mirror of https://github.com/fairyglade/ly.git
Fix authentication in a few edge cases (#604)
* fix loginConv and auth * fix potential mem leak with configs * BIG changes
This commit is contained in:
parent
9df54fe980
commit
00952dd8ee
|
@ -7,8 +7,8 @@
|
|||
.hash = "122014e73fd712190e109950837b97f6143f02d7e2b6986e1db70b6f4aadb5ba6a0d",
|
||||
},
|
||||
.zigini = .{
|
||||
.url = "https://github.com/Kawaii-Ash/zigini/archive/2f598085c8bd8b1acef1add90d116c8dd1895b45.tar.gz",
|
||||
.hash = "12206dc36227c010c879b59ab563512f718ce4cabe570968587a0bbbcde708f64528",
|
||||
.url = "https://github.com/Kawaii-Ash/zigini/archive/ce1f322482099db058f5d9fdd05fbfa255d79723.tar.gz",
|
||||
.hash = "1220e7a99793a0430e0a7c0b938cb3c98321035bc297e21cd0e2413cf740b4923b9f",
|
||||
},
|
||||
},
|
||||
.paths = .{""},
|
||||
|
|
18
src/auth.zig
18
src/auth.zig
|
@ -48,7 +48,7 @@ pub fn authenticate(config: Config, desktop: Desktop, login: [:0]const u8, passw
|
|||
status = interop.pam.pam_acct_mgmt(handle, 0);
|
||||
if (status != interop.pam.PAM_SUCCESS) return pamDiagnose(status);
|
||||
|
||||
status = interop.pam.pam_setcred(handle, 0);
|
||||
status = interop.pam.pam_setcred(handle, interop.pam.PAM_ESTABLISH_CRED);
|
||||
if (status != interop.pam.PAM_SUCCESS) return pamDiagnose(status);
|
||||
|
||||
status = interop.pam.pam_open_session(handle, 0);
|
||||
|
@ -103,7 +103,7 @@ pub fn authenticate(config: Config, desktop: Desktop, login: [:0]const u8, passw
|
|||
status = interop.pam.pam_close_session(handle, 0);
|
||||
if (status != 0) return pamDiagnose(status);
|
||||
|
||||
status = interop.pam.pam_setcred(handle, 0);
|
||||
status = interop.pam.pam_setcred(handle, interop.pam.PAM_DELETE_CRED);
|
||||
if (status != 0) return pamDiagnose(status);
|
||||
|
||||
status = interop.pam.pam_end(handle, status);
|
||||
|
@ -205,6 +205,10 @@ fn loginConv(
|
|||
const allocator = std.heap.c_allocator;
|
||||
const response = allocator.alloc(interop.pam.pam_response, message_count) catch return interop.pam.PAM_BUF_ERR;
|
||||
|
||||
// Initialise allocated memory to 0
|
||||
// This ensures memory can be freed by pam on success
|
||||
for (response) |*r| r.* = std.mem.zeroes(interop.pam.pam_response);
|
||||
|
||||
var username: ?[:0]u8 = null;
|
||||
var password: ?[:0]u8 = null;
|
||||
var status: c_int = interop.pam.PAM_SUCCESS;
|
||||
|
@ -213,12 +217,18 @@ fn loginConv(
|
|||
switch (messages[i].?.msg_style) {
|
||||
interop.pam.PAM_PROMPT_ECHO_ON => {
|
||||
const data: [*][*:0]u8 = @ptrCast(@alignCast(appdata_ptr));
|
||||
username = allocator.dupeZ(u8, std.mem.span(data[0])) catch return interop.pam.PAM_BUF_ERR;
|
||||
username = allocator.dupeZ(u8, std.mem.span(data[0])) catch {
|
||||
status = interop.pam.PAM_BUF_ERR;
|
||||
break :set_credentials;
|
||||
};
|
||||
response[i].resp = username.?.ptr;
|
||||
},
|
||||
interop.pam.PAM_PROMPT_ECHO_OFF => {
|
||||
const data: [*][*:0]u8 = @ptrCast(@alignCast(appdata_ptr));
|
||||
password = allocator.dupeZ(u8, std.mem.span(data[1])) catch return interop.pam.PAM_BUF_ERR;
|
||||
password = allocator.dupeZ(u8, std.mem.span(data[1])) catch {
|
||||
status = interop.pam.PAM_BUF_ERR;
|
||||
break :set_credentials;
|
||||
};
|
||||
response[i].resp = password.?.ptr;
|
||||
},
|
||||
interop.pam.PAM_ERROR_MSG => {
|
||||
|
|
Loading…
Reference in New Issue