X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=authfile.c;h=2d30ed83b1ed708736e3d4a4f66a350e35aee8dd;hp=abf31fb8f91ff665823e67395fe9eb26043a078c;hb=8624b16ffe42216463da9cf4301bb909a19a0b42;hpb=54f191d82623f7bc8468322a0aa044002584827d diff --git a/authfile.c b/authfile.c index abf31fb..2d30ed8 100644 --- a/authfile.c +++ b/authfile.c @@ -1,9 +1,33 @@ +/* +Copyright (c) 2013 Eugene Crosser + +This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. + +Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must + not claim that you wrote the original software. If you use this + software in a product, an acknowledgment in the product documentation + would be appreciated but is not required. + + 2. Altered source versions must be plainly marked as such, and must + not be misrepresented as being the original software. + + 3. This notice may not be removed or altered from any source + distribution. +*/ + #ifdef HAVE_CONFIG_H # include "config.h" #endif #include #include #include +#include #include #include #include @@ -26,9 +50,9 @@ * string. */ -static char *template = "~/.pam_cr/auth"; +static const char *template = "~/.pam_cr/auth"; -void authfile_template(char *str) +void authfile_template(const char *str) { template = str; } @@ -36,7 +60,7 @@ void authfile_template(char *str) static int path_size(const char *tokenid, const char *userid) { const char *usub; - char *p, *q; + const char *p, *q; struct passwd *pw; if ((p = strchr(template, '~')) != strrchr(template, '~')) return 0; @@ -57,7 +81,8 @@ static void make_path(char * const path, const char *tokenid, const char *userid) { const char *usub; - char *p, *q; + const char *p; + char *q; struct passwd *pw; path[0] = '\0'; @@ -109,7 +134,7 @@ struct _auth_obj authfile(const char *tokenid, struct _auth_obj ret = {0}; mode_t oldmask; FILE *fp = NULL; - char *fn; + char *fn, *nfn; int fnl; char *buf = NULL; struct { @@ -130,6 +155,8 @@ struct _auth_obj authfile(const char *tokenid, } fn = alloca(fnl); make_path(fn, tokenid, userid); + nfn = alloca(fnl+32); + snprintf(nfn, fnl+32, "%s.%d.%ld", fn, (int)getpid(), (long)time(NULL)); fp = fopen(fn, "r"); if (fp) { struct stat st; @@ -187,7 +214,7 @@ struct _auth_obj authfile(const char *tokenid, } oldmask = umask(077); - if ((fp = fopen(fn, "w"))) { + if ((fp = fopen(nfn, "w"))) { int i; if (fprintf(fp, "%s:%s:%s:", tokenid?tokenid:w.tokenid, @@ -205,9 +232,14 @@ struct _auth_obj authfile(const char *tokenid, ret.err = strerror(errno); } (void)umask(oldmask); + if (ret.err) { + unlink(nfn); /* may not exist but no matter */ + } else if (rename(nfn, fn)) { + ret.err = strerror(errno); + } if (!ret.err) { - int bufsize = (w.userid?strlen(w.userid)+1:0) + ao.paylsize; + int bufsize = (w.userid?strlen(w.userid)+1:0) + ao.paylsize + 1; if (bufsize) { if ((ret.buffer = malloc(bufsize)) == NULL) { ret.err = "authfile malloc failed"; @@ -221,8 +253,9 @@ struct _auth_obj authfile(const char *tokenid, } if (ao.payload) { memcpy(p, ao.payload, ao.paylsize); + p[ao.paylsize] = '\0'; ret.payload = p; - ret.paylsize = ao.paylsize; + ret.paylsize = ao.paylsize+1; } } }