diff options
Diffstat (limited to 'pam_sql/pam_sql.c')
-rw-r--r-- | pam_sql/pam_sql.c | 73 |
1 files changed, 36 insertions, 37 deletions
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c index 359ba64..6707eb3 100644 --- a/pam_sql/pam_sql.c +++ b/pam_sql/pam_sql.c @@ -159,48 +159,39 @@ gpam_sql_check_boolean_config(const char *name, int defval) } -const char * -gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist, - int required) +int +gpam_sql_get_query(pam_handle_t *pamh, const char *name, int required, + gray_slist_t *pslist, const char **retptr) { gray_slist_t slist; const char *query = gpam_sql_find_config(name); + char *retval; if (!query) { - if (required) - gray_raise("%s: %s not defined", gpam_sql_config_file, name); - return NULL; - } - - slist = gray_slist_create(); - gray_expand_string(pamh, query, slist); - gray_slist_append_char(slist, 0); - *pslist = slist; - return gray_slist_finish(slist); + if (required) { + _pam_log(LOG_ERR, "%s: %s not defined", + gpam_sql_config_file, name); + return PAM_AUTHINFO_UNAVAIL; } - -static const char * -get_query2(pam_handle_t *pamh, const char *name1, const char *name2, - gray_slist_t *pslist, int required) -{ - gray_slist_t slist; - const char *query = gpam_sql_find_config(name1); - - if (!query) - query = gpam_sql_find_config(name2); - - if (!query) { - if (required) - gray_raise("%s: %s not defined", - gpam_sql_config_file, name1); - return NULL; + *pslist = NULL; + *retptr = NULL; + return PAM_SUCCESS; } slist = gray_slist_create(); + if (!slist) + return errno_to_pam(errno); gray_expand_string(pamh, query, slist); gray_slist_append_char(slist, 0); *pslist = slist; - return gray_slist_finish(slist); + retval = gray_slist_finish(slist); + if (gray_slist_err(slist)) { + int rc = errno_to_pam(gray_slist_err(slist)); + gray_slist_free(&slist); + return rc; + } + *retptr = retval; + return PAM_SUCCESS; } @@ -212,7 +203,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) const char *username; char *password; int retval = PAM_AUTH_ERR; - gray_pam_init(PAM_SERVICE_ERR); /* parse arguments */ _pam_parse(argc, argv); @@ -237,14 +227,19 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) retval = PAM_SERVICE_ERR; else { gray_slist_t slist; + char const *query; + /* FIXME: This comment is needed to pacify `make check-sql-config' in doc: gpam_sql_find_config("passwd-query") */ + retval = gpam_sql_get_query(pamh, "passwd-query", 1, + &slist, &query); + if (retval == PAM_SUCCESS) { retval = gpam_sql_verify_user_pass(pamh, password, - get_query2(pamh, "passwd-query", - "query", &slist, 1)); + query); gray_slist_free(&slist); } + } gray_env_free(config_env); config_env = NULL; @@ -276,7 +271,6 @@ sql_session_mgmt(pam_handle_t *pamh, int flags, { int retval; - gray_pam_init(PAM_SERVICE_ERR); /* parse arguments */ _pam_parse(argc, argv); @@ -285,11 +279,16 @@ sql_session_mgmt(pam_handle_t *pamh, int flags, retval = PAM_SERVICE_ERR; else { gray_slist_t slist; - retval = gpam_sql_acct(pamh, - gpam_sql_get_query(pamh, query_name, - &slist, 0)); + char const *query; + + retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query); + if (retval == PAM_SUCCESS) { + if (query) { + retval = gpam_sql_acct(pamh, query); gray_slist_free(&slist); } + } + } gray_env_free(config_env); config_env = NULL; |