Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-05-04  Thorsten Kukuk  <kukuk@suse.de>

        * configure.in: Check for fseeko.
        * modules/pam_tally/pam_tally.c: Use fseeko if available
        (Based on patch by IBM).

diff --git a/ChangeLog b/ChangeLog
index 0ce089a380f1073fa534fa2a622de60982136d20..d1b092feb92ebda7e02915148fe208f6ceeaf009 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2006-05-04  Thorsten Kukuk  <kukuk@suse.de>
+
+       * configure.in: Check for fseeko.
+       * modules/pam_tally/pam_tally.c: Use fseeko if available
+       (Based on patch by IBM).
+
 2006-05-04  Thorsten Kukuk  <kukuk@thkukuk.de>
 
        * release version 0.99.4.0

diff --git a/NEWS b/NEWS
index 7e28ca4422c5836d4dea19e9d6b56b32a4312b25..9bc77809caa76950c85f483b74cd047e984fc615 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
 Linux-PAM NEWS -- history of user-visible changes.
 
 
+* pam_tally: Fix support for large UIDs
+
 Release 0.99.4.0
 
 * Add test suite

diff --git a/configure.in b/configure.in
index 8df53d0d407816ee1a7a60b7a1f3c331791990cd..bb8532eb849703841e6712f46fec4101791a8710 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -377,7 +377,7 @@ AC_TYPE_GETGROUPS
 AC_PROG_GCC_TRADITIONAL
 AC_FUNC_MEMCMP
 AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(gethostname gettimeofday lckpwdf mkdir select)
+AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select)
 AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname)
 AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
 AC_CHECK_FUNCS(getgrouplist getline getdelim)

diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c
index ffd9b330ce0121dfd43f4054f943930a3d7525d0..f3642c34653ce1befc6092c746b908c3f4391ee4 100644 (file)
--- a/modules/pam_tally/pam_tally.c
+++ b/modules/pam_tally/pam_tally.c
@@ -1,7 +1,6 @@
 /*
  * pam_tally.c
  *
- * $Id$
  */
 
 
@@ -34,11 +33,6 @@
 #include <sys/param.h>
 #include "faillog.h"
 
-#ifndef TRUE
-#define TRUE  1L
-#define FALSE 0L
-#endif
-
 /*
  * here, we make a definition for the externally accessible function
  * in this file (this definition is required for static a module
@@ -55,6 +49,15 @@
 #include <security/pam_modutil.h>
 #include <security/pam_ext.h>
 
+#ifndef TRUE
+#define TRUE  1L
+#define FALSE 0L
+#endif
+
+#ifndef HAVE_FSEEKO
+#define fseeko fseek
+#endif
+
 /*---------------------------------------------------------------------*/
 
 #define DEFAULT_LOGFILE "/var/log/faillog"
@@ -64,8 +67,6 @@
 #define TALLY_FMT  "%hu"
 #define TALLY_HI   ((tally_t)~0L)
 
-#define UID_FMT    "%hu"
-
 #ifndef FILENAME_MAX
 # define FILENAME_MAX MAXPATHLEN
 #endif
@@ -345,7 +346,7 @@ get_tally(pam_handle_t *pamh, tally_t *tally, uid_t uid,
       return PAM_AUTH_ERR;
     }
 
-    if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
+    if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
           pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
           fclose(*TALLY);
           return PAM_AUTH_ERR;
@@ -382,7 +383,7 @@ set_tally(pam_handle_t *pamh, tally_t tally, uid_t uid,
     int retval = PAM_SUCCESS;
 
     if ( tally!=TALLY_HI ) {
-      if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
+      if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
        pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
        retval = PAM_AUTH_ERR;
       } else {
@@ -518,9 +519,9 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
        if ( lock_time + oldtime > time(NULL) )
        {
                pam_syslog(pamh, LOG_NOTICE,
-                        "user %s ("UID_FMT") has time limit [%lds left]"
+                        "user %s (%lu) has time limit [%lds left]"
                         " since last failure.",
-                        user,uid,
+                        user, (unsigned long int) uid,
                         oldtime+lock_time
                         -time(NULL));
                return PAM_AUTH_ERR;
@@ -539,8 +540,8 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
         ( ((opts->ctrl & OPT_DENY_ROOT) || uid) )    /* even_deny stops uid check    */
         ) {
         pam_syslog(pamh, LOG_NOTICE,
-                  "user %s ("UID_FMT") tally "TALLY_FMT", deny "TALLY_FMT,
-                  user, uid, tally, deny);
+                  "user %s (%lu) tally "TALLY_FMT", deny "TALLY_FMT,
+                  user, (unsigned long int) uid, tally, deny);
         return PAM_AUTH_ERR;                 /* Only unconditional failure   */
       }
     }
@@ -807,7 +808,8 @@ int main ( int argc UNUSED, char **argv )
     }
 
     if ( !cline_quiet )
-      printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",cline_user,uid,
+      printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",cline_user,
+            (unsigned long int) uid,
              (cline_reset!=TALLY_HI)?"had":"has",tally);
 
     i=set_tally(NULL, cline_reset, uid, cline_filename, &TALLY, fsp);
@@ -832,11 +834,13 @@ int main ( int argc UNUSED, char **argv )
       tally = fsp->fs_faillog.fail_cnt;
 
       if ( ( pw=getpwuid(uid) ) ) {
-        printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",pw->pw_name,uid,
+        printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",pw->pw_name,
+              (unsigned long int) uid,
                (cline_reset!=TALLY_HI)?"had":"has",tally);
       }
       else {
-        printf("User [NONAME]\t("UID_FMT")\t%s "TALLY_FMT"\n",uid,
+        printf("User [NONAME]\t(%lu)\t%s "TALLY_FMT"\n",
+              (unsigned long int) uid,
                (cline_reset!=TALLY_HI)?"had":"has",tally);
       }
     }