summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--libexec/rexecd/rexecd.c45
1 files changed, 8 insertions, 37 deletions
diff --git a/libexec/rexecd/rexecd.c b/libexec/rexecd/rexecd.c
index 05470ff..b056528 100644
--- a/libexec/rexecd/rexecd.c
+++ b/libexec/rexecd/rexecd.c
@@ -86,8 +86,6 @@ char default_shell[] = _PATH_BSHELL;
static void doit(struct sockaddr *);
static void getstr(char *, int, const char *);
static void error(const char *fmt, ...);
-static struct passwd *xgetpwnam(const char *, struct passwd *, char **,
- size_t *);
int no_uid_0 = 1;
@@ -136,10 +134,9 @@ doit(struct sockaddr *fromp)
{
char *cmdbuf, *cp;
int maxcmdlen;
- char userbuf[16], pass[16];
- struct passwd *pwd, pwd_storage;
- char *pwdbuf, *user;
- size_t pwdbuflen;
+ char user[16], pass[16];
+ struct passwd *pwd;
+ const void *item;
int fd, r, sd;
u_short port;
int pv[2], pid, cc, nfds;
@@ -189,22 +186,20 @@ doit(struct sockaddr *fromp)
if (connect(sd, fromp, fromp->sa_len) < 0)
exit(1);
}
- user = userbuf;
- getstr(userbuf, sizeof(userbuf), "username");
+ getstr(user, sizeof(user), "username");
getstr(pass, sizeof(pass), "password");
getstr(cmdbuf, maxcmdlen, "command");
(void) alarm(0);
- pwdbuflen = 0;
- pwdbuf = NULL;
if (!pam_ok(pam_start("rexecd", user, &pamc, &pamh)) ||
!pam_ok(pam_set_item(pamh, PAM_RHOST, remote)) ||
!pam_ok(pam_set_item(pamh, PAM_AUTHTOK, pass)) ||
!pam_ok(pam_authenticate(pamh, pam_flags)) ||
!pam_ok(pam_acct_mgmt(pamh, pam_flags)) ||
- !pam_ok(pam_get_item(pamh, PAM_USER, (const void **)&user)) ||
- (pwd = xgetpwnam(user, &pwd_storage, &pwdbuf,
- &pwdbuflen)) == NULL || (pwd->pw_uid == 0 && no_uid_0)) {
+ !pam_ok(pam_get_item(pamh, PAM_USER, &item)) || item == NULL ||
+ strlen(item) >= sizeof(user) || strcpy(user, item) == NULL ||
+ (pwd = getpwnam(user)) == NULL ||
+ (pwd->pw_uid == 0 && no_uid_0)) {
syslog(LOG_ERR, "%s LOGIN REFUSED from %s", user, remote);
error("Login incorrect.\n");
exit(1);
@@ -329,27 +324,3 @@ getstr(char *buf, int cnt, const char *field)
}
} while (c != 0);
}
-
-static struct passwd *
-xgetpwnam(const char *user, struct passwd *pwd_storage, char **pwdbuf,
- size_t *pwdbuflen)
-{
- struct passwd *pwd;
- size_t needed;
- int rv;
-
- needed = (*pwdbuflen == 0) ? BUFSIZ : *pwdbuflen;
- pwd = NULL;
- do {
- if (needed != *pwdbuflen) {
- if ((*pwdbuf = reallocf(*pwdbuf, needed)) == NULL) {
- syslog(LOG_ERR, "Cannot allocate memory");
- error("Cannot allocate memory.\n");
- exit(1);
- } else
- *pwdbuflen = needed;
- }
- rv = getpwnam_r(user, pwd_storage, *pwdbuf, *pwdbuflen, &pwd);
- } while (pwd == NULL && rv == ERANGE && (needed <<= 1));
- return pwd;
-}
OpenPOWER on IntegriCloud