diff options
| author | Philip Prindeville <philipp@redfish-solutions.com> | 2018-01-23 11:21:56 -0700 |
|---|---|---|
| committer | Philip Prindeville <philipp@redfish-solutions.com> | 2018-01-23 11:21:56 -0700 |
| commit | d45a2c53061a3db67e25d5997f3dcfda763b3408 (patch) | |
| tree | b8aa4bea9508fc3a315a7e1ac7d12c78d4ca2b8a /pam_tacplus.c | |
| parent | 059e21e01fec0a72d41c8d05a2f52dc3cadcf0a0 (diff) | |
| parent | 81e942c82564e0577e8ecf490b75ed99268a89cc (diff) | |
| download | pam_tacplus-1.5.0-beta.2.tar.gz pam_tacplus-1.5.0-beta.2.zip | |
Merge branch 'master' of github.com:jeroennijhof/pam_tacplus into v1.5.xv1.5.0-beta.2
Diffstat (limited to 'pam_tacplus.c')
| -rw-r--r-- | pam_tacplus.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/pam_tacplus.c b/pam_tacplus.c index 324cd5d..19e2aca 100644 --- a/pam_tacplus.c +++ b/pam_tacplus.c @@ -654,33 +654,29 @@ int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags, int argc, attr = arep.attr; while (attr != NULL) { - char attribute[attr->attr_len]; - char value[attr->attr_len]; - char *sep; - - sep = index(attr->attr, '='); - if (sep == NULL) - sep = index(attr->attr, '*'); - if (sep != NULL) { - bcopy(attr->attr, attribute, attr->attr_len - strlen(sep)); - attribute[attr->attr_len - strlen(sep)] = '\0'; - bcopy(sep, value, strlen(sep)); - value[strlen(sep)] = '\0'; + size_t len = strcspn(attr->attr, "=*"); + if (len < attr->attr_len) { + char avpair[attr->attr_len+1]; + bcopy(attr->attr, avpair, attr->attr_len+1); /* Also copy terminating NUL */ + if (ctrl & PAM_TAC_DEBUG) + syslog(LOG_DEBUG, "%s: returned attribute `%s' from server", + __FUNCTION__, avpair); + + avpair[len] = '='; // replace '*' by '=' size_t i; - for (i = 0; attribute[i] != '\0'; i++) { - attribute[i] = toupper(attribute[i]); - if (attribute[i] == '-') - attribute[i] = '_'; + for (i = 0; i < len; i++) { + avpair[i] = toupper(avpair[i]); + if (avpair[i] == '-') + avpair[i] = '_'; } if (ctrl & PAM_TAC_DEBUG) - syslog(LOG_DEBUG, "%s: returned attribute `%s%s' from server", - __FUNCTION__, attribute, value); + syslog(LOG_DEBUG, "%s: setting PAM environment `%s'", + __FUNCTION__, avpair); /* make returned attributes available for other PAM modules via PAM environment */ - if (pam_putenv(pamh, - strncat(attribute, value, strlen(value))) != PAM_SUCCESS) + if (pam_putenv(pamh, avpair) != PAM_SUCCESS) syslog(LOG_WARNING, "%s: unable to set PAM environment", __FUNCTION__); @@ -715,7 +711,11 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t * pamh, int flags, int argc, const char **argv) { #if defined(HAVE_OPENSSL_RAND_H) && defined(HAVE_LIBCRYPTO) +# if defined(HAVE_RAND_BYTES) + RAND_bytes((unsigned char *) &task_id, sizeof(task_id)); +# else RAND_pseudo_bytes((unsigned char *) &task_id, sizeof(task_id)); +# endif #else task_id=(short int) magic(); #endif |