From 63d207e2fcd8a5c887413beec36332a11d30c5fc Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Fri, 4 Oct 2019 13:09:28 +0200 Subject: [PATCH] wrap pam actions and handle errors at on spot --- src/login.c | 44 +++++++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/src/login.c b/src/login.c index bc9a3fe..d64cc3c 100644 --- a/src/login.c +++ b/src/login.c @@ -423,6 +423,24 @@ void shell(struct passwd* pwd) reset_terminal(pwd); } +// pam_do performs the pam action specified in pam_action +// on pam_action fail, call diagnose and end pam session +int pam_do( + int (pam_action)(struct pam_handle *, int), + struct pam_handle *handle, + int flags, + struct term_buf *buf) +{ + int status = pam_action(handle, flags); + + if (status != PAM_SUCCESS) { + pam_diagnose(status, buf); + pam_end(handle, status); + } + + return status; +} + void auth( struct desktop* desktop, struct text* login, @@ -445,39 +463,31 @@ void auth( return; } - ok = pam_authenticate(handle, 0); + ok = pam_do(pam_authenticate, handle, 0, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } - ok = pam_acct_mgmt(handle, 0); + ok = pam_do(pam_acct_mgmt, handle, 0, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } - ok = pam_setcred(handle, PAM_ESTABLISH_CRED); + ok = pam_do(pam_setcred, handle, PAM_ESTABLISH_CRED, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } - ok = pam_open_session(handle, 0); + ok = pam_do(pam_open_session, handle, 0, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } @@ -621,21 +631,17 @@ void auth( desktop_load(desktop); // close pam session - ok = pam_close_session(handle, 0); + ok = pam_do(pam_close_session, handle, 0, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } - ok = pam_setcred(handle, PAM_DELETE_CRED); + ok = pam_do(pam_setcred, handle, PAM_DELETE_CRED, buf); if (ok != PAM_SUCCESS) { - pam_diagnose(ok, buf); - pam_end(handle, ok); return; } @@ -645,4 +651,4 @@ void auth( { pam_diagnose(ok, buf); } -} +} \ No newline at end of file