diff options
author | Jeremy Allison <jra@samba.org> | 2006-06-15 01:54:09 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:17:27 -0500 |
commit | f9147c4e408d316d194c4e367dfccbf433cb8ec9 (patch) | |
tree | c706add179942ab8c6b54cda49e9b0a47fc69bca /source3/pam_smbpass | |
parent | a1e0a0e9286fbe90ca04cda9df38e72d8d18b0c1 (diff) | |
download | samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.gz samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.bz2 samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.zip |
r16241: Fix Klocwork #106 and others like it.
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
Diffstat (limited to 'source3/pam_smbpass')
-rw-r--r-- | source3/pam_smbpass/pam_smb_acct.c | 140 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_auth.c | 160 |
2 files changed, 155 insertions, 145 deletions
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c index 8970ffa8ed..47bf059479 100644 --- a/source3/pam_smbpass/pam_smb_acct.c +++ b/source3/pam_smbpass/pam_smb_acct.c @@ -42,72 +42,80 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, int argc, const char **argv ) { - unsigned int ctrl; - int retval; - - const char *name; - struct samu *sampass = NULL; - void (*oldsig_handler)(int); - extern BOOL in_client; - - /* Samba initialization. */ - load_case_tables(); - setup_logging( "pam_smbpass", False ); - in_client = True; - - ctrl = set_ctrl( flags, argc, argv ); - - /* get the username */ - - retval = pam_get_user( pamh, &name, "Username: " ); - if (retval != PAM_SUCCESS) { - if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG, "acct: could not identify user" ); - } - return retval; - } - if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG, "acct: username [%s] obtained", name ); - } - - /* Getting into places that might use LDAP -- protect the app - from a SIGPIPE it's not expecting */ - oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); - if (!initialize_password_db(True)) { - _log_err( LOG_ALERT, "Cannot access samba password database" ); - CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); - return PAM_AUTHINFO_UNAVAIL; - } - - /* Get the user's record. */ - - if ( (sampass = samu_new( NULL )) != NULL ) { - pdb_getsampwnam(sampass, name ); - } - - /* check for lookup failure */ - if ( !sampass || !strlen(pdb_get_username(sampass)) ) { - CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); - return PAM_USER_UNKNOWN; - } - - if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) { - if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG - , "acct: account %s is administratively disabled", name ); - } - make_remark( pamh, ctrl, PAM_ERROR_MSG - , "Your account has been disabled; " - "please see your system administrator." ); - - CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); - return PAM_ACCT_EXPIRED; - } - - /* TODO: support for expired passwords. */ - - CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); - return PAM_SUCCESS; + unsigned int ctrl; + int retval; + + const char *name; + struct samu *sampass = NULL; + void (*oldsig_handler)(int); + extern BOOL in_client; + + /* Samba initialization. */ + load_case_tables(); + setup_logging( "pam_smbpass", False ); + in_client = True; + + ctrl = set_ctrl( flags, argc, argv ); + + /* get the username */ + + retval = pam_get_user( pamh, &name, "Username: " ); + if (retval != PAM_SUCCESS) { + if (on( SMB_DEBUG, ctrl )) { + _log_err( LOG_DEBUG, "acct: could not identify user" ); + } + return retval; + } + if (on( SMB_DEBUG, ctrl )) { + _log_err( LOG_DEBUG, "acct: username [%s] obtained", name ); + } + + /* Getting into places that might use LDAP -- protect the app + from a SIGPIPE it's not expecting */ + oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); + if (!initialize_password_db(True)) { + _log_err( LOG_ALERT, "Cannot access samba password database" ); + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + return PAM_AUTHINFO_UNAVAIL; + } + + /* Get the user's record. */ + + if (!(sampass = samu_new( NULL ))) { + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + /* malloc fail. */ + return nt_status_to_pam(NT_STATUS_NO_MEMORY); + } + + if (!pdb_getsampwnam(sampass, name )) { + _log_err( LOG_DEBUG, "acct: could not identify user" ); + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + return PAM_USER_UNKNOWN; + } + + /* check for lookup failure */ + if (!strlen(pdb_get_username(sampass)) ) { + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + return PAM_USER_UNKNOWN; + } + + if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) { + if (on( SMB_DEBUG, ctrl )) { + _log_err( LOG_DEBUG + , "acct: account %s is administratively disabled", name ); + } + make_remark( pamh, ctrl, PAM_ERROR_MSG + , "Your account has been disabled; " + "please see your system administrator." ); + + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + return PAM_ACCT_EXPIRED; + } + + /* TODO: support for expired passwords. */ + + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); + return