From 8cadbd70f4e8323f7e2901c774d5206cd456643f Mon Sep 17 00:00:00 2001
From: Samuel Varley <samuel.varley@alliedtelesis.co.nz>
Date: Thu, 26 Nov 2015 11:04:25 +1300
Subject: Thread safety: Store the name of conf file in radius_conf_t.

I needed to move the position of the structures
so I could use the CONST macro with the new
member.
---
 src/pam_radius_auth.c | 19 +++++---------
 src/pam_radius_auth.h | 70 ++++++++++++++++++++++++++-------------------------
 2 files changed, 42 insertions(+), 47 deletions(-)

diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c
index 29b0322..0ee145e 100644
--- a/src/pam_radius_auth.c
+++ b/src/pam_radius_auth.c
@@ -61,7 +61,6 @@
 
 /* internal data */
 static CONST char *pam_module_name = "pam_radius_auth";
-static char conf_file[BUFFER_SIZE]; /* configuration file */
 static int opt_debug = FALSE;		/* print debug info */
 
 /* logging */
@@ -84,7 +83,7 @@ static int _pam_parse(int argc, CONST char **argv, radius_conf_t *conf)
 
 	memset(conf, 0, sizeof(radius_conf_t)); /* ensure it's initialized */
 
-	strcpy(conf_file, CONF_FILE);
+	conf->conf_file = CONF_FILE;
 
 	/* set the default prompt */
 	snprintf(conf->prompt, MAXPROMPT, "%s: ", DEFAULT_PROMPT);
@@ -101,13 +100,7 @@ static int _pam_parse(int argc, CONST char **argv, radius_conf_t *conf)
 
 		/* generic options */
 		if (!strncmp(*argv,"conf=",5)) {
-			/* protect against buffer overflow */
-			if (strlen(*argv+5) >= sizeof(conf_file)) {
-				_pam_log(LOG_ERR, "conf= argument too long");
-				conf_file[0] = 0;
-				return 0;
-			}
-			strcpy(conf_file,*argv+5);
+			conf->conf_file = *argv+5;
 
 		} else if (!strcmp(*argv, "use_first_pass")) {
 			ctrl |= PAM_USE_FIRST_PASS;
@@ -574,11 +567,11 @@ static int initialize(radius_conf_t *conf, int accounting)
 	char src_ip[MAX_IP_LEN];
 
 	/* the first time around, read the configuration file */
-	if ((fserver = fopen (conf_file, "r")) == (FILE*)NULL) {
+	if ((fserver = fopen (conf->conf_file, "r")) == (FILE*)NULL) {
 		char error_string[BUFFER_SIZE];
 		get_error_string(errno, error_string, sizeof(error_string));
 		_pam_log(LOG_ERR, "Could not open configuration file %s: %s\n",
-			conf_file, error_string);
+			conf->conf_file, error_string);
 		return PAM_ABORT;
 	}
 
@@ -604,7 +597,7 @@ static int initialize(radius_conf_t *conf, int accounting)
 		src_ip[0] = 0;
 		if (sscanf(p, "%s %s %d %s", hostname, secret, &timeout, src_ip) < 2) {
 			_pam_log(LOG_ERR, "ERROR reading %s, line %d: Could not read hostname or secret\n",
-				 conf_file, line);
+				 conf->conf_file, line);
 			continue;			/* invalid line */
 		} else {				/* read it in and save the data */
 			radius_server_t *tmp;
@@ -636,7 +629,7 @@ static int initialize(radius_conf_t *conf, int accounting)
 
 	if (!server) {		/* no server found, die a horrible death */
 		_pam_log(LOG_ERR, "No RADIUS server found in configuration file %s\n",
-			 conf_file);
+			 conf->conf_file);
 		return PAM_AUTHINFO_UNAVAIL;
 	}
 
diff --git a/src/pam_radius_auth.h b/src/pam_radius_auth.h
index defec5c..0882c53 100644
--- a/src/pam_radius_auth.h
+++ b/src/pam_radius_auth.h
@@ -47,40 +47,6 @@
 #define MAXPROMPT 33               /* max prompt length, including '\0' */
 #define DEFAULT_PROMPT "Password"  /* default prompt, without the ': '  */
 
-/*************************************************************************
- * Additional RADIUS definitions
- *************************************************************************/
-
-/* Per-attribute structure */
-typedef struct attribute_t {
-	unsigned char attribute;
-	unsigned char length;
-	unsigned char data[1];
-} attribute_t;
-
-typedef struct radius_server_t {
-	struct radius_server_t *next;
-	struct in_addr ip;
-	uint16_t port;
-	char *hostname;
-	char *secret;
-	int timeout;
-	int accounting;
-} radius_server_t;
-
-typedef struct radius_conf_t {
-	radius_server_t *server;
-	int retries;
-	int localifdown;
-	char *client_id;
-	int accounting_bug;
-	int force_prompt;
-	int max_challenge;
-	int sockfd;
-	int debug;
-	char prompt[MAXPROMPT];
-} radius_conf_t;
-
 
 /*************************************************************************
  * Platform specific defines
@@ -146,4 +112,40 @@ typedef struct radius_conf_t {
 #define TRUE !FALSE
 #endif
 
+
+/*************************************************************************
+ * Additional RADIUS definitions
+ *************************************************************************/
+
+/* Per-attribute structure */
+typedef struct attribute_t {
+	unsigned char attribute;
+	unsigned char length;
+	unsigned char data[1];
+} attribute_t;
+
+typedef struct radius_server_t {
+	struct radius_server_t *next;
+	struct in_addr ip;
+	uint16_t port;
+	char *hostname;
+	char *secret;
+	int timeout;
+	int accounting;
+} radius_server_t;
+
+typedef struct radius_conf_t {
+	radius_server_t *server;
+	int retries;
+	int localifdown;
+	char *client_id;
+	int accounting_bug;
+	int force_prompt;
+	int max_challenge;
+	int sockfd;
+	int debug;
+	CONST char *conf_file;
+	char prompt[MAXPROMPT];
+} radius_conf_t;
+
 #endif /* PAM_RADIUS_H */
-- 
cgit v1.2.3