diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 16:18:37 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 16:18:37 +0000 |
commit | b6b00dd55e035bfbe311a527b567962ffa77ee43 (patch) | |
tree | cafc4d13785448e5a78bd40a51697ee07f07ac12 /src/login_nopam.c | |
parent | Adding debian version 1:4.13+dfsg1-5. (diff) | |
download | shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.tar.xz shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.zip |
Merging upstream version 1:4.15.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/login_nopam.c')
-rw-r--r-- | src/login_nopam.c | 68 |
1 files changed, 39 insertions, 29 deletions
diff --git a/src/login_nopam.c b/src/login_nopam.c index df6ba88..e6f77d1 100644 --- a/src/login_nopam.c +++ b/src/login_nopam.c @@ -39,12 +39,11 @@ * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. */ #include <sys/types.h> +#include <stddef.h> #include <stdio.h> #include <syslog.h> #include <ctype.h> -#ifdef HAVE_NETDB_H #include <netdb.h> -#endif #include <grp.h> #ifdef PRIMARY_GROUP_MATCH #include <pwd.h> @@ -57,6 +56,8 @@ #include <netinet/in.h> #include <arpa/inet.h> /* for inet_ntoa() */ +#include "sizeof.h" + #if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64) #undef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 256 @@ -98,11 +99,11 @@ int login_access (const char *user, const char *from) if (NULL != fp) { int lineno = 0; /* for diagnostics */ while ( !match - && (fgets (line, (int) sizeof (line), fp) == line)) { - int end; + && (fgets (line, sizeof (line), fp) == line)) { + ptrdiff_t end; lineno++; - end = (int) strlen (line) - 1; - if (line[end] != '\n') { + end = strlen (line) - 1; + if (line[0] == '\0' || line[end] != '\n') { SYSLOG ((LOG_ERR, "%s: line %d: missing newline or line too long", TABLE, lineno)); @@ -119,9 +120,9 @@ int login_access (const char *user, const char *from) continue; } if ( ((perm = strtok (line, fs)) == NULL) - || ((users = strtok ((char *) 0, fs)) == NULL) - || ((froms = strtok ((char *) 0, fs)) == NULL) - || (strtok ((char *) 0, fs) != NULL)) { + || ((users = strtok (NULL, fs)) == NULL) + || ((froms = strtok (NULL, fs)) == NULL) + || (strtok (NULL, fs) != NULL)) { SYSLOG ((LOG_ERR, "%s: line %d: bad field count", TABLE, lineno)); @@ -156,7 +157,7 @@ static bool list_match (char *list, const char *item, bool (*match_fn) (const ch * a match, look for an "EXCEPT" list and recurse to determine whether * the match is affected by any exceptions. */ - for (tok = strtok (list, sep); tok != NULL; tok = strtok ((char *) 0, sep)) { + for (tok = strtok (list, sep); tok != NULL; tok = strtok (NULL, sep)) { if (strcasecmp (tok, "EXCEPT") == 0) { /* EXCEPT: give up */ break; } @@ -168,10 +169,10 @@ static bool list_match (char *list, const char *item, bool (*match_fn) (const ch /* Process exceptions to matches. */ if (match) { - while ( ((tok = strtok ((char *) 0, sep)) != NULL) + while ( ((tok = strtok (NULL, sep)) != NULL) && (strcasecmp (tok, "EXCEPT") != 0)) /* VOID */ ; - if (tok == 0 || !list_match ((char *) 0, item, match_fn)) { + if (tok == 0 || !list_match (NULL, item, match_fn)) { return (match); } } @@ -195,9 +196,9 @@ static char *myhostname (void) static bool netgroup_match (const char *group, const char *machine, const char *user) { - static char *mydomain = (char *)0; + static char *mydomain = NULL; - if (mydomain == (char *)0) { + if (mydomain == NULL) { static char domain[MAXHOSTNAMELEN + 1]; getdomainname (domain, MAXHOSTNAMELEN); @@ -230,7 +231,7 @@ static bool user_match (const char *tok, const char *string) && from_match (at + 1, myhostname ())); #if HAVE_INNETGR } else if (tok[0] == '@') { /* netgroup */ - return (netgroup_match (tok + 1, (char *) 0, string)); + return (netgroup_match (tok + 1, NULL, string)); #endif } else if (string_match (tok, string)) { /* ALL or exact match */ return true; @@ -244,7 +245,7 @@ static bool user_match (const char *tok, const char *string) } #ifdef PRIMARY_GROUP_MATCH /* - * If the string is an user whose initial GID matches the token, + * If the string is a user whose initial GID matches the token, * accept it. May avoid excessively long lines in /etc/group. * Radu-Adrian Feurdean <raf@licj.soroscj.ro> * @@ -265,19 +266,28 @@ static bool user_match (const char *tok, const char *string) static const char *resolve_hostname (const char *string) { - /* - * Resolve hostname to numeric IP address, as suggested - * by Dave Hagewood <admin@arrowweb.com>. --marekm - */ - struct hostent *hp; + int gai_err; + const char *addr_str; + struct addrinfo *addrs; + + static char host[MAXHOSTNAMELEN]; + + gai_err = getaddrinfo(string, NULL, NULL, &addrs); + if (gai_err != 0) { + SYSLOG ((LOG_ERR, "getaddrinfo(%s): %s", string, gai_strerror(gai_err))); + return string; + } - hp = gethostbyname (string); - if (NULL != hp) { - return inet_ntoa (*((struct in_addr *) *(hp->h_addr_list))); + addr_str = host; + gai_err = getnameinfo(addrs[0].ai_addr, addrs[0].ai_addrlen, + host, NITEMS(host), NULL, 0, NI_NUMERICHOST); + if (gai_err != 0) { + SYSLOG ((LOG_ERR, "getnameinfo(%s): %s", string, gai_strerror(gai_err))); + addr_str = string; } - SYSLOG ((LOG_ERR, "%s - unknown host", string)); - return string; + freeaddrinfo(addrs); + return addr_str; } /* from_match - match a host or tty against a list of tokens */ @@ -296,7 +306,7 @@ static bool from_match (const char *tok, const char *string) */ #if HAVE_INNETGR if (tok[0] == '@') { /* netgroup */ - return (netgroup_match (tok + 1, string, (char *) 0)); + return (netgroup_match (tok + 1, string, NULL)); } else #endif if (string_match (tok, string)) { /* ALL or exact match */ @@ -313,7 +323,7 @@ static bool from_match (const char *tok, const char *string) if (strchr (string, '.') == NULL) { return true; } - } else if ( (tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ + } else if ( (tok[0] != '\0' && tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ && (strncmp (tok, resolve_hostname (string), tok_len) == 0)) { return true; } @@ -337,5 +347,5 @@ static bool string_match (const char *tok, const char *string) } #else /* !USE_PAM */ -extern int errno; /* warning: ANSI C forbids an empty source file */ +extern int ISO_C_forbids_an_empty_translation_unit; #endif /* !USE_PAM */ |