From 88dfad04754b515a37f4e9e42d148dcbb94385e1 Mon Sep 17 00:00:00 2001 From: markm Date: Mon, 9 Jul 2001 18:20:51 +0000 Subject: Clean up (and in some cases write) the PAM mudules, using o The new options-processing API o The new DEBUG-logging API Add man(1) pages for ALL modules. MDOC-Police welcome to check this. Audit, clean up while I'm here. --- lib/libpam/modules/pam_securetty/pam_securetty.c | 43 ++++++++++++++---------- 1 file changed, 25 insertions(+), 18 deletions(-) (limited to 'lib/libpam/modules/pam_securetty/pam_securetty.c') diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.c b/lib/libpam/modules/pam_securetty/pam_securetty.c index fe04b3c..aecabce 100644 --- a/lib/libpam/modules/pam_securetty/pam_securetty.c +++ b/lib/libpam/modules/pam_securetty/pam_securetty.c @@ -41,42 +41,51 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv) { - struct ttyent *ttyfileinfo; - struct passwd *user_pwd; - int i, options, retval; - const char *username, *ttyname; + struct options options; + struct ttyent *ttyfileinfo; + struct passwd *user_pwd; + int retval; + const char *user, *ttyname; - options = 0; - for (i = 0; i < argc; i++) - pam_std_option(&options, argv[i]); + pam_std_option(&options, NULL, argc, argv); - retval = pam_get_user(pamh, &username, NULL); + PAM_LOG("Options processed"); + + retval = pam_get_user(pamh, &user, NULL); if (retval != PAM_SUCCESS) - return retval; + PAM_RETURN(retval); + + PAM_LOG("Got user: %s", user); retval = pam_get_item(pamh, PAM_TTY, (const void **)&ttyname); if (retval != PAM_SUCCESS) - return retval; + PAM_RETURN(retval); + + PAM_LOG("Got TTY: %s", ttyname); /* Ignore any "/dev/" on the PAM_TTY item */ if (strncmp(TTY_PREFIX, ttyname, sizeof(TTY_PREFIX) - 1) == 0) ttyname += sizeof(TTY_PREFIX) - 1; /* If the user is not root, secure ttys do not apply */ - user_pwd = getpwnam(username); + user_pwd = getpwnam(user); if (user_pwd == NULL) - return PAM_IGNORE; + PAM_RETURN(PAM_IGNORE); else if (user_pwd->pw_uid != 0) - return PAM_SUCCESS; + PAM_RETURN(PAM_SUCCESS); + + PAM_LOG("User is not root"); ttyfileinfo = getttynam(ttyname); if (ttyfileinfo == NULL) - return PAM_SERVICE_ERR; + PAM_RETURN(PAM_SERVICE_ERR); + + PAM_LOG("Got ttyfileinfo"); if (ttyfileinfo->ty_status & TTY_SECURE) - return PAM_SUCCESS; + PAM_RETURN(PAM_SUCCESS); else - return PAM_PERM_DENIED; + PAM_RETURN(PAM_PERM_DENIED); } PAM_EXTERN @@ -86,6 +95,4 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) return PAM_SUCCESS; } -/* end of module definition */ - PAM_MODULE_ENTRY("pam_securetty"); -- cgit v1.1