* src/login.c: Always check the return value of the pam_* APIs.

This commit is contained in:
nekral-guest 2008-09-20 21:17:26 +00:00
parent d400af51fa
commit 4d49f543dd
2 changed files with 24 additions and 6 deletions

View File

@ -1,3 +1,7 @@
2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Always check the return value of the pam_* APIs.
2008-09-20 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Use a dynamic buffer for usernames.

View File

@ -668,9 +668,11 @@ int main (int argc, char **argv)
/* if we didn't get a user on the command line,
set it to NULL */
pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
PAM_FAIL_CHECK;
if (pam_user[0] == '\0') {
pam_set_item (pamh, PAM_USER, NULL);
retcode = pam_set_item (pamh, PAM_USER, NULL);
PAM_FAIL_CHECK;
}
/*
@ -690,13 +692,19 @@ int main (int argc, char **argv)
#ifdef HAS_PAM_FAIL_DELAY
if (delay > 0) {
retcode = pam_fail_delay(pamh, 1000000*delay);
PAM_FAIL_CHECK;
}
#endif
retcode = pam_authenticate (pamh, 0);
pam_get_item (pamh, PAM_USER,
{
int saved_retcode = retcode;
retcode = pam_get_item (pamh, PAM_USER,
(const void **) ptr_pam_user);
PAM_FAIL_CHECK;
retcode = saved_retcode;
}
if ((NULL != pam_user) && ('\0' != pam_user[0])) {
pwd = xgetpwnam(pam_user);
@ -759,8 +767,13 @@ int main (int argc, char **argv)
fprintf (stderr, "\nLogin incorrect\n");
/* Let's give it another go around */
pam_set_item (pamh, PAM_USER, NULL);
/*
* Let's give it another go around.
* Even if a username was given on the command
* line, prompt again for the username.
*/
retcode = pam_set_item (pamh, PAM_USER, NULL);
PAM_FAIL_CHECK;
}
/* We don't get here unless they were authenticated above */
@ -778,6 +791,7 @@ int main (int argc, char **argv)
First get the username that we are actually using, though.
*/
retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
PAM_FAIL_CHECK;
if (NULL != username) {
free (username);
}