diff options
author | des <des@FreeBSD.org> | 2002-04-07 20:43:27 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2002-04-07 20:43:27 +0000 |
commit | 71240839dd1bfe2ce39c28d43ace740bab9b2ad7 (patch) | |
tree | 8b46e5ad9f65994144de5cf217597afd621719a3 /lib/libpam | |
parent | e6465566f6e10aa3dceecf6aff40a5dfcef981e2 (diff) | |
download | FreeBSD-src-71240839dd1bfe2ce39c28d43ace740bab9b2ad7.zip FreeBSD-src-71240839dd1bfe2ce39c28d43ace740bab9b2ad7.tar.gz |
Fix bug in previous commit that passed the wrong default value to
login_getcapstr(3). Also fix a longer-standing bug (login_close(3)
frees the string returned by login_getcapstr(3)) by reorganizing the
code a little, and use login_getpwclass(3) instead of login_getclass(3)
if we already have a struct pwd.
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'lib/libpam')
-rw-r--r-- | lib/libpam/modules/pam_unix/pam_unix.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c index b1d68b7..8f03673 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.c +++ b/lib/libpam/modules/pam_unix/pam_unix.c @@ -139,12 +139,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char PAM_LOG("Got user: %s", user); - lc = login_getclass(NULL); - password_prompt = login_getcapstr(lc, "passwd_prompt", - password_prompt, NULL); - login_close(lc); - lc = NULL; - if (pwd != NULL) { PAM_LOG("Doing real authentication"); @@ -159,8 +153,12 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char PAM_RETURN(PAM_SUCCESS); } else { + lc = login_getpwclass(pwd); + password_prompt = login_getcapstr(lc, "passwd_prompt", + NULL, NULL); retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, password_prompt); + login_close(lc); if (retval != PAM_SUCCESS) PAM_RETURN(retval); PAM_LOG("Got password"); @@ -183,8 +181,12 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char * User unknown. * Encrypt a dummy password so as to not give away too much. */ + lc = login_getclass(NULL); + password_prompt = login_getcapstr(lc, "passwd_prompt", + NULL, NULL); retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, password_prompt); + login_close(lc); if (retval != PAM_SUCCESS) PAM_RETURN(retval); PAM_LOG("Got password"); |