Commit Graph

84 Commits

Author SHA1 Message Date
nekral-guest
332a50c273 * src/login.c: Removed temp_shell. No more used.
* src/login.c: lastlog is only used #ifndef USE_PAM
	* src/login.c: Rename lastlog to ll to avoid name clash with the
	lastlog type.
2009-04-22 20:03:26 +00:00
nekral-guest
790dbb07fc * src/login.c: Added update_utmp() to group the prepare_utmp and
setutmp (and the utmpx versions).
2009-04-22 19:58:39 +00:00
nekral-guest
f59a69f4b6 * src/login.c: Do not include netdb.h. gethostbyname() is no more
called from within login.c. Also UT_ADDR does not exist anymore.
2009-04-22 19:54:28 +00:00
nekral-guest
efcbbc3d74 * src/login.c: Check if login is run with effective root
privileges. This should be more helpful to users than a failure to
	find an utmp entry or failure to access a file.
2009-04-21 22:46:01 +00:00
nekral-guest
82c1a583f8 * libmisc/utmp.c: Reworked. Get rid of Linux specific stuff. Get rid
of global utent/utxent variables. Only reuse the ut_id and maybe
	the ut_host fields from utmp.
	* lib/prototypes.h, libmisc/utmp.c: Removed checkutmp(),
	setutmp(), setutmpx().
	* lib/prototypes.h, libmisc/utmp.c: Added get_current_utmp(),
	prepare_utmp(), prepare_utmpx(), setutmp(), setutmpx().
	* libmisc/utmp.c (is_my_tty): Only compare the name of the utmp
	line with ttyname(). (No stat of the two terminals to compare the
	devices).
	* libmisc/utmp.c: Use getaddrinfo() to get the address of the
	host.
	* configure.in: Check for getaddrinfo().
	* configure.in: Use AC_CHECK_MEMBERS to check for the existence of
	fields in the utmp/utmpx structures.
	* configure.in: Reject systems with utmpx support but no ut_id
	field in utmp. This could be fixed later if needed.
	* src/login.c: Use the new utmp functions. This also simplifies
	the failtmp() handling.
	* src/login.c: passwd_free() renamed to pw_free() and
	shadow_free() renamed to spw_free()
2009-04-21 22:39:14 +00:00
nekral-guest
18fdfee274 * src/login.c: Get rid of pwent. pwd is sufficient as long as it
is always coming from xgetpwnam. There is no need to copy pwd to
	pwent, this was not a good idea anyway as the strings from pwd
	were not duplicated.
	* src/login.c: Always free the pwd and spwd structure when we
	retrieve a new one. This will clear the password of the previous
	user from the memory.
	* src/login.c: user_passwd is used to keep point to the password
	of the user being authenticated.
	* src/login.c: (non PAM) Fail if the user's entry cannot be found
	after the user updated her password (if expire() requested an
	update).
	* src/login.c: If the user does not exist on the system, there is
	no need to build a pwd structure (with shell).
2009-04-20 13:29:15 +00:00
nekral-guest
a6ac4dda75 * src/login.c: ttytype already checks for TTYTYPE_FILE and TERM.
Just call ttytype.
2009-04-20 13:12:09 +00:00
nekral-guest
29c3763f9c Re-indent. 2009-04-20 13:10:20 +00:00
nekral-guest
c694843da5 * src/login.c: Open the PAM session before pam_setcred and before
initgroups. This is more consistent with rfc86.0.
2009-04-20 12:54:17 +00:00
nekral-guest
432faba3e1 * src/login.c: Added helper functions get_pam_user() and
get_failent_user().
2009-04-20 12:47:04 +00:00
nekral-guest
70e1a5c9b6 * src/login.c: Added parameter to check_nologin. This will help
getting rid of the global pwent variable.
2009-04-20 12:33:01 +00:00
nekral-guest
61c1d100dc * src/login.c: Added comments.
* src/login.c: Close the user and group files before dropping root
	privileges.
2009-04-20 12:27:27 +00:00
nekral-guest
3508f7dccc * src/login.c: We do not need to keep the old umask. Discard the
umask() return value.
2009-04-20 12:17:38 +00:00
nekral-guest
1bcf2ffb59 * libmisc/hushed.c, lib/prototypes.h, src/login.c: Change the
hushed() prototype to take a username instead of a passwd
	structure in argument. The passwd entry is retrieved withing
	hushed().
