X-Git-Url: http://git.hcoop.net/hcoop/debian/courier-authlib.git/blobdiff_plain/d9898ee81388d1eff40cf71e85d9ce9b5c1401fe..b0322a8536f3cab76471c98122fe1df75bb7c387:/authpam.c diff --git a/authpam.c b/authpam.c index d019516..9d40e69 100644 --- a/authpam.c +++ b/authpam.c @@ -1,5 +1,5 @@ /* -** Copyright 1998 - 2006 Double Precision, Inc. See COPYING for +** Copyright 1998 - 2012 Double Precision, Inc. See COPYING for ** distribution information. */ @@ -16,7 +16,7 @@ #endif #include "auth.h" #include "authwait.h" -#include "authstaticlist.h" +#include "courierauthstaticlist.h" #include "courierauthdebug.h" #if HAVE_SECURITY_PAM_APPL_H @@ -27,7 +27,6 @@ #include #endif -static const char rcsid[]="$Id: authpam.c,v 1.24 2006/10/28 19:22:52 mrsam Exp $"; static const char *pam_username, *pam_password, *pam_service; @@ -92,18 +91,21 @@ static struct pam_conv conv = { NULL }; -static int dopam(pam_handle_t **pamh) +static int dopam(pam_handle_t **pamh, int *started) { -int retval; + int retval; DPRINTF("pam_service=%s, pam_username=%s", pam_service ? pam_service : "", pam_username ? pam_username : ""); + *started=1; + retval=pam_start(pam_service, pam_username, &conv, pamh); if (retval != PAM_SUCCESS) { DPRINTF("pam_start failed, result %d [Hint: bad PAM configuration?]", retval); + *started=0; } #if 0 @@ -220,12 +222,17 @@ char buf[1]; if (p == 0) { + int started; + close(pipefd[0]); - retval=dopam(&pamh); + retval=dopam(&pamh, &started); if (retval == PAM_SUCCESS) if (write(pipefd[1], "", 1) < 0) ; /* ignore gcc warning */ close(pipefd[1]); + + if (started) + pam_end(pamh, retval); _exit(0); } @@ -247,51 +254,6 @@ char buf[1]; free(s); errno=EPERM; return (-1); - -#if 0 - free(s); - close(pipefd[0]); - - retval=dopam(&pamh); - - if (retval == PAM_SUCCESS) - retval=pam_open_session(pamh, 0); - - if (retval != PAM_SUCCESS) - { - if (pam_end(pamh, retval) != PAM_SUCCESS) - perror("Unable to release PAM tokens"); - - /* Wait for child to terminate */ - - close(pipefd[1]); /* Tell the child to shut down */ - while (wait(&waitstat) != p) - ; - return (-1); - } - - /* Tell child process to run in authenticated state */ - - write(pipefd[1], "", 1); - close(pipefd[1]); - - /* Wait for child process to finish */ - - while (wait(&waitstat) != p) - ; - - retval=pam_close_session(pamh, 0); - if (retval != PAM_SUCCESS) - perror("pam_close_session"); - - if (pam_end(pamh, retval) != PAM_SUCCESS) - perror("Unable to release PAM tokens"); - - if (WIFEXITED(waitstat)) - exit(WEXITSTATUS(waitstat)); - exit(255); - return (1); -#endif } extern int auth_pam_pre(const char *userid, const char *service,