From 051d00ef91fb11c2bd156a2942963de46e28f86f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCrgen=20H=C3=B6tzel?= Date: Fri, 3 Sep 2021 19:18:43 +0200 Subject: [PATCH] Failed user lookups should not terminate the PAM application (#25) * Failed user lookups should not terminate the PAM application * Updated version and changelog. Tested changes on Debian 10 with no issues. Co-authored-by: David Cheeseman --- CHANGELOG.md | 5 +++-- src/duress.c | 7 +++++-- src/util.c | 6 +++--- src/version.h | 2 +- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1005959..1a333b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ - 1.1.5 - Makefile improvements by [Prateek Ganguli on github](https://github.com/pganguli). Debug build path now added. - 1.1.6 - - Removal of unnecessary intermediate shell. + - Removal of unnecessary intermediate shell. Contribution by [Jürgen Hötzel on github](https://github.com/juergenhoetzel). - Debug builds will not redirect output of stderr and stdout to /dev/null by default to support testing/debugging. - \ No newline at end of file + - 1.1.7 + - Removal of exit statements; replaced with NULL to preven the PAM application exiting. Contribution by [Jürgen Hötzel on github](https://github.com/juergenhoetzel). diff --git a/src/duress.c b/src/duress.c index 8375973..27d8dca 100644 --- a/src/duress.c +++ b/src/duress.c @@ -195,8 +195,11 @@ int process_dir(const char *directory, const char *pam_user, int execute_duress_scripts(const char *pam_user, const char *pam_pass) { int global_duress_run = process_dir(GLOBAL_CONFIG_DIR, pam_user, pam_pass, NULL); - int local_duress_run = - process_dir(get_local_config_dir(pam_user), pam_user, pam_pass, pam_user); + + int local_duress_run = 0; + char *local_config_dir = get_local_config_dir(pam_user); + if (local_config_dir != NULL) + local_duress_run = process_dir(local_config_dir, pam_user, pam_pass, pam_user); if (global_duress_run || local_duress_run) return PAM_SUCCESS; diff --git a/src/util.c b/src/util.c index 815c21a..722325b 100644 --- a/src/util.c +++ b/src/util.c @@ -67,20 +67,20 @@ char *get_local_config_dir(const char *user_name) if (pwd == NULL) { syslog(LOG_INFO, "Failed to allocate struct passwd for getpwnam_r.\n"); - exit(1); + return NULL; } size_t buffer_len = sysconf(_SC_GETPW_R_SIZE_MAX) * sizeof(char); char *buffer = malloc(buffer_len); if (buffer == NULL) { syslog(LOG_INFO, "Failed to allocate buffer for getpwnam_r.\n"); - exit(2); + return NULL; } getpwnam_r(user_name, pwd, buffer, buffer_len, &pwd); if (pwd == NULL) { syslog(LOG_INFO, "getpwnam_r failed to find requested entry.\n"); - exit(3); + return NULL; } free(buffer); diff --git a/src/version.h b/src/version.h index 7c62f26..563853a 100644 --- a/src/version.h +++ b/src/version.h @@ -3,6 +3,6 @@ #define VERS_MAJOR 1 #define VERS_MINOR 1 -#define VERS_REVISION 6 +#define VERS_REVISION 7 #endif