Actually open pam sessions

[opendoas.git] / libopenbsd / auth_userokay.c
diff --git a/libopenbsd/auth_userokay.c b/libopenbsd/auth_userokay.c

index 277497673befcda339f7b290046ba2bf02645a9d..6a9841b3b198a343103c3e31227822a80585bb3f 100644 (file)
--- a/libopenbsd/auth_userokay.c
+++ b/libopenbsd/auth_userokay.c
@@ -18,27 +18,26 @@
  #include <err.h>
  #include <errno.h>
  #include <pwd.h>
-#include <readpassphrase.h>
  #include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
  
  #include <security/pam_appl.h>
  
-#include "openbsd.h"
+#include "includes.h"
  
-#define PAM_SERVICE "sudo"
-
-#define __UNUSED __attribute__ ((unused))
+#define PAM_SERVICE_NAME "doas"
  
  static char *
-pam_prompt(const char *msg, int echo_on)
+pam_prompt(const char *msg, int echo_on, int *pam)
  {
         char buf[PAM_MAX_RESP_SIZE];
         int flags = RPP_REQUIRE_TTY | (echo_on ? RPP_ECHO_ON : RPP_ECHO_OFF);
         char *ret = readpassphrase(msg, buf, sizeof(buf), flags);
-       if (ret)
-               ret = strdup(ret);
+       if (!ret)
+               *pam = PAM_CONV_ERR;
+       else if (!(ret = strdup(ret)))
+               *pam = PAM_BUF_ERR;
         explicit_bzero(buf, sizeof(buf));
         return ret;
  }
@@ -47,8 +46,9 @@ static int
  pam_conv(int nmsgs, const struct pam_message **msgs,
                 struct pam_response **rsps, __UNUSED void *ptr)
  {
-       int i, style;
         struct pam_response *rsp;
+       int i, style;
+       int pam = PAM_SUCCESS;
  
         if (!(rsp = calloc(nmsgs, sizeof(struct pam_response))))
                 errx(1, "couldn't malloc pam_response");
@@ -59,13 +59,14 @@ pam_conv(int nmsgs, const struct pam_message **msgs,
                 case PAM_PROMPT_ECHO_OFF:
                 case PAM_PROMPT_ECHO_ON:
                         rsp[i].resp = pam_prompt(msgs[i]->msg,
-                                       style == PAM_PROMPT_ECHO_ON);
+                                       style == PAM_PROMPT_ECHO_ON, &pam);
                         break;
  
                 case PAM_ERROR_MSG:
                 case PAM_TEXT_INFO:
-                       fprintf(style == PAM_ERROR_MSG ? stderr : stdout,
-                                       "%s\n", msgs[i]->msg);
+                       if (fprintf(style == PAM_ERROR_MSG ? stderr : stdout,
+                                       "%s\n", msgs[i]->msg) < 0)
+                               pam = PAM_CONV_ERR;
                         break;
  
                 default:
@@ -92,17 +93,20 @@ auth_userokay(char *name, char *style, char *type, char *password)
         if (style || type || password)
                 errx(1, "auth_userokay(name, NULL, NULL, NULL)!\n");
  
-       ret = pam_start(PAM_SERVICE, name, &conv, &pamh);
+       ret = pam_start(PAM_SERVICE_NAME, name, &conv, &pamh);
         if (ret != PAM_SUCCESS)
                 errx(1, "pam_start(\"%s\", \"%s\", ?, ?): failed\n",
-                               PAM_SERVICE, name);
+                               PAM_SERVICE_NAME, name);
  
         auth = pam_authenticate(pamh, 0);
  
+       ret = pam_open_session(pamh, 0);
+       if (ret != PAM_SUCCESS)
+               errx(1, "pam_open_session(): %s\n", pam_strerror(pamh, ret));
+
         ret = pam_close_session(pamh, 0);
         if (ret != PAM_SUCCESS)
                 errx(1, "pam_close_session(): %s\n", pam_strerror(pamh, ret));
  
         return auth == PAM_SUCCESS;
  }
-