2009-04-20 11:48:59 +00:00
nekral-guest
a87e747049 * libmisc/failure.h, libmisc/failure.c, src/login.c: Added
username as first parameter of failtmp to avoid issues with
	non-null terminated ut_user, unavailability of ut_user, incomplete
	username (that should not happen currently).
2009-04-20 11:37:41 +00:00
nekral-guest
131e95ffaf * NEWS, src/login.c: Also check if the authentication token of the
user has to be updated in case the user was already authenticated.
2009-04-19 16:22:17 +00:00
nekral-guest
ca10b825c7 * src/login.c: fflg is already restricted to root. Move
pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
	simplifies the code.
2009-04-19 16:09:00 +00:00
nekral-guest
8156c3b0be * src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
not get set to unsanitized values.
2009-04-19 13:33:24 +00:00
nekral-guest
5298ac3dd9 * NEWS, src/login.c: Do not trust the current utmp entry's ut_line
to set PAM_TTY.
2009-04-17 20:40:26 +00:00
nekral-guest
a24058d660 * NEWS, srclib/getlong.c: Fix parsing of octal numbers.
* NEWS, src/login.c: Fix segfault when no user is provided on the
	command line.
2009-04-15 17:50:17 +00:00
nekral-guest
08a212ccae * src/login.c: Restore the echoctl, echoke, onclr flags to the
terminal termio flags. Reset echoprt, noflsh, tostop. This
	behavior seems to have change by mistake in earlier releases
	(4.0.8, for no obvious reason).
2009-04-12 00:17:36 +00:00
nekral-guest
64a9f33ffa * src/login.c: Fix the count of failures before login exits in
case of PAM enabled configurations.
2009-04-12 00:08:26 +00:00
nekral-guest
ac305b82a4 Fix typo. 2009-04-11 19:18:38 +00:00
nekral-guest
cab74eddef * lib/prototypes.h, libmisc/age.c, src/expiry.c, src/login.c: A
shadow entry is now sufficient for agecheck. Remove the first
	passwd entry parameter.
2009-04-11 18:37:08 +00:00
nekral-guest
1df7433e44 Fix typo. 2008-12-22 22:13:50 +00:00
nekral-guest
a324a7f13f * NEWS, libmisc/chowntty.c, libmisc/utmp.c: is_my_tty() moved from
utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
	entry if the pid matches and ut_line matches with the current tty.
	This fixes a possible DOS when entries can be forged in the utmp
	file.
	* libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
	tty argument from chown_tty. chown_tty always changes stdin and
	does not need this argument anymore.
2008-11-22 23:56:11 +00:00
nekral-guest
4d49f543dd * src/login.c: Always check the return value of the pam_* APIs. 2008-09-20 21:17:26 +00:00
nekral-guest
d400af51fa * src/login.c, man/login.1.xml: the username is not an optional
parameter of -f. Fix the getopt optstring, remove the parsing of
	username in the -f processing block, and remove unnecessary checks
	(username cannot be parsed twice anymore), better documentation of
	the synopsis.
2008-09-20 20:20:19 +00:00
nekral-guest
c8d2175981 * src/login.c: Erase the username later since it it used for the
fake password check (in case of empty password).
2008-09-20 20:05:22 +00:00
nekral-guest
11c7543c76 * src/login.c: Explicitly tag the end of the #ifdef RLOGIN
sections.
2008-09-20 20:03:04 +00:00
nekral-guest
29d4533047 * src/login.c: Check that no username is specified with -r.
* src/login.c: Make sure a username is specified with -f.
2008-09-20 20:00:51 +00:00
nekral-guest
c813e692a2 * src/login.c: Copy the name of the user authenticated by PAM to
username. This simplify later logging (avoid USE_PAM
	conditional).
2008-09-20 19:54:35 +00:00
nekral-guest
65e32d850c * src/login.c: Use a dynamic buffer for usernames. 2008-09-20 19:44:12 +00:00
nekral-guest
9f2ce12b28 * src/login.c: Existence of pam_user was already checked. pwd was
already copied to pwent. Remove duplicated code.
2008-09-20 16:23:04 +00:00
nekral-guest
f4860274be * src/login.c: check_flags() renamed process_flags(). All flag
processing blocs moved to process_flags().
