diff options
| author | Thorsten Kukuk <kukuk@suse.com> | 2023-02-14 14:57:40 +0100 |
|---|---|---|
| committer | Thorsten Kukuk <5908016+thkukuk@users.noreply.github.com> | 2023-02-14 22:09:13 +0100 |
| commit | 244b46908df930626535c0cd7c2867407fe8714a (patch) | |
| tree | 246472bae38ec8a027c40b0eff4b95006304f532 | |
| parent | a21920f8a51951d8dea69fe8720ef9437eb49830 (diff) | |
| download | linux-pam-git-244b46908df930626535c0cd7c2867407fe8714a.tar.gz | |
libpam: use getlogin() from libc and not utmp
utmp uses 32bit time_t for compatibility with 32bit userland on some
64bit systems and is thus not Y2038 safe. Use getlogin() from libc
which avoids using utmp and is more safe than the old utmp-based
implementation by using /proc/self/loginuid.
* libpam/pam_modutil_getlogin.c: Use getlogin() instead of parsing utmp
| -rw-r--r-- | libpam/pam_modutil_getlogin.c | 52 |
1 files changed, 11 insertions, 41 deletions
diff --git a/libpam/pam_modutil_getlogin.c b/libpam/pam_modutil_getlogin.c index 04a20fd8..633dd676 100644 --- a/libpam/pam_modutil_getlogin.c +++ b/libpam/pam_modutil_getlogin.c @@ -10,7 +10,6 @@ #include <stdlib.h> #include <unistd.h> -#include <utmp.h> #define _PAMMODUTIL_GETLOGIN "_pammodutil_getlogin" @@ -19,62 +18,33 @@ pam_modutil_getlogin(pam_handle_t *pamh) { int status; const void *logname; - const void *void_curr_tty; - const char *curr_tty; char *curr_user; - struct utmp *ut, line; + size_t curr_user_len; status = pam_get_data(pamh, _PAMMODUTIL_GETLOGIN, &logname); if (status == PAM_SUCCESS) { return logname; } - status = pam_get_item(pamh, PAM_TTY, &void_curr_tty); - if ((status != PAM_SUCCESS) || (void_curr_tty == NULL)) - curr_tty = ttyname(0); - else - curr_tty = (const char*)void_curr_tty; - - if (curr_tty == NULL) { - return NULL; - } - - if (curr_tty[0] == '/') { /* full path */ - const char *t; - curr_tty++; - if ((t = strchr(curr_tty, '/')) != NULL) { - curr_tty = t + 1; - } + logname = getlogin(); + if (logname == NULL) { + return NULL; } - logname = NULL; - setutent(); - strncpy(line.ut_line, curr_tty, sizeof(line.ut_line)); - - if ((ut = getutline(&line)) == NULL) { - goto clean_up_and_go_home; - } - - curr_user = calloc(sizeof(line.ut_user)+1, 1); + curr_user_len = strlen(logname)+1; + curr_user = calloc(curr_user_len, 1); if (curr_user == NULL) { - goto clean_up_and_go_home; + return NULL; } - strncpy(curr_user, ut->ut_user, sizeof(ut->ut_user)); - /* calloc already zeroed the memory */ + memcpy(curr_user, logname, curr_user_len); status = pam_set_data(pamh, _PAMMODUTIL_GETLOGIN, curr_user, pam_modutil_cleanup); if (status != PAM_SUCCESS) { - free(curr_user); - goto clean_up_and_go_home; + free(curr_user); + return NULL; } - logname = curr_user; - -clean_up_and_go_home: - - endutent(); - - return logname; + return curr_user; } |