1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-03-15 18:29:16 +01:00

fsync() wants file descriptor

Also, truncate file before writing if the challenge length has
changed (became shorter) or garbage has otherwise been appended.
This commit is contained in:
Fredrik Thulin 2011-03-14 12:48:32 +01:00 committed by Tollef Fog Heen
parent ee2e8b42da
commit dc6cd95a98

View File

@ -450,7 +450,7 @@ do_challenge_response(struct cfg *cfg, const char *username)
FILE *f = NULL; FILE *f = NULL;
char challenge_hex[64], expected_response[64]; char challenge_hex[64], expected_response[64];
char challenge[32]; char challenge[32];
int r, slot, ret; int r, slot, ret, fd;
unsigned char response[64]; unsigned char response[64];
unsigned char response_hex[sizeof(response) * 2]; unsigned char response_hex[sizeof(response) * 2];
@ -524,11 +524,22 @@ do_challenge_response(struct cfg *cfg, const char *username)
20, 20,
&response_len)) &response_len))
goto out; goto out;
/* the yk_* functions leave 'junk' in errno */
errno = 0;
yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len); yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len);
rewind(f); rewind(f);
fprintf(f, "%s:%s:%d\n", challenge_hex, response_hex, slot); fd = fileno(f);
if (fsync(f) < 0) if (fd == -1)
goto out; goto out;
if (ftruncate(fd, 0))
goto out;
fprintf(f, "%s:%s:%d\n", challenge_hex, response_hex, slot);
if (fsync(fd) < 0)
goto out;
D(("Challenge-response success!"));
out: out:
if (yk_errno) { if (yk_errno) {