X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=pam.c;h=68294b275451c2e3ee9a88700b413114a261d748;hb=31abd37c26c26892ce5e0d538c51fbc38ff3e05a;hp=e0f17a536012b6bca3bccad1f2a74a2f0458326c;hpb=ed7fb0a2f40f2f51304f676963a459f2986f5ea0;p=opendoas.git diff --git a/pam.c b/pam.c index e0f17a5..68294b2 100644 --- a/pam.c +++ b/pam.c @@ -14,6 +14,8 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" + #include #include @@ -21,10 +23,10 @@ #include #include #include -#ifdef HAVE_READPASSPHRASE_H +#ifdef HAVE_READPASSPHRASE # include #else -# include "readpassphrase.h" +# include "sys-readpassphrase.h" #endif #include #include @@ -35,7 +37,12 @@ #include -#include "includes.h" +#include "openbsd.h" +#include "doas.h" + +#ifndef HOST_NAME_MAX +#define HOST_NAME_MAX _POSIX_HOST_NAME_MAX +#endif #define PAM_SERVICE_NAME "doas" @@ -117,7 +124,7 @@ fail: for (i = 0; i < nmsgs; i++) { if (rsp[i].resp == NULL) continue; - switch (style = msgs[i]->msg_style) { + switch (msgs[i]->msg_style) { case PAM_PROMPT_ECHO_OFF: case PAM_PROMPT_ECHO_ON: explicit_bzero(rsp[i].resp, strlen(rsp[i].resp)); @@ -125,6 +132,7 @@ fail: } rsp[i].resp = NULL; } + free(rsp); return PAM_CONV_ERR; } @@ -305,9 +313,9 @@ pamauth(const char *user, const char *myname, int interactive, int nopass, int p warn("pam_set_item(?, PAM_USER, \"%s\"): %s", user, pam_strerror(pamh, ret)); - ret = pam_setcred(pamh, PAM_ESTABLISH_CRED); + ret = pam_setcred(pamh, PAM_REINITIALIZE_CRED); if (ret != PAM_SUCCESS) - warn("pam_setcred(?, PAM_ESTABLISH_CRED): %s", pam_strerror(pamh, ret)); + warn("pam_setcred(?, PAM_REINITIALIZE_CRED): %s", pam_strerror(pamh, ret)); else cred = 1; @@ -323,8 +331,13 @@ pamauth(const char *user, const char *myname, int interactive, int nopass, int p } /* return as child */ - if (child == 0) + if (child == 0) { +#ifdef USE_TIMESTAMP + if (fd != -1) + close(fd); +#endif return; + } #ifdef USE_TIMESTAMP if (fd != -1) {