist_append_char(slist, 0);
*pslist = slist;
- return gray_slist_finish(slist);
+ retval = gray_slist_finish(slist);
+ if (gray_slist_err(slist)) {
+ int rc = errno_to_pam(gray_slist_err(slist));
+ gray_slist_free(&slist);
+ return rc;
+ }
+ *retptr = retval;
+ return PAM_SUCCESS;
}
/* --- authentication management functions (only) --- */
PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
const char *username;
char *password;
int retval = PAM_AUTH_ERR;
- gray_pam_init(PAM_SERVICE_ERR);
/* parse arguments */
_pam_parse(argc, argv);
/* Get the username */
retval = pam_get_user(pamh, &username, NULL);
if (retval != PAM_SUCCESS || !username) {
DEBUG(1, ("can not get the username"));
return PAM_SERVICE_ERR;
}
/* Get the password */
if (_pam_get_password(pamh, &password, "Password:"))
return PAM_SERVICE_ERR;
if (retval != PAM_SUCCESS) {
_pam_log(LOG_ERR, "Could not retrive user's password");
return PAM_SERVICE_ERR;
}
if (gray_env_read(gpam_sql_config_file, &config_env))
retval = PAM_SERVICE_ERR;
else {
gray_slist_t slist;
+ char const *query;
+
/* FIXME: This comment is needed to pacify
`make check-sql-config' in doc:
gpam_sql_find_config("passwd-query") */
+ retval = gpam_sql_get_query(pamh, "passwd-query", 1,
+ &slist, &query);
+ if (retval == PAM_SUCCESS) {
retval = gpam_sql_verify_user_pass(pamh, password,
- get_query2(pamh, "passwd-query",
- "query", &slist, 1));
+ query);
gray_slist_free(&slist);
}
+ }
gray_env_free(config_env);
config_env = NULL;
switch (retval) {
case PAM_ACCT_EXPIRED:
_pam_log(LOG_NOTICE, "user '%s': account expired", username);
break;
case PAM_SUCCESS:
_pam_log(LOG_NOTICE, "user '%s' granted access", username);
break;
default:
@@ -267,38 +262,42 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return PAM_SUCCESS;
}
static int
sql_session_mgmt(pam_handle_t *pamh, int flags,
int argc, const char **argv, const char *query_name)
{
int retval;
- gray_pam_init(PAM_SERVICE_ERR);
/* parse arguments */
_pam_parse(argc, argv);
if (gray_env_read(gpam_sql_config_file, &config_env))
retval = PAM_SERVICE_ERR;
else {
gray_slist_t slist;
- retval = gpam_sql_acct(pamh,
- gpam_sql_get_query(pamh, query_name,
- &slist, 0));
+ char const *query;
+
+ retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query);
+ if (retval == PAM_SUCCESS) {
+ if (query) {
+ retval = gpam_sql_acct(pamh, query);
gray_slist_free(&slist);
}
+ }
+ }
gray_env_free(config_env);
config_env = NULL;
return retval;
}
PAM_EXTERN int
pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
/* FIXME: This comment is needed to pacify `make check-sql-config'
in doc:

Return to:

Send suggestions and report system problems to the System administrator.