*/
#include <sys/types.h>
+
#include <err.h>
#include <errno.h>
+#include <limits.h>
#include <pwd.h>
+#ifdef HAVE_READPASSPHRASE_H
+# include <readpassphrase.h>
+#else
+# include "readpassphrase.h"
+#endif
+#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <unistd.h>
#include <sys/wait.h>
-#include <signal.h>
-#ifdef __linux__
-#include <limits.h>
-#endif
+#include <unistd.h>
#include <security/pam_appl.h>
-#include "doas.h"
#include "includes.h"
#define PAM_SERVICE_NAME "doas"
void
pamcleanup(int ret)
{
- if (session_opened)
+ if (session_opened != 0) {
ret = pam_close_session(pamh, 0);
if (ret != PAM_SUCCESS)
errx(1, "pam_close_session: %s", pam_strerror(pamh, ret));
-
- if (cred_established)
+ }
+ if (cred_established != 0) {
ret = pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
if (ret != PAM_SUCCESS)
warn("pam_setcred(?, PAM_DELETE_CRED | PAM_SILENT): %s",
pam_strerror(pamh, ret));
-
+ }
pam_end(pamh, ret);
}
{
sigset_t sigs;
struct sigaction act, oldact;
- int status;
+ int status = 1;
/* block signals */
sigfillset(&sigs);
status = 1;
close:
- if (caught_signal) {
+ if (caught_signal && child != (pid_t)-1) {
fprintf(stderr, "\nSession terminated, killing shell\n");
kill(child, SIGTERM);
}
pamcleanup(PAM_SUCCESS);
if (caught_signal) {
- /* kill child */
- sleep(2);
- kill(child, SIGKILL);
- fprintf(stderr, " ...killed.\n");
+ if (child != (pid_t)-1) {
+ /* kill child */
+ sleep(2);
+ kill(child, SIGKILL);
+ fprintf(stderr, " ...killed.\n");
+ }
/* unblock cached signal and resend */
sigaction(SIGTERM, &oldact, NULL);