X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=pam.c;h=68294b275451c2e3ee9a88700b413114a261d748;hb=a1ab056bccfe66d4f03b96e3f83168a3732e56f4;hp=ccebd0fe98105499e81555bd5d15b3335cec3258;hpb=b1ae418af40289ea4f40449a819df26ee3bdd399;p=opendoas.git diff --git a/pam.c b/pam.c index ccebd0f..68294b2 100644 --- a/pam.c +++ b/pam.c @@ -14,6 +14,8 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" + #include #include @@ -21,10 +23,10 @@ #include #include #include -#ifdef HAVE_READPASSPHRASE_H +#ifdef HAVE_READPASSPHRASE # include #else -# include "readpassphrase.h" +# include "sys-readpassphrase.h" #endif #include #include @@ -35,7 +37,12 @@ #include -#include "includes.h" +#include "openbsd.h" +#include "doas.h" + +#ifndef HOST_NAME_MAX +#define HOST_NAME_MAX _POSIX_HOST_NAME_MAX +#endif #define PAM_SERVICE_NAME "doas" @@ -117,7 +124,7 @@ fail: for (i = 0; i < nmsgs; i++) { if (rsp[i].resp == NULL) continue; - switch (style = msgs[i]->msg_style) { + switch (msgs[i]->msg_style) { case PAM_PROMPT_ECHO_OFF: case PAM_PROMPT_ECHO_ON: explicit_bzero(rsp[i].resp, strlen(rsp[i].resp)); @@ -125,6 +132,7 @@ fail: } rsp[i].resp = NULL; } + free(rsp); return PAM_CONV_ERR; } @@ -271,9 +279,6 @@ pamauth(const char *user, const char *myname, int interactive, int nopass, int p if (!interactive) errx(1, "Authorization required"); -#ifndef HOST_NAME_MAX -#define HOST_NAME_MAX _POSIX_HOST_NAME_MAX -#endif /* doas style prompt for pam */ char host[HOST_NAME_MAX + 1]; if (gethostname(host, sizeof(host))) @@ -308,9 +313,9 @@ pamauth(const char *user, const char *myname, int interactive, int nopass, int p warn("pam_set_item(?, PAM_USER, \"%s\"): %s", user, pam_strerror(pamh, ret)); - ret = pam_setcred(pamh, PAM_ESTABLISH_CRED); + ret = pam_setcred(pamh, PAM_REINITIALIZE_CRED); if (ret != PAM_SUCCESS) - warn("pam_setcred(?, PAM_ESTABLISH_CRED): %s", pam_strerror(pamh, ret)); + warn("pam_setcred(?, PAM_REINITIALIZE_CRED): %s", pam_strerror(pamh, ret)); else cred = 1;