From 095af08413e5a0f4b8a9f86fda8a85bcfa1d9153 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Sun, 24 Apr 2022 08:00:00 +0000 Subject: pam_issue: reorder definitions of static functions to avoid forward declarations * modules/pam_issue/pam_issue.c (read_issue_raw, read_issue_quoted): Move definitions of static functions before their first use to avoid forward declarations cluttering the code. --- modules/pam_issue/pam_issue.c | 181 ++++++++++++++++++++---------------------- 1 file changed, 88 insertions(+), 93 deletions(-) diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 5b6a4669..2f53440f 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -36,98 +36,6 @@ static int _user_prompt_set = 0; -static int read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt); -static int read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt); - -/* --- authentication management functions (only) --- */ - -int -pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, - int argc, const char **argv) -{ - int retval = PAM_SERVICE_ERR; - FILE *fp; - const char *issue_file = NULL; - int parse_esc = 1; - const void *item = NULL; - const char *cur_prompt; - char *issue_prompt = NULL; - - /* If we've already set the prompt, don't set it again */ - if(_user_prompt_set) - return PAM_IGNORE; - - /* We set this here so if we fail below, we won't get further - than this next time around (only one real failure) */ - _user_prompt_set = 1; - - for ( ; argc-- > 0 ; ++argv ) { - const char *str; - - if ((str = pam_str_skip_prefix(*argv, "issue=")) != NULL) { - issue_file = str; - D(("set issue_file to: %s", issue_file)); - } else if (!strcmp(*argv,"noesc")) { - parse_esc = 0; - D(("turning off escape parsing by request")); - } else - D(("unknown option passed: %s", *argv)); - } - - if (issue_file == NULL) - issue_file = "/etc/issue"; - - if ((fp = fopen(issue_file, "r")) == NULL) { - pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file); - return PAM_SERVICE_ERR; - } - - if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) { - fclose(fp); - return retval; - } - - cur_prompt = item; - if (cur_prompt == NULL) - cur_prompt = ""; - - if (parse_esc) - retval = read_issue_quoted(pamh, fp, &issue_prompt); - else - retval = read_issue_raw(pamh, fp, &issue_prompt); - - fclose(fp); - - if (retval != PAM_SUCCESS) - goto out; - - { - size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1; - char *new_prompt = realloc(issue_prompt, size); - - if (new_prompt == NULL) { - pam_syslog(pamh, LOG_CRIT, "out of memory"); - retval = PAM_BUF_ERR; - goto out; - } - issue_prompt = new_prompt; - } - - strcat(issue_prompt, cur_prompt); - retval = pam_set_item(pamh, PAM_USER_PROMPT, - (const void *) issue_prompt); - out: - _pam_drop(issue_prompt); - return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval; -} - -int -pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED, - int argc UNUSED, const char **argv UNUSED) -{ - return PAM_IGNORE; -} - static int read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt) { @@ -303,4 +211,91 @@ read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt) return PAM_SUCCESS; } -/* end of module definition */ +/* --- authentication management functions (only) --- */ + +int +pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) +{ + int retval = PAM_SERVICE_ERR; + FILE *fp; + const char *issue_file = NULL; + int parse_esc = 1; + const void *item = NULL; + const char *cur_prompt; + char *issue_prompt = NULL; + + /* If we've already set the prompt, don't set it again */ + if(_user_prompt_set) + return PAM_IGNORE; + + /* We set this here so if we fail below, we won't get further + than this next time around (only one real failure) */ + _user_prompt_set = 1; + + for ( ; argc-- > 0 ; ++argv ) { + const char *str; + + if ((str = pam_str_skip_prefix(*argv, "issue=")) != NULL) { + issue_file = str; + D(("set issue_file to: %s", issue_file)); + } else if (!strcmp(*argv,"noesc")) { + parse_esc = 0; + D(("turning off escape parsing by request")); + } else + D(("unknown option passed: %s", *argv)); + } + + if (issue_file == NULL) + issue_file = "/etc/issue"; + + if ((fp = fopen(issue_file, "r")) == NULL) { + pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file); + return PAM_SERVICE_ERR; + } + + if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) { + fclose(fp); + return retval; + } + + cur_prompt = item; + if (cur_prompt == NULL) + cur_prompt = ""; + + if (parse_esc) + retval = read_issue_quoted(pamh, fp, &issue_prompt); + else + retval = read_issue_raw(pamh, fp, &issue_prompt); + + fclose(fp); + + if (retval != PAM_SUCCESS) + goto out; + + { + size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1; + char *new_prompt = realloc(issue_prompt, size); + + if (new_prompt == NULL) { + pam_syslog(pamh, LOG_CRIT, "out of memory"); + retval = PAM_BUF_ERR; + goto out; + } + issue_prompt = new_prompt; + } + + strcat(issue_prompt, cur_prompt); + retval = pam_set_item(pamh, PAM_USER_PROMPT, + (const void *) issue_prompt); + out: + _pam_drop(issue_prompt); + return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval; +} + +int +pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) +{ + return PAM_IGNORE; +} -- cgit v1.2.1