From f92940aef28c98145ecddeff05b4aa4be7a6c5e5 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Wed, 14 Apr 2010 10:22:10 +0000 Subject: [PATCH] Relevant BUGIDs: MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Purpose of commit: bugfix Commit summary: --------------- 2010-04-13 Thorsten Kukuk * modules/pam_pwhistory/opasswd.c: Fix compilation if cyprt_r() is not available. * configure.in: check for getutent_r. * modules/pam_timestamp/pam_timestamp.c: Use getutent() if getutent_r() does not exist. Patch from Diego Elio "Flameeyes" Pettenò. --- ChangeLog | 9 +++++++++ configure.in | 2 +- modules/pam_pwhistory/opasswd.c | 22 ++++++++++++++++++---- modules/pam_timestamp/pam_timestamp.c | 8 +++++++- 4 files changed, 35 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 23181073..dd7468ae 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2010-04-13 Thorsten Kukuk + + * modules/pam_pwhistory/opasswd.c: Fix compilation if + cyprt_r() is not available. + * configure.in: check for getutent_r. + * modules/pam_timestamp/pam_timestamp.c: Use getutent() + if getutent_r() does not exist. + Patch from Diego Elio “Flameeyes” Pettenò. + 2010-04-12 Thorsten Kukuk * doc/man/pam.conf-syntax.xml: Better documentation of diff --git a/configure.in b/configure.in index c7c07ccc..0de55536 100644 --- a/configure.in +++ b/configure.in @@ -458,7 +458,7 @@ AC_FUNC_MEMCMP AC_FUNC_VPRINTF AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select) AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname) -AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) +AC_CHECK_FUNCS(getutent_r getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) AC_CHECK_FUNCS(getgrouplist getline getdelim) AC_CHECK_FUNCS(inet_ntop inet_pton ruserok_af) diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c index 3c8e5cff..f045555f 100644 --- a/modules/pam_pwhistory/opasswd.c +++ b/modules/pam_pwhistory/opasswd.c @@ -94,6 +94,23 @@ parse_entry (char *line, opwd *data) return 0; } +static int +compare_password(const char *newpass, const char *oldpass) +{ + char *outval; +#ifdef HAVE_CRYPT_R + struct crypt_data output; + + output.initialized = 0; + + outval = crypt_r (newpass, oldpass, &output); +#else + outval = crypt (newpass, oldpass); +#endif + + return strcmp(outval, oldpass) == 0; +} + /* Check, if the new password is already in the opasswd file. */ int check_old_password (pam_handle_t *pamh, const char *user, @@ -167,12 +184,9 @@ check_old_password (pam_handle_t *pamh, const char *user, if (found) { const char delimiters[] = ","; - struct crypt_data output; char *running; char *oldpass; - memset (&output, 0, sizeof (output)); - running = strdupa (entry.old_passwords); if (running == NULL) return PAM_BUF_ERR; @@ -180,7 +194,7 @@ check_old_password (pam_handle_t *pamh, const char *user, do { oldpass = strsep (&running, delimiters); if (oldpass && strlen (oldpass) > 0 && - strcmp (crypt_r (newpass, oldpass, &output), oldpass) == 0) + compare_password(newpass, oldpass) ) { if (debug) pam_syslog (pamh, LOG_DEBUG, "New password already used"); diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 7e6c4b0b..26876769 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -200,7 +200,13 @@ check_login_time(const char *ruser, time_t timestamp) time_t oldest_login = 0; setutent(); - while(!getutent_r(&utbuf, &ut)) { + while( +#ifdef HAVE_GETUTENT_R + !getutent_r(&utbuf, &ut) +#else + (ut = getutent()) != NULL +#endif + ) { if (ut->ut_type != USER_PROCESS) { continue; } -- 2.40.0