Relevant BUGIDs:

[linux-pam] / modules / pam_unix / pam_unix_sess.c

diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index e97bc1f0f937ba88b7fe270094086280c5f00bd1..e984578c56ab1255fc129fd29bc717e5ea76fb4c 100644 (file)
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -36,7 +36,7 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include <security/_pam_aconf.h>
+#include "config.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -53,10 +53,8 @@
 
 #include <security/_pam_macros.h>
 #include <security/pam_modules.h>
-
-#ifndef LINUX_PAM
-#include <security/pam_appl.h>
-#endif                         /* LINUX_PAM */
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
 
 #include "support.h"
 
@@ -71,25 +69,31 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t * pamh, int flags,
        char *user_name, *service;
        unsigned int ctrl;
        int retval;
+    const char *login_name;
 
        D(("called."));
 
-       ctrl = _set_ctrl(flags, NULL, argc, argv);
+       ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv);
 
        retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
-       if (user_name == NULL || retval != PAM_SUCCESS) {
-               _log_err(LOG_CRIT, "open_session - error recovering username");
+       if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
+               pam_syslog(pamh, LOG_CRIT,
+                        "open_session - error recovering username");
                return PAM_SESSION_ERR;         /* How did we get authenticated with
                                                   no username?! */
        }
        retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
-       if (service == NULL || retval != PAM_SUCCESS) {
-               _log_err(LOG_CRIT, "open_session - error recovering service");
+       if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
+               pam_syslog(pamh, LOG_CRIT,
+                        "open_session - error recovering service");
                return PAM_SESSION_ERR;
        }
-       _log_err(LOG_INFO, "(%s) session opened for user %s by %s(uid=%d)"
-                ,service, user_name
-                ,PAM_getlogin() == NULL ? "" : PAM_getlogin(), getuid());
+       login_name = pam_modutil_getlogin(pamh);
+       if (login_name == NULL) {
+           login_name = "";
+       }
+       pam_syslog(pamh, LOG_INFO, "session opened for user %s by %s(uid=%lu)",
+                user_name, login_name, (unsigned long)getuid());
 
        return PAM_SUCCESS;
 }
@@ -103,21 +107,23 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t * pamh, int flags,
 
        D(("called."));
 
-       ctrl = _set_ctrl(flags, NULL, argc, argv);
+       ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv);
 
        retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
-       if (user_name == NULL || retval != PAM_SUCCESS) {
-               _log_err(LOG_CRIT, "close_session - error recovering username");
+       if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
+               pam_syslog(pamh, LOG_CRIT,
+                        "close_session - error recovering username");
                return PAM_SESSION_ERR;         /* How did we get authenticated with
                                                   no username?! */
        }
        retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
-       if (service == NULL || retval != PAM_SUCCESS) {
-               _log_err(LOG_CRIT, "close_session - error recovering service");
+       if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
+               pam_syslog(pamh, LOG_CRIT,
+                        "close_session - error recovering service");
                return PAM_SESSION_ERR;
        }
-       _log_err(LOG_INFO, "(%s) session closed for user %s"
-                ,service, user_name);
+       pam_syslog(pamh, LOG_INFO, "session closed for user %s",
+               user_name);
 
        return PAM_SUCCESS;
 }