rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-01 01:52:17 +01:00
Code Issues Projects Releases Wiki Activity

let debug_accept stdout. also check that file exists and is regular

Browse Source
This commit is contained in:
Klas Lindfors 2016-06-22 10:19:31 +02:00
parent 8850659b5f
commit 174b09e298
3 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README
View File

@ -153,7 +153,8 @@ service, go https://upgrade.yubico.com/getapikey[here].
debug:: to enable debug output.
debug_file:: filename to write debug to, stdout is default.
debug_file:: filename to write debug to, file must exist and
be a regular file. stdout is default.
alwaysok::
to enable all authentication attempts to succeed

2
pam_yubico.8.txt
View File

@ -18,7 +18,7 @@ The module is for authentication of YubiKeys, either with online validation of O
Turns on debugging.
*debug_file*=_file_::
File name to write debug to. Defaults to stdout.
File name to write debug to, the file must exist and be a regular file. Defaults to stdout.
*mode=*[_client_|_challenge-response_]::
Set the mode of operation, client for OTP validation and challenge-response for challenge-response validation, client is the default.

21
pam_yubico.c
View File

@ -755,16 +755,29 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg)
cfg->chalresp_path = argv[i] + 14;
if (strncmp (argv[i], "debug_file=", 11) == 0)
{
if(strncmp (argv[i] + 11, "stderr", 6) == 0)
const char *filename = argv[i] + 11;
if(strncmp (filename, "stdout", 6) == 0)
{
cfg->debug_file = stdout;
}
else if(strncmp (filename, "stderr", 6) == 0)
{
cfg->debug_file = stderr;
}
else
{
FILE *file = fopen(argv[i] + 11, "a");
if(file)
struct stat st;
FILE *file;
if(lstat(filename, &st) == 0)
{
cfg->debug_file = file;
if(S_ISREG(st.st_mode))
{
file = fopen(filename, "a");
if(file)
{
cfg->debug_file = file;
}
}
}
}
}