diff options
Diffstat (limited to 'pam_sql')
-rw-r--r-- | pam_sql/pam_mysql.c | 10 | ||||
-rw-r--r-- | pam_sql/pam_pgsql.c | 12 | ||||
-rw-r--r-- | pam_sql/pam_sql.c | 73 | ||||
-rw-r--r-- | pam_sql/pam_sql.h | 5 |
4 files changed, 54 insertions, 46 deletions
diff --git a/pam_sql/pam_mysql.c b/pam_sql/pam_mysql.c index ca1f9e6..3f4a0d6 100644 --- a/pam_sql/pam_mysql.c +++ b/pam_sql/pam_mysql.c | |||
@@ -367,5 +367,7 @@ gpam_sql_verify_user_pass(pam_handle_t *pamh, const char *password, | |||
367 | gpam_sql_find_config("setenv-query") */ | 367 | gpam_sql_find_config("setenv-query") */ |
368 | if (rc == PAM_SUCCESS | 368 | if (rc == PAM_SUCCESS) { |
369 | && (q = gpam_sql_get_query(pamh, "setenv-query", | 369 | rc = gpam_sql_get_query(pamh, "setenv-query", 0, |
370 | &slist, 0))) { | 370 | &slist, &q); |
371 | if (rc == PAM_SUCCESS) { | ||
372 | if (q) { | ||
371 | mysql_setenv(pamh, &mysql, q); | 373 | mysql_setenv(pamh, &mysql, q); |
@@ -373,2 +375,4 @@ gpam_sql_verify_user_pass(pam_handle_t *pamh, const char *password, | |||
373 | } | 375 | } |
376 | } | ||
377 | } | ||
374 | mysql_close(&mysql); | 378 | mysql_close(&mysql); |
diff --git a/pam_sql/pam_pgsql.c b/pam_sql/pam_pgsql.c index f6d19e1..5f66b53 100644 --- a/pam_sql/pam_pgsql.c +++ b/pam_sql/pam_pgsql.c | |||
@@ -117,2 +117,3 @@ gpam_sql_verify_user_pass(pam_handle_t *pamh, const char *password, | |||
117 | gray_slist_t slist; | 117 | gray_slist_t slist; |
118 | char const *query; | ||
118 | 119 | ||
@@ -155,6 +156,7 @@ gpam_sql_verify_user_pass(pam_handle_t *pamh, const char *password, | |||
155 | gpam_sql_find_config("setenv-query") */ | 156 | gpam_sql_find_config("setenv-query") */ |
156 | if (rc == PAM_SUCCESS | 157 | if (rc == PAM_SUCCESS) { |
157 | && (query = gpam_sql_get_query(pamh, | 158 | rc = gpam_sql_get_query(pamh, "setenv-query", 0, |
158 | "setenv-query", | 159 | &slist, &query); |
159 | &slist, 0))) { | 160 | if (rc == PAM_SUCCESS) { |
161 | if (query) { | ||
160 | pgsql_setenv(pamh, pgconn, query); | 162 | pgsql_setenv(pamh, pgconn, query); |
@@ -163,2 +165,4 @@ gpam_sql_verify_user_pass(pam_handle_t *pamh, const char *password, | |||
163 | } | 165 | } |
166 | } | ||
167 | } | ||
164 | 168 | ||
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c index 359ba64..6707eb3 100644 --- a/pam_sql/pam_sql.c +++ b/pam_sql/pam_sql.c | |||
@@ -161,5 +161,5 @@ gpam_sql_check_boolean_config(const char *name, int defval) | |||
161 | 161 | ||
162 | const char * | 162 | int |
163 | gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist, | 163 | gpam_sql_get_query(pam_handle_t *pamh, const char *name, int required, |
164 | int required) | 164 | gray_slist_t *pslist, const char **retptr) |
165 | { | 165 | { |
@@ -167,31 +167,13 @@ gpam_sql_get_query(pam_handle_t *pamh, const char *name, gray_slist_t *pslist, | |||
167 | const char *query = gpam_sql_find_config(name); | 167 | const char *query = gpam_sql_find_config(name); |
168 | char *retval; | ||
168 | 169 | ||
169 | if (!query) { | 170 | if (!query) { |
170 | if (required) | 171 | if (required) { |
171 | gray_raise("%s: %s not defined", gpam_sql_config_file, name); | 172 | _pam_log(LOG_ERR, "%s: %s not defined", |
172 | return NULL; | 173 | gpam_sql_config_file, name); |
173 | } | 174 | return PAM_AUTHINFO_UNAVAIL; |
174 | |||
175 | slist = gray_slist_create(); | ||
176 | gray_expand_string(pamh, query, slist); | ||
177 | gray_slist_append_char(slist, 0); | ||
178 | *pslist = slist; | ||
179 | return gray_slist_finish(slist); | ||
180 | } | 175 | } |
181 | 176 | *pslist = NULL; | |
182 | static const char * | 177 | *retptr = NULL; |
183 | get_query2(pam_handle_t *pamh, const char *name1, const char *name2, | 178 | return PAM_SUCCESS; |
184 | gray_slist_t *pslist, int required) | ||