2008-09-20 16:21:46 +00:00
nekral-guest
54a0762bbb * src/login.c: Re-indent. 2008-09-20 14:39:09 +00:00
nekral-guest
1e3f19ad89 * src/login.c: Add missing closing }. This was probably never
noticed because UT_ADDR is never defined.
2008-09-20 14:21:51 +00:00
nekral-guest
5b73a0492d * src/login.c: Do not mix USE_PAM and !USE_PAM code. 2008-09-20 14:17:20 +00:00
nekral-guest
9fa519c983 * src/login.c: Use failent_user to log to audit. username is the
caller, not the user login tries to authenticate.
	* src/login.c: Use pwd->pw_name instead of pwd->pw_uid. This might
	be more precise (name must be unique, uid might not be).
2008-09-20 13:20:31 +00:00
nekral-guest
ee4e367ea8 * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
	src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
	src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
	static to the file) so that it can be used by the helper functions
	of libmisc.
	* lib/prototypes.h: Added extern char *Prog.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
	program name with the warning.
2008-09-06 12:51:53 +00:00
nekral-guest
cd6a300222 * configure.in, src/login.c: Do not use HAVE_PAM_FAIL_DELAY, but
HAS_PAM_FAIL_DELAY, to avoid a redefinition with Linux PAM.
2008-08-31 17:27:16 +00:00
nekral-guest
538600ef48 * src/chfn.c, src/chsh.c, src/groupdel.c, src/groupmems.c,
src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c,
	src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c,
	src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c,
	src/vipw.c: Complete the switch from the `' quotation style to ''.
	Do it also in SYSLOG messages. Quote some parameters. All this
	permits to merge some messages.
2008-08-06 15:51:52 +00:00
nekral-guest
276e406c0f * README, NEWS, configure.in, lib/pam_defs.h, src/login.c: Add
support for OpenPAM.
2008-07-21 21:14:06 +00:00
nekral-guest
21c692d23f Re-inject the changes from 4.1.2.1. 2008-07-11 22:20:43 +00:00
nekral-guest
3a03794bb6 * src/login.c: Ignore the return value of signal().
* src/login.c: Use a %lu format and cast group and user IDs to
	unsigned long integers.
	* src/login.c: Ignore return value of setlocale(),
	bindtextdomain(), and textdomain().
2008-06-13 21:25:15 +00:00
nekral-guest
a0dae7557c * src/login.c: Avoid multi-statements lines.
* src/login.c: Ignore the return value of pam_end() before
	exiting.
	* src/login.c: Use a bool when possible instead of int integers.
	* src/login.c: Add brackets and parenthesis.
	* src/login.c: Ignore the return values of fflush(), putchar(), puts().
	* src/login.c: Ignore the return value of fclose() for read-only
	files.
	* src/login.c: Avoid assignments in comparisons.
	* src/login.c: Ignore return value of setlocale(),
	bindtextdomain(), and textdomain().
2008-06-10 18:56:23 +00:00
nekral-guest
fb4271bdf9 Import Debian patch 434_login_stop_checking_args_after--
* NEWS, src/login.c (check_flags): Stop checking the arguments
	after --. The later options will be sent to the shell, and do not
	need to be checked.
2008-05-18 14:54:35 +00:00
nekral-guest
c7302b61ef Make sure every source files are distributed with a copyright and license.
Files with no license use the default 3-clauses BSD license. The copyright
were mostly not recorded; they were updated according to the Changelog.
"Julianne Frances Haugh and contributors" changed to "copyright holders
and contributors".
2008-04-27 00:40:09 +00:00
nekral-guest
7baffa5e74 Ensure that getpwent() is used in setpwent(), getpwent(),
endpwend() sequences (ditto for getgrent(), getspent(), and
getsgent()). The only real (minor) issue was in login, which kept
the passwd file open.
* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
  getspnam is called in the middle).
* libmisc/find_new_ids.c: Make sure to close the password and
  group files with endpwent() and endgrent().
* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
  is called before).
* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
  src/groups.c: Make sure to close
  the password file with endpwent().
* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
  called before).
* src/login.c, src/newgrp.c: Fix typos in comments.
2008-04-16 21:52:46 +00:00
nekral-guest
d94602add8 login_access() is used in src/login.c, and defined in src/login_nopam.c
(which lacks a prototype). Move its prototype from src/login.c to
lib/prototypes.h.
2008-03-17 23:04:46 +00:00