more comment and bug fix

commented some stuff and fixed config parser ignoring invalid config keywords
master
Alessandro Mauri 3 years ago
parent 86a6af5073
commit 391353cea6
  1. 33
      us.c

33
us.c

@ -279,10 +279,12 @@ int main(int argc, char *argv[])
{NULL, NULL}
};
if (envflag) { /* clear env */
/* Copy what has to be copied and then clear the environment, we'll
* make a fresh one later */
if (envflag) {
for (int i = 0; env_keep[i].name; i++)
env_keep[i].value = estrdup(getenv(env_keep[i].name));
environ = NULL; // in place of clearenv
environ = NULL;
}
for (int i = 0; env_mod[i].name; i++) {
@ -315,7 +317,7 @@ int main(int argc, char *argv[])
}
}
// do not override, we might be under more levels of 'us'
/* Do not override, we might be under more levels of 'us' */
err = setenv("US_USER", my_name, 0);
errno = 0;
@ -403,7 +405,8 @@ static int authenticate(uid_t uid, char ask)
if (!strcmp(p, "x") || *p == '*' || *p == '!') {
#if defined(__linux__)
// get exclusive access to shadow
/* Get exclusive access to the shadow file, then read
* this should prevent any race conditions */
if (lckpwdf() == -1)
die("lckpwdf");
setspent();
@ -442,7 +445,9 @@ static int authenticate(uid_t uid, char ask)
break;
case 0:
/* we are still root, drop off permissions before
* disasters happen */
* disasters happen, also in case askpass fails
* before sending anything to stdout, terminate tha
* main process since it would hang forever */
if (setuid(uid) == -1) {
kill(parent, SIGTERM);
die("askpass: setuid:");
@ -479,12 +484,13 @@ static int authenticate(uid_t uid, char ask)
fprintf(stderr, "read: %s\n", strerror(errno));
else
printf("Password can't be zero length\n");
// we may have been interrupted, wait askpass before bailing
/* read() may have been interrupted, wait askpass even tough it
* should not be necessary before bailing */
waitpid(-1, NULL, 0);
exit(EXIT_FAILURE);
}
pass[1023] = '\0';
// remove \n
/* Remove the terminating (if there is) \n in password */
int l = strlen(pass);
if (pass[l-1] == '\n')
pass[--l] = '\0';
@ -497,7 +503,7 @@ static int authenticate(uid_t uid, char ask)
}
char *enc = crypt(pass, hash);
/* clean pass from memory */
/* Remove password from memory, just to be sure */
memset(pass, 0, 1024);
if (strncmp(hash, enc, 1024)) {
printf("Authentication failure\n");
@ -508,6 +514,11 @@ static int authenticate(uid_t uid, char ask)
return 0;
}
/* user_to_passwd() and group_to_passwd() both receive the user/group name
* in string form, if the sring begins with '#' then the following number
* is interpreted as the uid/gid and used instead of the name.
* Both functions return a pointer to a passwd/group struct stored inside
* the info structure */
static struct passwd* user_to_passwd(const char *user, struct user_info *info)
{
if (!user) {
@ -560,6 +571,8 @@ static struct group* group_to_grp(const char *group, struct user_info *info)
return gr;
}
/* die() emalloc() estrdup() and erealloc() are all helper functions, wrappers
* to respective functions that use die() to give a message and then fail */
void die(const char *fmt, ...)
{
va_list ap;
@ -608,6 +621,8 @@ char *estrdup(const char *s)
return r;
}
/* Parses the config file and stores the result in a config vector pointed
* by conf of size num */
static int get_config(struct config **conf, int *num)
{
if (!conf || !num)
@ -692,6 +707,8 @@ static int get_config(struct config **conf, int *num)
c.flags |= FLAG_NOPASS;
} else if (!strcmp(t, "nolog")) {
c.flags |= FLAG_NOLOG;
} else {
die("flag %s not recognized at %d", t, i);
}
}
if (n < 3)

Loading…
Cancel
Save