185 | { | ||
186 | gray_slist_t slist; | ||
187 | const char *query = gpam_sql_find_config(name1); | ||
188 | |||
189 | if (!query) | ||
190 | query = gpam_sql_find_config(name2); | ||
191 | |||
192 | if (!query) { | ||
193 | if (required) | ||
194 | gray_raise("%s: %s not defined", | ||
195 | gpam_sql_config_file, name1); | ||
196 | return NULL; | ||
197 | } | 179 | } |
@@ -199,2 +181,4 @@ get_query2(pam_handle_t *pamh, const char *name1, const char *name2, | |||
199 | slist = gray_slist_create(); | 181 | slist = gray_slist_create(); |
182 | if (!slist) | ||
183 | return errno_to_pam(errno); | ||
200 | gray_expand_string(pamh, query, slist); | 184 | gray_expand_string(pamh, query, slist); |
@@ -202,3 +186,10 @@ get_query2(pam_handle_t *pamh, const char *name1, const char *name2, | |||
202 | *pslist = slist; | 186 | *pslist = slist; |
203 | return gray_slist_finish(slist); | 187 | retval = gray_slist_finish(slist); |
188 | if (gray_slist_err(slist)) { | ||
189 | int rc = errno_to_pam(gray_slist_err(slist)); | ||
190 | gray_slist_free(&slist); | ||
191 | return rc; | ||
192 | } | ||
193 | *retptr = retval; | ||
194 | return PAM_SUCCESS; | ||
204 | } | 195 | } |
@@ -214,3 +205,2 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) | |||
214 | int retval = PAM_AUTH_ERR; | 205 | int retval = PAM_AUTH_ERR; |
215 | gray_pam_init(PAM_SERVICE_ERR); | ||
216 | 206 | ||
@@ -239,2 +229,4 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) | |||
239 | gray_slist_t slist; | 229 | gray_slist_t slist; |
230 | char const *query; | ||
231 | |||
240 | /* FIXME: This comment is needed to pacify | 232 | /* FIXME: This comment is needed to pacify |
@@ -242,7 +234,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) | |||
242 | gpam_sql_find_config("passwd-query") */ | 234 | gpam_sql_find_config("passwd-query") */ |
235 | retval = gpam_sql_get_query(pamh, "passwd-query", 1, | ||
236 | &slist, &query); | ||
237 | if (retval == PAM_SUCCESS) { | ||
243 | retval = gpam_sql_verify_user_pass(pamh, password, | 238 | retval = gpam_sql_verify_user_pass(pamh, password, |
244 | get_query2(pamh, "passwd-query", | 239 | query); |
245 | "query", &slist, 1)); | ||
246 | gray_slist_free(&slist); | 240 | gray_slist_free(&slist); |
247 | } | 241 | } |
242 | } | ||
248 | 243 | ||
@@ -278,3 +273,2 @@ sql_session_mgmt(pam_handle_t *pamh, int flags, | |||
278 | 273 | ||
279 | gray_pam_init(PAM_SERVICE_ERR); | ||
280 | 274 | ||
@@ -287,7 +281,12 @@ sql_session_mgmt(pam_handle_t *pamh, int flags, | |||
287 | gray_slist_t slist; | 281 | gray_slist_t slist; |
288 | retval = gpam_sql_acct(pamh, | 282 | char const *query; |
289 | gpam_sql_get_query(pamh, query_name, | 283 | |
290 | &slist, 0)); | 284 | retval = gpam_sql_get_query(pamh, query_name, 0, &slist, &query); |
285 | if (retval == PAM_SUCCESS) { | ||
286 | if (query) { | ||
287 | retval = gpam_sql_acct(pamh, query); | ||
291 | gray_slist_free(&slist); | 288 | gray_slist_free(&slist); |
292 | } | 289 | } |
290 | } | ||
291 | } | ||
293 | 292 | ||
diff --git a/pam_sql/pam_sql.h b/pam_sql/pam_sql.h index 9eeecd6..5dc9525 100644 --- a/pam_sql/pam_sql.h +++ b/pam_sql/pam_sql.h | |||
@@ -49,4 +49,5 @@ int gpam_sql_acct(pam_handle_t *pamh, const char *query); | |||
49 | char *gpam_sql_find_config(const char *name); | 49 | char *gpam_sql_find_config(const char *name); |
50 | const char *gpam_sql_get_query(pam_handle_t *pamh, const char *name, | 50 | int gpam_sql_get_query(pam_handle_t *pamh, char const *var, |
51 | gray_slist_t *pslist, int required); | 51 | int required, |
52 | gray_slist_t *pslist, const char **query); | ||
52 | int gpam_sql_check_boolean_config(const char *name, int defval); | 53 | int gpam_sql_check_boolean_config(const char *name, int defval); |