1 files changed, 40 insertions, 41 deletions
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c
index 359ba64..6707eb3 100644
--- a/pam_sql/pam_sql.c
+++ b/pam_sql/pam_sql.c
@@ -156,66 +156,56 @@ gpam_sql_check_boolean_config(const char *name, int defval)
        if (value)
                defval = gray_boolean_true_p(value);
        return defval;
 }
-const char *
+int
-gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist,
+gpam_sql_get_query(pam_handle_t *pamh, const char *name, int required,
-                   int required)
+                   gray_slist_t *pslist, const char **retptr)
 {
        gray_slist_t slist;
        const char *query = gpam_sql_find_config(name);
+        char *retval;
-        if (!query) {
-                if (required)
-                        gray_raise("%s: %s not defined", gpam_sql_config_file, name);
-                return NULL;
-        }
-        
-        slist = gray_slist_create();
-        gray_expand_string(pamh, query, slist);
-        gray_slist_append_char(slist, 0);
-        *pslist = slist;
-        return gray_slist_finish(slist);
-}
-static const char *
-get_query2(pam_handle_t *pamh, const char *name1, const char *name2,
-           gray_slist_t *pslist, int required)
-{
-        gray_slist_t slist;
-        const char *query = gpam_sql_find_config(name1);
-        if (!query)
-                query = gpam_sql_find_config(name2);
        
        if (!query) {
-                if (required)
+                if (required) {
-                        gray_raise("%s: %s not defined", 
+                        _pam_log(LOG_ERR, "%s: %s not defined",
-                                   gpam_sql_config_file, name1);
+                                 gpam_sql_config_file, name);
-                return NULL;
+                        return PAM_AUTHINFO_UNAVAIL;
+                }
+                *pslist = NULL;
+                *retptr = NULL;
+                return PAM_SUCCESS;
        }
        
        slist = gray_slist_create();
+        if (!slist)
+                return errno_to_pam(errno);
        gray_expand_string(pamh, query, slist);
        gray_slist_append_char(slist, 0);
        *pslist = slist;
-        return gray_slist_finish(slist);
+        retval = gray_slist_finish(slist);
+        if (gray_slist_err(slist)) {
+                int rc = errno_to_pam(gray_slist_err(slist));
+                gray_slist_free(&slist);
+                return rc;
+        }
+        *retptr = retval;
+        return PAM_SUCCESS;
 }
 /* --- authentication management functions (only) --- */
 PAM_EXTERN int
 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
        const char *username;
        char *password;
        int retval = PAM_AUTH_ERR;
-        gray_pam_init(PAM_SERVICE_ERR);
        /* parse arguments */
        _pam_parse(argc, argv);
        
        /* Get the username */
        retval = pam_get_user(pamh, &username, NULL);
@@ -234,19 +224,24 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
        }
        if (gray_env_read(gpam_sql_config_file, &config_env)) 
                retval = PAM_SERVICE_ERR;
        else {
                gray_slist_t slist;
+                char const *query;
+                
                /* FIXME: This comment is needed to pacify
                   `make check-sql-config' in doc:
                   gpam_sql_find_config("passwd-query") */
-                retval = gpam_sql_verify_user_pass(pamh, password,
+                retval = gpam_sql_get_query(pamh, "passwd-query", 1,
-                                             get_query2(pamh, "passwd-query",
+                                            &slist, &query);
-                                             "query",  &slist, 1));
+                if (retval == PAM_SUCCESS) {
-                gray_slist_free(&slist);
+                        retval = gpam_sql_verify_user_pass(pamh, password,
+                                                           query);
+                        gray_slist_free(&slist);
+                }
        }
        
        gray_env_free(config_env);
        config_env = NULL;
        
        switch (retval) {
@@ -273,25 +268,29 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
 static int
 sql_session_mgmt(pam_handle_t *pamh, int flags,
                 int argc, const char **argv, const char *query_name)
 {
        int retval;
-        gray_pam_init(PAM_SERVICE_ERR);
        /* parse arguments */
        _pam_parse(argc, argv);
        if (gray_env_read(gpam_sql_config_file, &config_env)) 
                retval = PAM_SERVICE_ERR;
        else {
                gray_slist_t slist;
-                retval = gpam_sql_acct(pamh,
+                char const *query;
-                                       gpam_sql_get_query(pamh, query_name,
+                
-                                                          &slist, 0));
+                retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query);
-                gray_slist_free(&slist);
+                if (retval == PAM_SUCCESS) {
+                        if (query) {
+                                retval = gpam_sql_acct(pamh, query);
+                                gray_slist_free(&slist);
+                        }
+                }
        }
        
        gray_env_free(config_env);
        config_env = NULL;
        
        return retval;

diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c index 359ba64..6707eb3 100644 --- a/pam_sql/pam_sql.c +++ b/pam_sql/pam_sql.c
@@ -156,66 +156,56 @@ gpam_sql_check_boolean_config(const char *name, int defval)
156	if (value)	156	if (value)
157	defval = gray_boolean_true_p(value);	157	defval = gray_boolean_true_p(value);
158	return defval;	158	return defval;
159	}	159	}
160		160
161		161
162	const char *	162	int
163	gpam_sql_get_query(pam_handle_t pamh, const char name, gray_slist_t *pslist,	163	gpam_sql_get_query(pam_handle_t pamh, const char name, int required,
164	int required)	164	gray_slist_t pslist, const char *retptr)
165	{	165	{
166	gray_slist_t slist;	166	gray_slist_t slist;
167	const char *query = gpam_sql_find_config(name);	167	const char *query = gpam_sql_find_config(name);
168		168	char *retval;
169	if (!query) {
170	if (required)
171	gray_raise("%s: %s not defined", gpam_sql_config_file, name);
172	return NULL;
173	}
174
175	slist = gray_slist_create();
176	gray_expand_string(pamh, query, slist);
177	gray_slist_append_char(slist, 0);
178	*pslist = slist;
179	return gray_slist_finish(slist);
180	}
181
182	static const char *
183	get_query2(pam_handle_t pamh, const char name1, const char *name2,
184	gray_slist_t *pslist, int required)
185	{
186	gray_slist_t slist;
187	const char *query = gpam_sql_find_config(name1);
188
189	if (!query)
190	query = gpam_sql_find_config(name2);
191		169
192	if (!query) {	170	if (!query) {
193	if (required)	171	if (required) {
194	gray_raise("%s: %s not defined",	172	_pam_log(LOG_ERR, "%s: %s not defined",
195	gpam_sql_config_file, name1);	173	gpam_sql_config_file, name);
196	return NULL;	174	return PAM_AUTHINFO_UNAVAIL;
		175	}
		176	*pslist = NULL;
		177	*retptr = NULL;
		178	return PAM_SUCCESS;
197	}	179	}
198		180
199	slist = gray_slist_create();	181	slist = gray_slist_create();
		182	if (!slist)
		183	return errno_to_pam(errno);
200	gray_expand_string(pamh, query, slist);	184	gray_expand_string(pamh, query, slist);
201	gray_slist_append_char(slist, 0);	185	gray_slist_append_char(slist, 0);
202	*pslist = slist;	186	*pslist = slist;
203	return gray_slist_finish(slist);	187	retval = gray_slist_finish(slist);
		188	if (gray_slist_err(slist)) {
		189	int rc = errno_to_pam(gray_slist_err(slist));
		190	gray_slist_free(&slist);
		191	return rc;
		192	}
		193	*retptr = retval;
		194	return PAM_SUCCESS;
204	}	195	}
205		196
206		197
207	/* --- authentication management functions (only) --- */	198	/* --- authentication management functions (only) --- */
208		199
209	PAM_EXTERN int	200	PAM_EXTERN int
210	pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv)	201	pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv)
211	{	202	{
212	const char *username;	203	const char *username;
213	char *password;	204	char *password;
214	int retval = PAM_AUTH_ERR;	205	int retval = PAM_AUTH_ERR;
215	gray_pam_init(PAM_SERVICE_ERR);
216		206
217	/* parse arguments */	207	/* parse arguments */
218	_pam_parse(argc, argv);	208	_pam_parse(argc, argv);
219		209
220	/* Get the username */	210	/* Get the username */
221	retval = pam_get_user(pamh, &username, NULL);	211	retval = pam_get_user(pamh, &username, NULL);
@@ -234,19 +224,24 @@ pam_sm_authenticate(pam_handle_t pamh, int flags, int argc, const char *argv)
234	}	224	}
235		225
236	if (gray_env_read(gpam_sql_config_file, &config_env))	226	if (gray_env_read(gpam_sql_config_file, &config_env))
237	retval = PAM_SERVICE_ERR;	227	retval = PAM_SERVICE_ERR;
238	else {	228	else {
239	gray_slist_t slist;	229	gray_slist_t slist;
		230	char const *query;
		231
240	/* FIXME: This comment is needed to pacify	232	/* FIXME: This comment is needed to pacify
241	`make check-sql-config' in doc:	233	`make check-sql-config' in doc:
242	gpam_sql_find_config("passwd-query") */	234	gpam_sql_find_config("passwd-query") */
243	retval = gpam_sql_verify_user_pass(pamh, password,	235	retval = gpam_sql_get_query(pamh, "passwd-query", 1,
244	get_query2(pamh, "passwd-query",	236	&slist, &query);
245	"query", &slist, 1));	237	if (retval == PAM_SUCCESS) {
246	gray_slist_free(&slist);	238	retval = gpam_sql_verify_user_pass(pamh, password,
		239	query);
		240	gray_slist_free(&slist);
		241	}
247	}	242	}
248		243
249	gray_env_free(config_env);	244	gray_env_free(config_env);
250	config_env = NULL;	245	config_env = NULL;
251		246
252	switch (retval) {	247	switch (retval) {
@@ -273,25 +268,29 @@ pam_sm_setcred(pam_handle_t pamh, int flags, int argc, const char *argv)
273	static int	268	static int
274	sql_session_mgmt(pam_handle_t *pamh, int flags,	269	sql_session_mgmt(pam_handle_t *pamh, int flags,
275	int argc, const char *argv, const char query_name)	270	int argc, const char *argv, const char query_name)
276	{	271	{
277	int retval;	272	int retval;
278		273
279	gray_pam_init(PAM_SERVICE_ERR);
280		274
281	/* parse arguments */	275	/* parse arguments */
282	_pam_parse(argc, argv);	276	_pam_parse(argc, argv);
283		277
284	if (gray_env_read(gpam_sql_config_file, &config_env))	278	if (gray_env_read(gpam_sql_config_file, &config_env))
285	retval = PAM_SERVICE_ERR;	279	retval = PAM_SERVICE_ERR;
286	else {	280	else {
287	gray_slist_t slist;	281	gray_slist_t slist;
288	retval = gpam_sql_acct(pamh,	282	char const *query;
289	gpam_sql_get_query(pamh, query_name,	283
290	&slist, 0));	284	retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query);
291	gray_slist_free(&slist);	285	if (retval == PAM_SUCCESS) {
		286	if (query) {
		287	retval = gpam_sql_acct(pamh, query);
		288	gray_slist_free(&slist);
		289	}
		290	}
292	}	291	}
293		292
294	gray_env_free(config_env);	293	gray_env_free(config_env);
295	config_env = NULL;	294	config_env = NULL;
296		295
297	return retval;	296	return retval;