diff --git a/configure.ac b/configure.ac index 7abff15..cad802e 100644 --- a/configure.ac +++ b/configure.ac @@ -49,7 +49,6 @@ AC_CHECK_HEADERS([security/pam_modules.h security/_pam_macros.h security/pam_mod AC_CHECK_LIB([pam], [pam_start], [AC_SUBST([LIBPAM], ["-lpam"])]) AC_SEARCH_LIBS([pam_modutil_drop_priv], ["pam"], [AC_DEFINE([HAVE_PAM_MODUTIL_DROP_PRIV], [1])]) -AC_SEARCH_LIBS([pam_modutil_getpwnam], ["pam"], [AC_DEFINE([HAVE_PAM_MODUTIL_GETPWNAM], [1])]) AC_ARG_WITH([ldap], [AS_HELP_STRING([--without-ldap], diff --git a/pam_yubico.c b/pam_yubico.c index b193436..f6af4d6 100644 --- a/pam_yubico.c +++ b/pam_yubico.c @@ -157,16 +157,15 @@ authorize_user_token (struct cfg *cfg, else { char *userfile = NULL; - struct passwd *p; + struct passwd pass, *p; + char buf[1024]; + size_t buflen = sizeof(buf); + int pwres; PAM_MODUTIL_DEF_PRIVS(privs); -#ifdef HAVE_PAM_MODUTIL_GETPWNAM - p = pam_modutil_getpwnam (pamh, username); -#else - p = getpwnam (username); -#endif + pwres = getpwnam_r (username, &pass, buf, buflen, &p); if (p == NULL) { - DBG (("getpwnam: %s", strerror(errno))); + DBG (("getpwnam_r: %s", strerror(pwres))); return 0; } @@ -447,7 +446,11 @@ do_challenge_response(pam_handle_t *pamh, struct cfg *cfg, const char *username) const char *errstr = NULL; - struct passwd *p; + struct passwd pass, *p; + char pwbuf[1024]; + size_t pwbuflen = sizeof(pwbuf); + int pwres; + struct stat st; /* we must declare two sepparate privs structures as they can't be reused */ @@ -466,13 +469,9 @@ do_challenge_response(pam_handle_t *pamh, struct cfg *cfg, const char *username) goto out; } -#ifdef HAVE_PAM_MODUTIL_GETPWNAM - p = pam_modutil_getpwnam (pamh, username); -#else - p = getpwnam (username); -#endif + pwres = getpwnam_r (username, &pass, pwbuf, pwbuflen, &p); if (p == NULL) { - DBG (("getpwnam: %s", strerror(errno))); + DBG (("getpwnam_r: %s", strerror(pwres))); goto out; }