rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-01-31 16:52:19 +01:00
Code Issues Projects Releases Wiki Activity

switch pam_modutils_getpwnam()/getpwnam() to always use getpwnam_r()

Browse Source
This commit is contained in:
Klas Lindfors 2016-03-31 09:35:46 +02:00
parent b7e7da494a
commit 051dd2a5b2
2 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configure.ac
View File

@ -49,7 +49,6 @@ AC_CHECK_HEADERS([security/pam_modules.h security/_pam_macros.h security/pam_mod
AC_CHECK_LIB([pam], [pam_start], [AC_SUBST([LIBPAM], ["-lpam"])]) AC_CHECK_LIB([pam], [pam_start], [AC_SUBST([LIBPAM], ["-lpam"])])
AC_SEARCH_LIBS([pam_modutil_drop_priv], ["pam"], [AC_DEFINE([HAVE_PAM_MODUTIL_DROP_PRIV], [1])]) AC_SEARCH_LIBS([pam_modutil_drop_priv], ["pam"], [AC_DEFINE([HAVE_PAM_MODUTIL_DROP_PRIV], [1])])
AC_SEARCH_LIBS([pam_modutil_getpwnam], ["pam"], [AC_DEFINE([HAVE_PAM_MODUTIL_GETPWNAM], [1])])
AC_ARG_WITH([ldap], AC_ARG_WITH([ldap],
[AS_HELP_STRING([--without-ldap], [AS_HELP_STRING([--without-ldap],

27
pam_yubico.c
View File

@ -157,16 +157,15 @@ authorize_user_token (struct cfg *cfg,
else else
{ {
char *userfile = NULL; char *userfile = NULL;
struct passwd *p; struct passwd pass, *p;
char buf[1024];
size_t buflen = sizeof(buf);
int pwres;
PAM_MODUTIL_DEF_PRIVS(privs); PAM_MODUTIL_DEF_PRIVS(privs);
#ifdef HAVE_PAM_MODUTIL_GETPWNAM pwres = getpwnam_r (username, &pass, buf, buflen, &p);
p = pam_modutil_getpwnam (pamh, username);
#else
p = getpwnam (username);
#endif
if (p == NULL) { if (p == NULL) {
DBG (("getpwnam: %s", strerror(errno))); DBG (("getpwnam_r: %s", strerror(pwres)));
return 0; return 0;
} }
@ -447,7 +446,11 @@ do_challenge_response(pam_handle_t *pamh, struct cfg *cfg, const char *username)
const char *errstr = NULL; const char *errstr = NULL;
struct passwd *p; struct passwd pass, *p;
char pwbuf[1024];
size_t pwbuflen = sizeof(pwbuf);
int pwres;
struct stat st; struct stat st;
/* we must declare two sepparate privs structures as they can't be reused */ /* we must declare two sepparate privs structures as they can't be reused */
@ -466,13 +469,9 @@ do_challenge_response(pam_handle_t *pamh, struct cfg *cfg, const char *username)
goto out; goto out;
} }
#ifdef HAVE_PAM_MODUTIL_GETPWNAM pwres = getpwnam_r (username, &pass, pwbuf, pwbuflen, &p);
p = pam_modutil_getpwnam (pamh, username);
#else
p = getpwnam (username);
#endif
if (p == NULL) { if (p == NULL) {
DBG (("getpwnam: %s", strerror(errno))); DBG (("getpwnam_r: %s", strerror(pwres)));
goto out; goto out;
} }