* libmisc/non_interactive_pam_conv.c,

libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed. * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: non_interactive_password and non_interactive_pam_conv do not need to be externally visible. * libmisc/pam_pass_non_interractive.c: Added declaration of ni_conv. * libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM. * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: Added do_pam_passwd_non_interractive(). * src/chpasswd.c: Use do_pam_passwd_non_interractive().
2009-05-09 13:15:25 +00:00 · 2009-05-09 13:15:25 +00:00 · d1534c53f7
commit d1534c53f7
parent 19b672c3a4
5 changed files with 70 additions and 37 deletions
--- a/14
+++ b/14
@ -1,3 +1,17 @@
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/non_interactive_pam_conv.c,
+	libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed.
+	* libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+	non_interactive_password and non_interactive_pam_conv do not need
+	to be externally visible.
+	* libmisc/pam_pass_non_interractive.c: Added declaration of
+	ni_conv.
+	* libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM.
+	* libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+	Added do_pam_passwd_non_interractive().
+	* src/chpasswd.c: Use do_pam_passwd_non_interractive().
+
 2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>

 	* libmisc/pam_pass.c: Removed comment regarding pam_misc. This is
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@ -238,9 +238,10 @@ extern void motd (void);
 /* myname.c */
 extern /*@null@*/struct passwd *get_my_pwent (void);

-/* non_interactive_pam_conv.c */
-/*@null@*/ /*@only@*/extern char *non_interactive_password;
-extern struct pam_conv non_interactive_pam_conv;
+/* pam_pass_non_interractive.c */
+extern int do_pam_passwd_non_interractive (const char *pam_service,
+                                           const char *username,
+                                           const char* password)

 /* obscure.c */
 #ifndef USE_PAM
--- a/libmisc/Makefile.am
+++ b/libmisc/Makefile.am
@ -38,9 +38,9 @@ libmisc_a_SOURCES = \
 	mail.c \
 	motd.c \
 	myname.c \
-	non_interactive_pam_conv.c \
 	obscure.c \
 	pam_pass.c \
+	pam_pass_non_interractive.c \
 	pwd2spwd.c \
 	pwdcheck.c \
 	pwd_init.c \
--- a/libmisc/pam_pass_non_interractive.c
+++ b/libmisc/pam_pass_non_interractive.c
@ -31,6 +31,7 @@

 #ident "$Id:$"

+#ifdef USE_PAM
 #include <assert.h>
 #include <string.h>
 #include <stdio.h>
@ -38,13 +39,23 @@
 #include <security/pam_appl.h>
 #include "prototypes.h"

-/*@null@*/ /*@only@*/char *non_interactive_password = NULL;
+/*@null@*/ /*@only@*/static char *non_interactive_password = NULL;
+static int ni_conv (int num_msg,
+                    const struct pam_message **msg,
+                    struct pam_response **resp,
+                    unused void *appdata_ptr);
+static struct pam_conv non_interactive_pam_conv = {
+	ni_conv,
+	NULL
+};
+


 static int ni_conv (int num_msg,
                    const struct pam_message **msg,
                    struct pam_response **resp,
-                    unused void *appdata_ptr) {
+                    unused void *appdata_ptr)
+{
 	struct pam_response *responses;
 	int count;

@ -117,8 +128,38 @@ failed_conversation:
 	return PAM_CONV_ERR;
 }

-struct pam_conv non_interactive_pam_conv = {
-	ni_conv,
-	NULL
-};

+/*
+ * Change non interactively the user's password using PAM.
+ *
+ * Return 0 on success, 1 on failure.
+ */
+int do_pam_passwd_non_interractive (const char *pam_service,
+                                    const char *username,
+                                    const char* password)
+{
+	pam_handle_t *pamh = NULL;
+	int ret;
+
+	ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_start failure %d\n"),
+		         Prog, username, ret);
+		return 1;
+	}
+
+	non_interactive_password = password;
+	ret = pam_chauthtok (pamh, 0);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_chauthtok() failed, error:\n"
+		           "%s\n"),
+		         Prog, username, pam_strerror (pamh, ret));
+	}
+
+	(void) pam_end (pamh, PAM_SUCCESS);
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@ -465,35 +465,12 @@ int main (int argc, char **argv)
 		newpwd = cp;

 #ifdef USE_PAM
-		pam_handle_t *pamh = NULL;
-		int ret;
-		ret = pam_start ("chpasswd", name, &non_interactive_pam_conv, &pamh);
-		if (ret != PAM_SUCCESS) {
+		if (do_pam_passwd_non_interractive ("chpasswd", name, newpwd) != 0) {
 			fprintf (stderr,
-			         _("chpasswd: (user %s) pam_start failure %d\n"),
-			         name, ret);
-			fprintf (stderr,
-			         _("chpasswd: (user %s) password unchanged\n"),
-			         name);
-			errors++;
-			continue;
+			         _("%s: (line %d, user %s) password not changed\n"),
+			         Prog, line, name);
+			error++;
 		}
-
-		non_interactive_password = newpwd;
-		ret = pam_chauthtok (pamh, 0);
-		if (ret != PAM_SUCCESS) {
-			fprintf (stderr, _("chpasswd: (line %d, user %s) pam_chauthtok() failed, error:\n"
-			                   "          %s\n"),
-			                 line, name, pam_strerror (pamh, ret));
-			fprintf (stderr,
-			         _("chpasswd: (line %d, user %s) password unchanged\n"),
-			         line, name);
-			errors++;
-			continue;
-		}
-
-		(void) pam_end (pamh, PAM_SUCCESS);
-
 #else				/* !USE_PAM */
 		if (   !eflg
 		    && (   (NULL == crypt_method)