Handle attributes which contains no value

author: Jeroen Nijhof <jeroen@jeroennijhof.nl> 2012-06-12 17:16:05 +0200
committer: Jeroen Nijhof <jeroen@jeroennijhof.nl> 2012-06-12 17:16:05 +0200
commit: f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f (patch)
tree: 65d02d02cf91b83f2156804299bc95e5092ba63f /libtac/lib
parent: b8dcd8f5c3f4cd582c88bbfd93d0909277eca3f0 (diff)
download: pam_tacplus-f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f.tar.gz
pam_tacplus-f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f.zip
8 files changed, 49 insertions, 26 deletions
diff --git a/libtac/lib/acct_s.c b/libtac/lib/acct_s.c
index f297530..c1de720 100644
--- a/libtac/lib/acct_s.c
+++ b/libtac/lib/acct_s.c
@@ -79,12 +79,17 @@ int tac_acct_send(int fd, int type, const char *user, char *tty,
     tb.flags=(u_char) type;
     tb.authen_method=tac_authen_method;
     tb.priv_lvl=tac_priv_lvl;
-    if (strcmp(tac_login,"chap") == 0) {
-        tb.authen_type=TAC_PLUS_AUTHEN_TYPE_CHAP;
-    } else if(strcmp(tac_login,"login") == 0) {
-        tb.authen_type=TAC_PLUS_AUTHEN_TYPE_ASCII;
+    if (tac_login == NULL) {
+        /* default to PAP */
+        tb.authen_type = TAC_PLUS_AUTHEN_TYPE_PAP;
     } else {
-        tb.authen_type=TAC_PLUS_AUTHEN_TYPE_PAP;
+        if (strcmp(tac_login,"chap") == 0) {
+            tb.authen_type=TAC_PLUS_AUTHEN_TYPE_CHAP;
+        } else if(strcmp(tac_login,"login") == 0) {
+            tb.authen_type=TAC_PLUS_AUTHEN_TYPE_ASCII;
+        } else {
+            tb.authen_type=TAC_PLUS_AUTHEN_TYPE_PAP;
+        }
     }
     tb.authen_service=tac_authen_service;
     tb.user_len=user_len;
diff --git a/libtac/lib/attrib.c b/libtac/lib/attrib.c
index 1257ff6..9d71ee2 100644
--- a/libtac/lib/attrib.c
+++ b/libtac/lib/attrib.c
@@ -31,8 +31,15 @@ void tac_add_attrib(struct tac_attrib **attr, char *name, char *value) {
 void tac_add_attrib_pair(struct tac_attrib **attr, char *name, char sep, char *value) {
     struct tac_attrib *a;
     u_char l1 = (u_char) strlen(name);
-    u_char l2 = (u_char) strlen(value);
-    int total_len = l1 + l2 + 1; /* "name" + "=" + "value" */
+    u_char l2;
+    int total_len;
+    
+    if (value == NULL) {
+        l2 = 0;
+    } else {
+        l2 = (u_char) strlen(value);
+    }
+    total_len = l1 + l2 + 1; /* "name" + "=" + "value" */
 
     if (total_len > 255) {
         TACSYSLOG((LOG_WARNING,\
@@ -64,7 +71,9 @@ void tac_add_attrib_pair(struct tac_attrib **attr, char *name, char sep, char *v
     a->attr = (char *) xcalloc(1, total_len+1);
     bcopy(name, a->attr, l1);    /* paste name */
     *(a->attr+l1)=sep;           /* insert seperator "[=*]" */
-    bcopy(value, (a->attr+l1+1), l2); /* paste value */
+    if (value != NULL) {
+        bcopy(value, (a->attr+l1+1), l2); /* paste value */
+    }
     *(a->attr+total_len) = '\0';      /* add 0 for safety */
     a->next = NULL; /* make sure it's null */
 }
diff --git a/libtac/lib/authen_s.c b/libtac/lib/authen_s.c
index c987c1f..0cbf606 100644
--- a/libtac/lib/authen_s.c
+++ b/libtac/lib/authen_s.c
@@ -52,7 +52,7 @@ int tac_authen_send(int fd, const char *user, char *pass, char *tty,
     th=_tac_req_header(TAC_PLUS_AUTHEN, 0);
 
     /* set some header options */
-    if(strcmp(tac_login,"login") == 0) {
+    if ((tac_login != NULL) && (strcmp(tac_login,"login") == 0)) {
         th->version = TAC_PLUS_VER_0;
     } else {
         th->version = TAC_PLUS_VER_1;
@@ -63,7 +63,7 @@ int tac_authen_send(int fd, const char *user, char *pass, char *tty,
         __FUNCTION__, user, tty, rem_addr, \
         (tac_encryption) ? "yes" : "no"))        
         
