From owner-p4-projects  Sat Apr  6  7:18:19 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 8342037B416; Sat,  6 Apr 2002 07:18:08 -0800 (PST)
Delivered-To: perforce@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id A753A37B405
	for <perforce@freebsd.org>; Sat,  6 Apr 2002 07:18:07 -0800 (PST)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g36FI7H97140
	for perforce@freebsd.org; Sat, 6 Apr 2002 07:18:07 -0800 (PST)
	(envelope-from des@freebsd.org)
Date: Sat, 6 Apr 2002 07:18:07 -0800 (PST)
Message-Id: <200204061518.g36FI7H97140@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to des@freebsd.org using -f
From: Dag-Erling Smorgrav <des@FreeBSD.org>
Subject: PERFORCE change 9209 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=9209

Change 9209 by des@des.at.des.thinksec.com on 2002/04/06 07:17:44

	Plug memory leak, reduce differences between these very similar
	functions, and {add,tweak} documentation.
	
	Sponsored by:	DARPA, NAI Labs

Affected files ...

... //depot/projects/openpam/lib/pam_get_authtok.c#14 edit
... //depot/projects/openpam/lib/pam_get_user.c#11 edit

Differences ...

==== //depot/projects/openpam/lib/pam_get_authtok.c#14 (text+ko) ====

@@ -31,11 +31,13 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#13 $
+ * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#14 $
  */
 
 #include <sys/param.h>
 
+#include <stdlib.h>
+
 #include <security/pam_appl.h>
 #include <security/openpam.h>
 
@@ -95,8 +97,11 @@
 	r = pam_prompt(pamh, style, &resp, "%s", prompt);
 	if (r != PAM_SUCCESS)
 		return (r);
-	*authtok = resp;
-	return (pam_set_item(pamh, item, *authtok));
+	r = pam_set_item(pamh, pitem, resp);
+	free(resp);
+	if (r != PAM_SUCCESS)
+		return (r);
+	return (pam_get_item(pamh, pitem, (const void **)authtok));
 }
 
 /*
@@ -124,9 +129,10 @@
  *		authentication tokens.
  *
  * The =prompt argument specifies a prompt to use if no token is cached.
- * If =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item, as
- * appropriate, will be used.  If that item is also =NULL, a hardcoded
+ * If it is =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item,
+ * as appropriate, will be used.  If that item is also =NULL, a hardcoded
  * default prompt will be used.
  *
  * >pam_get_item
+ * >pam_get_user
  */

==== //depot/projects/openpam/lib/pam_get_user.c#11 (text+ko) ====

@@ -31,16 +31,20 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/openpam/lib/pam_get_user.c#10 $
+ * $P4: //depot/projects/openpam/lib/pam_get_user.c#11 $
  */
 
 #include <sys/param.h>
 
+#include <stdlib.h>
+
 #include <security/pam_appl.h>
 #include <security/openpam.h>
 
 #include "openpam_impl.h"
 
+const char user_prompt[] = "Login:";
+
 /*
  * XSSO 4.2.1
  * XSSO 6 page 52
@@ -53,7 +57,7 @@
 	const char **user,
 	const char *prompt)
 {
-	char *p, *resp;
+	char *resp;
 	int r;
 
 	if (pamh == NULL || user == NULL)
@@ -63,16 +67,18 @@
 	if (r == PAM_SUCCESS)
 		return (PAM_SUCCESS);
 	if (prompt == NULL) {
-		if (pam_get_item(pamh, PAM_USER_PROMPT,
-		    (const void **)&p) != PAM_SUCCESS || p == NULL)
-			prompt = "Login: ";
+		r = pam_get_item(pamh, PAM_USER_PROMPT, (const void **)&prompt);
+		if (r != PAM_SUCCESS || prompt == NULL)
+			prompt = user_prompt;
 	}
-	r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp,
-	    "%s", prompt ? prompt : p);
+	r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, "%s", prompt);
+	if (r != PAM_SUCCESS)
+		return (r);
+	r = pam_set_item(pamh, PAM_USER, resp);
+	free(resp);
 	if (r != PAM_SUCCESS)
 		return (r);
-	*user = resp;
-	return (pam_set_item(pamh, PAM_USER, *user));
+	return (pam_get_item(pamh, PAM_USER, (const void **)user));
 }
 
 /*
@@ -83,3 +89,18 @@
  *	=pam_set_item
  *	!PAM_SYMBOL_ERR
  */
+
+/**
+ * The =pam_get_user function returns the name of the target user, as
+ * specified to =pam_start.  If no user was specified, nor set using
+ * =pam_set_item, =pam_get_user will prompt for a user name.  Either way,
+ * a pointer to the user name is stored in the location pointed to by the
+ * =user argument.
+
+ * The =prompt argument specifies a prompt to use if no user name is
+ * cached.  If it is =NULL, the =PAM_USER_PROMPT will be used.  If that
+ * item is also =NULL, a hardcoded default prompt will be used.
+ *
+ * >pam_get_item
+ * >pam_get_authtok
+ */

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message