diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-01-04 15:28:34 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-04 15:28:34 +0100 |
commit | 4855d82348388c85657fc06ba9271a03a8ebb259 (patch) | |
tree | 0a8bf0eab8c550223ffc0caabe80378133a91e83 /src | |
parent | homed: when empty username is passed to bus calls, operate on client's UID (diff) | |
parent | pam_systemd_home: port over to pam_get_item_many() (diff) | |
download | systemd-4855d82348388c85657fc06ba9271a03a8ebb259.tar.xz systemd-4855d82348388c85657fc06ba9271a03a8ebb259.zip |
Merge pull request #30739 from poettering/pam-util-many
pam-util: add pam_get_item_many() to shorten some code
Diffstat (limited to 'src')
-rw-r--r-- | src/home/pam_systemd_home.c | 13 | ||||
-rw-r--r-- | src/login/pam_systemd.c | 32 | ||||
-rw-r--r-- | src/shared/pam-util.c | 24 | ||||
-rw-r--r-- | src/shared/pam-util.h | 4 |
4 files changed, 46 insertions, 27 deletions
diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c index ba8d8f6054..30f624b6e2 100644 --- a/src/home/pam_systemd_home.c +++ b/src/home/pam_systemd_home.c @@ -969,13 +969,12 @@ _public_ PAM_EXTERN int pam_sm_chauthtok( return r; /* Start with cached credentials */ - r = pam_get_item(handle, PAM_OLDAUTHTOK, (const void**) &old_password); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get old password: @PAMERR@"); - - r = pam_get_item(handle, PAM_AUTHTOK, (const void**) &new_password); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get cached password: @PAMERR@"); + r = pam_get_item_many( + handle, + PAM_OLDAUTHTOK, &old_password, + PAM_AUTHTOK, &new_password); + if (r != PAM_SUCCESS) + return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get cached passwords: @PAMERR@"); if (isempty(new_password)) { /* No, it's not cached, then let's ask for the password and its verification, and cache diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c index 4d391ffaff..20ec5530d9 100644 --- a/src/login/pam_systemd.c +++ b/src/login/pam_systemd.c @@ -926,15 +926,20 @@ _public_ PAM_EXTERN int pam_sm_open_session( if (!logind_running()) goto success; - /* Make sure we don't enter a loop by talking to - * systemd-logind when it is actually waiting for the - * background to finish start-up. If the service is - * "systemd-user" we simply set XDG_RUNTIME_DIR and + r = pam_get_item_many( + handle, + PAM_SERVICE, &service, + PAM_XDISPLAY, &display, + PAM_TTY, &tty, + PAM_RUSER, &remote_user, + PAM_RHOST, &remote_host); + if (r != PAM_SUCCESS) + return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM items: @PAMERR@"); + + /* Make sure we don't enter a loop by talking to systemd-logind when it is actually waiting for the + * background to finish start-up. If the service is "systemd-user" we simply set XDG_RUNTIME_DIR and * leave. */ - r = pam_get_item(handle, PAM_SERVICE, (const void**) &service); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM service: @PAMERR@"); if (streq_ptr(service, "systemd-user")) { char rt[STRLEN("/run/user/") + DECIMAL_STR_MAX(uid_t)]; @@ -948,19 +953,6 @@ _public_ PAM_EXTERN int pam_sm_open_session( /* Otherwise, we ask logind to create a session for us */ - r = pam_get_item(handle, PAM_XDISPLAY, (const void**) &display); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM_XDISPLAY: @PAMERR@"); - r = pam_get_item(handle, PAM_TTY, (const void**) &tty); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM_TTY: @PAMERR@"); - r = pam_get_item(handle, PAM_RUSER, (const void**) &remote_user); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM_RUSER: @PAMERR@"); - r = pam_get_item(handle, PAM_RHOST, (const void**) &remote_host); - if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) - return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get PAM_RHOST: @PAMERR@"); - seat = getenv_harder(handle, "XDG_SEAT", NULL); cvtnr = getenv_harder(handle, "XDG_VTNR", NULL); type = getenv_harder(handle, "XDG_SESSION_TYPE", type_pam); diff --git a/src/shared/pam-util.c b/src/shared/pam-util.c index 1057104194..59437ae0bb 100644 --- a/src/shared/pam-util.c +++ b/src/shared/pam-util.c @@ -202,3 +202,27 @@ void pam_cleanup_free(pam_handle_t *handle, void *data, int error_status) { /* A generic destructor for pam_set_data() that just frees the specified data */ free(data); } + +int pam_get_item_many_internal(pam_handle_t *handle, ...) { + va_list ap; + int r; + + va_start(ap, handle); + for (;;) { + int item_type = va_arg(ap, int); + + if (item_type <= 0) { + r = PAM_SUCCESS; + break; + } + + const void **value = ASSERT_PTR(va_arg(ap, const void **)); + + r = pam_get_item(handle, item_type, value); + if (!IN_SET(r, PAM_BAD_ITEM, PAM_SUCCESS)) + break; + } + va_end(ap); + + return r; +} diff --git a/src/shared/pam-util.h b/src/shared/pam-util.h index 5a05fb71f1..9c40ba2dde 100644 --- a/src/shared/pam-util.h +++ b/src/shared/pam-util.h @@ -39,3 +39,7 @@ int pam_acquire_bus_connection(pam_handle_t *handle, const char *module_name, sd int pam_release_bus_connection(pam_handle_t *handle, const char *module_name); void pam_cleanup_free(pam_handle_t *handle, void *data, int error_status); + +int pam_get_item_many_internal(pam_handle_t *handle, ...); + +#define pam_get_item_many(handle, ...) pam_get_item_many_internal(handle, __VA_ARGS__, -1) |