PAM_SUCCESS; } /* static module data */ diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c index 15726aa855..df6d20e01a 100644 --- a/source3/pam_smbpass/pam_smb_auth.c +++ b/source3/pam_smbpass/pam_smb_auth.c @@ -62,94 +62,97 @@ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl, int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { - unsigned int ctrl; - int retval, *ret_data = NULL; - struct samu *sampass = NULL; - extern BOOL in_client; - const char *name; - void (*oldsig_handler)(int) = NULL; - BOOL found; - - /* Points to memory managed by the PAM library. Do not free. */ - char *p = NULL; - - - /* Samba initialization. */ - load_case_tables(); - setup_logging("pam_smbpass",False); - in_client = True; - - ctrl = set_ctrl(flags, argc, argv); - - /* Get a few bytes so we can pass our return value to - pam_sm_setcred(). */ - ret_data = SMB_MALLOC_P(int); - - /* we need to do this before we call AUTH_RETURN */ - /* Getting into places that might use LDAP -- protect the app - from a SIGPIPE it's not expecting */ - oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); - - /* get the username */ - retval = pam_get_user( pamh, &name, "Username: " ); - if ( retval != PAM_SUCCESS ) { - if (on( SMB_DEBUG, ctrl )) { - _log_err(LOG_DEBUG, "auth: could not identify user"); - } - AUTH_RETURN; - } - if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG, "username [%s] obtained", name ); - } + unsigned int ctrl; + int retval, *ret_data = NULL; + struct samu *sampass = NULL; + extern BOOL in_client; + const char *name; + void (*oldsig_handler)(int) = NULL; + BOOL found; + + /* Points to memory managed by the PAM library. Do not free. */ + char *p = NULL; + + /* Samba initialization. */ + load_case_tables(); + setup_logging("pam_smbpass",False); + in_client = True; + + ctrl = set_ctrl(flags, argc, argv); + + /* Get a few bytes so we can pass our return value to + pam_sm_setcred(). */ + ret_data = SMB_MALLOC_P(int); + + /* we need to do this before we call AUTH_RETURN */ + /* Getting into places that might use LDAP -- protect the app + from a SIGPIPE it's not expecting */ + oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); + + /* get the username */ + retval = pam_get_user( pamh, &name, "Username: " ); + if ( retval != PAM_SUCCESS ) { + if (on( SMB_DEBUG, ctrl )) { + _log_err(LOG_DEBUG, "auth: could not identify user"); + } + AUTH_RETURN; + } + if (on( SMB_DEBUG, ctrl )) { + _log_err( LOG_DEBUG, "username [%s] obtained", name ); + } - if (!initialize_password_db(True)) { - _log_err( LOG_ALERT, "Cannot access samba password database" ); - retval = PAM_AUTHINFO_UNAVAIL; - AUTH_RETURN; - } + if (!initialize_password_db(True)) { + _log_err( LOG_ALERT, "Cannot access samba password database" ); + retval = PAM_AUTHINFO_UNAVAIL; + AUTH_RETURN; + } - sampass = samu_new( NULL ); - - found = pdb_getsampwnam( sampass, name ); + sampass = samu_new( NULL ); + if (!sampass) { + _log_err( LOG_ALERT, "Cannot talloc a samu struct" ); + retval = nt_status_to_pam(NT_STATUS_NO_MEMORY); + AUTH_RETURN; + } - if (on( SMB_MIGRATE, ctrl )) { - retval = _smb_add_user(pamh, ctrl, name, sampass, found); - TALLOC_FREE(sampass); - AUTH_RETURN; - } + found = pdb_getsampwnam( sampass, name ); - if (!found) { - _log_err(LOG_ALERT, "Failed to find entry for user %s.", name); - retval = PAM_USER_UNKNOWN; - TALLOC_FREE(sampass); - sampass = NULL; - AUTH_RETURN; - } + if (on( SMB_MIGRATE, ctrl )) { + retval = _smb_add_user(pamh, ctrl, name, sampass, found); + TALLOC_FREE(sampass); + AUTH_RETURN; + } + + if (!found) { + _log_err(LOG_ALERT, "Failed to find entry for user %s.", name); + retval = PAM_USER_UNKNOWN; + TALLOC_FREE(sampass); + sampass = NULL; + AUTH_RETURN; + } - /* if this user does not have a password... */ + /* if this user does not have a password... */ - if (_smb_blankpasswd( ctrl, sampass )) { - TALLOC_FREE(sampass); - retval = PAM_SUCCESS; - AUTH_RETURN; - } + if (_smb_blankpasswd( ctrl, sampass )) { + TALLOC_FREE(sampass); + retval = PAM_SUCCESS; + AUTH_RETURN; + } - /* get this user's authentication token */ + /* get this user's authentication token */ - retval = _smb_read_password(pamh, ctrl, NULL, "Password: ", NULL, _SMB_AUTHTOK, &p); - if (retval != PAM_SUCCESS ) { - _log_err(LOG_CRIT, "auth: no password provided for [%s]" - , name); - TALLOC_FREE(sampass); - AUTH_RETURN; - } + retval = _smb_read_password(pamh, ctrl, NULL, "Password: ", NULL, _SMB_AUTHTOK, &p); + if (retval != PAM_SUCCESS ) { + _log_err(LOG_CRIT, "auth: no password provided for [%s]", name); + TALLOC_FREE(sampass); + AUTH_RETURN; + } - /* verify the password of this user */ + /* verify the password of this user */ - retval = _smb_verify_password( pamh, sampass, p, ctrl ); - TALLOC_FREE(sampass); - p = NULL; - AUTH_RETURN; + retval = _smb_verify_password( pamh, sampass, p, ctrl ); + TALLOC_FREE(sampass); + p = NULL; + AUTH_RETURN; } /* @@ -255,4 +258,3 @@ struct pam_module _pam_smbpass_auth_modstruct = { NULL }; #endif - |