From 71240839dd1bfe2ce39c28d43ace740bab9b2ad7 Mon Sep 17 00:00:00 2001 From: des Date: Sun, 7 Apr 2002 20:43:27 +0000 Subject: Fix bug in previous commit that passed the wrong default value to login_getcapstr(3). Also fix a longer-standing bug (login_close(3) frees the string returned by login_getcapstr(3)) by reorganizing the code a little, and use login_getpwclass(3) instead of login_getclass(3) if we already have a struct pwd. Sponsored by: DARPA, NAI Labs --- lib/libpam/modules/pam_unix/pam_unix.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c index b1d68b7..8f03673 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.c +++ b/lib/libpam/modules/pam_unix/pam_unix.c @@ -139,12 +139,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char PAM_LOG("Got user: %s", user); - lc = login_getclass(NULL); - password_prompt = login_getcapstr(lc, "passwd_prompt", - password_prompt, NULL); - login_close(lc); - lc = NULL; - if (pwd != NULL) { PAM_LOG("Doing real authentication"); @@ -159,8 +153,12 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char PAM_RETURN(PAM_SUCCESS); } else { + lc = login_getpwclass(pwd); + password_prompt = login_getcapstr(lc, "passwd_prompt", + NULL, NULL); retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, password_prompt); + login_close(lc); if (retval != PAM_SUCCESS) PAM_RETURN(retval); PAM_LOG("Got password"); @@ -183,8 +181,12 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, int argc, const char * User unknown. * Encrypt a dummy password so as to not give away too much. */ + lc = login_getclass(NULL); + password_prompt = login_getcapstr(lc, "passwd_prompt", + NULL, NULL); retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, password_prompt); + login_close(lc); if (retval != PAM_SUCCESS) PAM_RETURN(retval); PAM_LOG("Got password"); -- cgit v1.1