-    if(strcmp(tac_login,"chap") == 0) {
+    if ((tac_login != NULL) && (strcmp(tac_login,"chap") == 0)) {
         chal_len = strlen(chal);
         mdp_len = sizeof(u_char) + strlen(pass) + chal_len;
         mdp = (u_char *) xcalloc(1, mdp_len);
@@ -91,12 +91,17 @@ int tac_authen_send(int fd, const char *user, char *pass, char *tty,
     /* fill the body of message */
     tb.action = TAC_PLUS_AUTHEN_LOGIN;
     tb.priv_lvl = tac_priv_lvl;
-    if (strcmp(tac_login,"chap") == 0) {
-        tb.authen_type = TAC_PLUS_AUTHEN_TYPE_CHAP;
-    } else if (strcmp(tac_login,"login") == 0) {
-        tb.authen_type = TAC_PLUS_AUTHEN_TYPE_ASCII;
-    } else {
+    if (tac_login == NULL) {
+        /* default to PAP */
         tb.authen_type = TAC_PLUS_AUTHEN_TYPE_PAP;
+    } else {
+        if (strcmp(tac_login,"chap") == 0) {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_CHAP;
+        } else if (strcmp(tac_login,"login") == 0) {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_ASCII;
+        } else {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_PAP;
+        }
     }
     tb.service = tac_authen_service;
     tb.user_len = user_len;
diff --git a/libtac/lib/author_s.c b/libtac/lib/author_s.c
index 627acb9..7148e80 100644
--- a/libtac/lib/author_s.c
+++ b/libtac/lib/author_s.c
@@ -64,12 +64,17 @@ int tac_author_send(int fd, const char *user, char *tty, char *rem_addr,
 
     tb.authen_method = tac_authen_method;
     tb.priv_lvl = tac_priv_lvl;
-    if (strcmp(tac_login,"chap") == 0) {
-        tb.authen_type = TAC_PLUS_AUTHEN_TYPE_CHAP;
-    } else if (strcmp(tac_login,"login") == 0) {
-        tb.authen_type = TAC_PLUS_AUTHEN_TYPE_ASCII;
-    } else {
+    if (tac_login == NULL) {
+        /* default to PAP */
         tb.authen_type = TAC_PLUS_AUTHEN_TYPE_PAP;
+    } else {
+        if (strcmp(tac_login,"chap") == 0) {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_CHAP;
+        } else if (strcmp(tac_login,"login") == 0) {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_ASCII;
+        } else {
+            tb.authen_type = TAC_PLUS_AUTHEN_TYPE_PAP;
+        }
     }
     tb.service = tac_authen_service;
     tb.user_len = user_len;
diff --git a/libtac/lib/crypt.c b/libtac/lib/crypt.c
index 04d29a6..d06f4f7 100644
--- a/libtac/lib/crypt.c
+++ b/libtac/lib/crypt.c
@@ -91,7 +91,7 @@ void _tac_crypt(u_char *buf, HDR *th, int length) {
     u_char *pad;
  
     /* null operation if no encryption requested */
-    if(th->encryption == TAC_PLUS_ENCRYPTED_FLAG) {
+    if((tac_secret != NULL) && (th->encryption == TAC_PLUS_ENCRYPTED_FLAG)) {
         pad = _tac_md5_pad(length, th);
  
         for (i=0; i<length; i++) {
diff --git a/libtac/lib/header.c b/libtac/lib/header.c
index 393ce7a..349c563 100644
--- a/libtac/lib/header.c
+++ b/libtac/lib/header.c
@@ -34,10 +34,10 @@ int session_id;
 int tac_encryption = 0;
 
 /* Pointer to TACACS+ shared secret string. */
-char *tac_secret = "";
+char *tac_secret = NULL;
 
 /* Pointer to TACACS+ shared login string. */
-char *tac_login = "pap";
+char *tac_login = NULL; /* default is PAP */
 
 /* priv_lvl */
 int tac_priv_lvl = TAC_PLUS_PRIV_LVL_MIN;
diff --git a/libtac/lib/magic.c b/libtac/lib/magic.c
index 2741760..89bf023 100644
--- a/libtac/lib/magic.c
+++ b/libtac/lib/magic.c
@@ -77,13 +77,12 @@ magic()
 {
 #ifdef __linux__
     u_int32_t ret = 0;
-    int bytes = 0;
 
     if (magic_inited == 0 )
         magic_init();
 
 	if(rfd > -1) {
-            bytes = read(rfd, &ret, sizeof(ret));
+            read(rfd, &ret, sizeof(ret));
             return ret;
         }
 	else
diff --git a/libtac/lib/version.c b/libtac/lib/version.c
index 470be16..5075831 100644
--- a/libtac/lib/version.c
+++ b/libtac/lib/version.c
@@ -20,5 +20,5 @@
  */
 
 int tac_ver_major = 1;
-int tac_ver_minor = 7;
+int tac_ver_minor = 8;
 int tac_ver_patch = 1; /* patchlevel */
author	Jeroen Nijhof <jeroen@jeroennijhof.nl>	2012-06-12 17:16:05 +0200
committer	Jeroen Nijhof <jeroen@jeroennijhof.nl>	2012-06-12 17:16:05 +0200
commit	f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f (patch)
tree	65d02d02cf91b83f2156804299bc95e5092ba63f /libtac/lib
parent	b8dcd8f5c3f4cd582c88bbfd93d0909277eca3f0 (diff)
download	pam_tacplus-f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f.tar.gz pam_tacplus-f56d9e4acba1e49db2659b95fb6b3c8f8fd70f0f.zip