From 646ea20decc87530f871e5c56e96980c93fcf391 Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Sat, 13 Dec 2008 22:45:22 +0000
Subject: Flatten and clean up.

---
 contrib/openpam/bin/su/su.c | 188 --------------------------------------------
 1 file changed, 188 deletions(-)
 delete mode 100644 contrib/openpam/bin/su/su.c

(limited to 'contrib/openpam/bin/su/su.c')

diff --git a/contrib/openpam/bin/su/su.c b/contrib/openpam/bin/su/su.c
deleted file mode 100644
index 4c7d0eb..0000000
--- a/contrib/openpam/bin/su/su.c
+++ /dev/null
@@ -1,188 +0,0 @@
-/*-
- * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2007 Dag-Erling Smørgrav
- * All rights reserved.
- *
- * This software was developed for the FreeBSD Project by ThinkSec AS and
- * Network Associates Laboratories, the Security Research Division of
- * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
- * ("CBOSS"), as part of the DARPA CHATS research program.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: su.c 408 2007-12-21 11:36:24Z des $
- */
-
-#include <sys/param.h>
-#include <sys/wait.h>
-
-#include <err.h>
-#include <grp.h>
-#include <pwd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <syslog.h>
-#include <unistd.h>
-
-#include <security/pam_appl.h>
-#include <security/openpam.h>	/* for openpam_ttyconv() */
-
-extern char **environ;
-
-static pam_handle_t *pamh;
-static struct pam_conv pamc;
-
-static void
-usage(void)
-{
-
-	fprintf(stderr, "Usage: su [login [args]]\n");
-	exit(1);
-}
-
-int
-main(int argc, char *argv[])
-{
-	char hostname[MAXHOSTNAMELEN];
-	const char *user, *tty;
-	const void *item;
-	char **args, **pam_envlist, **pam_env;
-	struct passwd *pwd;
-	int o, pam_err, status;
-	pid_t pid;
-
-	while ((o = getopt(argc, argv, "h")) != -1)
-		switch (o) {
-		case 'h':
-		default:
-			usage();
-		}
-
-	argc -= optind;
-	argv += optind;
-
-	if (argc > 0) {
-		user = *argv;
-		--argc;
-		++argv;
-	} else {
-		user = "root";
-	}
-
-	/* initialize PAM */
-	pamc.conv = &openpam_ttyconv;
-	pam_start("su", user, &pamc, &pamh);
-
-	/* set some items */
-	gethostname(hostname, sizeof(hostname));
-	if ((pam_err = pam_set_item(pamh, PAM_RHOST, hostname)) != PAM_SUCCESS)
-		goto pamerr;
-	user = getlogin();
-	if ((pam_err = pam_set_item(pamh, PAM_RUSER, user)) != PAM_SUCCESS)
-		goto pamerr;
-	tty = ttyname(STDERR_FILENO);
-	if ((pam_err = pam_set_item(pamh, PAM_TTY, tty)) != PAM_SUCCESS)
-		goto pamerr;
-
-	/* authenticate the applicant */
-	if ((pam_err = pam_authenticate(pamh, 0)) != PAM_SUCCESS)
-		goto pamerr;
-	if ((pam_err = pam_acct_mgmt(pamh, 0)) == PAM_NEW_AUTHTOK_REQD)
-		pam_err = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-	if (pam_err != PAM_SUCCESS)
-		goto pamerr;
-
-	/* establish the requested credentials */
-	if ((pam_err = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS)
-		goto pamerr;
-
-	/* authentication succeeded; open a session */
-	if ((pam_err = pam_open_session(pamh, 0)) != PAM_SUCCESS)
-		goto pamerr;
-
-	/* get mapped user name; PAM may have changed it */
-	pam_err = pam_get_item(pamh, PAM_USER, &item);
-	if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user = item)) == NULL)
-		goto pamerr;
-
-	/* export PAM environment */
-	if ((pam_envlist = pam_getenvlist(pamh)) != NULL) {
-		for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) {
-			putenv(*pam_env);
-			free(*pam_env);
-		}
-		free(pam_envlist);
-	}
-
-	/* build argument list */
-	if ((args = calloc(argc + 2, sizeof *args)) == NULL) {
-		warn("calloc()");
-		goto err;
-	}
-	*args = pwd->pw_shell;
-	memcpy(args + 1, argv, argc * sizeof *args);
-
-	/* fork and exec */
-	switch ((pid = fork())) {
-	case -1:
-		warn("fork()");
-		goto err;
-	case 0:
-		/* child: give up privs and start a shell */
-
-		/* set uid and groups */
-		if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
-			warn("initgroups()");
-			_exit(1);
-		}
-		if (setgid(pwd->pw_gid) == -1) {
-			warn("setgid()");
-			_exit(1);
-		}
-		if (setuid(pwd->pw_uid) == -1) {
-			warn("setuid()");
-			_exit(1);
-		}
-		execve(*args, args, environ);
-		warn("execve()");
-		_exit(1);
-	default:
-		/* parent: wait for child to exit */
-		waitpid(pid, &status, 0);
-
-		/* close the session and release PAM resources */
-		pam_err = pam_close_session(pamh, 0);
-		pam_end(pamh, pam_err);
-
-		exit(WEXITSTATUS(status));
-	}
-
-pamerr:
-	fprintf(stderr, "Sorry\n");
-err:
-	pam_end(pamh, pam_err);
-	exit(1);
-}
-- 
cgit v1.1