From 6c16915894495c8316ee1a80ed877c9470c5085d Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Aug 24 2012 21:12:56 +0000 Subject: wrap krb5_free_context(), too --- diff --git a/src/acct.c b/src/acct.c index 505c109..0dce4f9 100644 --- a/src/acct.c +++ b/src/acct.c @@ -78,7 +78,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, i = pam_get_user(pamh, &user, NULL); if ((i != PAM_SUCCESS) || (user == NULL)) { warn("could not identify user name"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return i; } @@ -86,7 +86,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, options = _pam_krb5_options_init(pamh, argc, argv, ctx); if (options == NULL) { warn("error parsing options (shouldn't happen)"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } @@ -100,7 +100,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, retval = PAM_USER_UNKNOWN; } _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } @@ -114,7 +114,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, } _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_IGNORE; } @@ -123,7 +123,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, if (stash == NULL) { _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } @@ -241,7 +241,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, } _pam_krb5_options_free(pamh, ctx, options); _pam_krb5_user_info_free(ctx, userinfo); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } diff --git a/src/afs5log.c b/src/afs5log.c index e21dc8e..e3b5851 100644 --- a/src/afs5log.c +++ b/src/afs5log.c @@ -200,7 +200,7 @@ main(int argc, char **argv) "[-s strategy] [-p path] " "[cell[=principal]] ] [...]\n", argv[0]); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); exit(0); break; } @@ -271,6 +271,6 @@ main(int argc, char **argv) } } krb5_cc_close(ctx, ccache); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return 0; } diff --git a/src/auth.c b/src/auth.c index 06f5af6..ffbab46 100644 --- a/src/auth.c +++ b/src/auth.c @@ -89,7 +89,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, i = pam_get_user(pamh, &user, NULL); if ((i != PAM_SUCCESS) || (user == NULL)) { warn("could not identify user name"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return i; } @@ -97,14 +97,14 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, i = v5_alloc_get_init_creds_opt(ctx, &gic_options); if (i != 0) { warn("error initializing options (shouldn't happen)"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } options = _pam_krb5_options_init(pamh, argc, argv, ctx); if (options == NULL) { warn("error parsing options (shouldn't happen)"); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } if (options->debug) { @@ -149,7 +149,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, /* Clean up and return. */ _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } if (options->debug) { @@ -175,7 +175,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, } _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_IGNORE; } @@ -195,7 +195,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, } _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } @@ -417,7 +417,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, v5_free_get_init_creds_opt(ctx, gic_options); _pam_krb5_options_free(pamh, ctx, options); _pam_krb5_user_info_free(ctx, userinfo); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } diff --git a/src/init.c b/src/init.c index 25e8e90..d925f7a 100644 --- a/src/init.c +++ b/src/init.c @@ -83,7 +83,7 @@ _pam_krb5_init_ctx(krb5_context *ctx, if (i == 0) { i = set_realm(*ctx, argc, argv); if (i != 0) { - krb5_free_context(*ctx); + _pam_krb5_free_ctx(*ctx); *ctx = NULL; } } @@ -98,9 +98,18 @@ _pam_krb5_init_ctx(krb5_context *ctx, if (i == 0) { i = set_realm(*ctx, argc, argv); if (i != 0) { - krb5_free_context(*ctx); + _pam_krb5_free_ctx(*ctx); *ctx = NULL; } } return i; } + +void +_pam_krb5_free_ctx(krb5_context ctx) +{ +#ifdef HAVE_KRB5_SET_TRACE_CALLBACK + krb5_set_trace_callback(ctx, NULL, NULL); +#endif + krb5_free_context(ctx); +} diff --git a/src/init.h b/src/init.h index 5601018..5cfe02c 100644 --- a/src/init.h +++ b/src/init.h @@ -35,5 +35,6 @@ int _pam_krb5_init_ctx(krb5_context *ctx, int argc, PAM_KRB5_MAYBE_CONST char **argv); +void _pam_krb5_free_ctx(krb5_context ctx); #endif diff --git a/src/logpam.c b/src/logpam.c index 4ab5c0d..785ea5e 100644 --- a/src/logpam.c +++ b/src/logpam.c @@ -103,7 +103,15 @@ debug(const char *fmt, ...) void trace(krb5_context ctx, const struct krb5_trace_info *info, void *data) { - debug("libkrb5 trace message: %s", info->message); + int len; + if (info != NULL) { + len = strlen(info->message); + while ((len > 0) && + (strchr("\r\n", info->message[len - 1]) != NULL)) { + len--; + } + debug("libkrb5 trace message: %.*s", len, info->message); + } } #endif diff --git a/src/logstdio.c b/src/logstdio.c index 16affa7..886658a 100644 --- a/src/logstdio.c +++ b/src/logstdio.c @@ -94,7 +94,15 @@ debug(const char *fmt, ...) void trace(krb5_context ctx, const struct krb5_trace_info *info, void *data) { - debug("libkrb5 trace message: %s", info->message); + int len; + if (info != NULL) { + len = strlen(info->message); + while ((len > 0) && + (strchr("\r\n", info->message[len - 1]) != NULL)) { + len--; + } + debug("libkrb5 trace message: %.*s", len, info->message); + } } #endif diff --git a/src/pam_newpag.c b/src/pam_newpag.c index a4dc561..ff03b20 100644 --- a/src/pam_newpag.c +++ b/src/pam_newpag.c @@ -79,7 +79,7 @@ maybe_setpag(const char *fn, pam_handle_t *pamh, int flags, options = _pam_krb5_options_init(pamh, argc, argv, ctx); if (options == NULL) { warn("error parsing options (shouldn't happen)"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } @@ -119,7 +119,7 @@ maybe_setpag(const char *fn, pam_handle_t *pamh, int flags, pam_strerror(pamh, ret)); } _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return ret; } diff --git a/src/password.c b/src/password.c index c42ae7a..9f3b82e 100644 --- a/src/password.c +++ b/src/password.c @@ -92,7 +92,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, i = pam_get_user(pamh, &user, NULL); if ((i != PAM_SUCCESS) || (user == NULL)) { warn("could not identify user name"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return i; } @@ -100,14 +100,14 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, i = v5_alloc_get_init_creds_opt(ctx, &gic_options); if (i != 0) { warn("error initializing options (shouldn't happen)"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } options = _pam_krb5_options_init(pamh, argc, argv, ctx); if (options == NULL) { warn("error parsing options (shouldn't happen)"); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } _pam_krb5_set_init_opts(ctx, gic_options, options); @@ -123,7 +123,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, } _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } @@ -138,7 +138,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_IGNORE; } @@ -543,6 +543,6 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); v5_free_get_init_creds_opt(ctx, gic_options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } diff --git a/src/sly.c b/src/sly.c index bd6078c..4a3c481 100644 --- a/src/sly.c +++ b/src/sly.c @@ -142,7 +142,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, i = pam_get_user(pamh, &user, NULL); if ((i != PAM_SUCCESS) || (user == NULL)) { warn("could not identify user name"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return i; } @@ -150,7 +150,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, options = _pam_krb5_options_init(pamh, argc, argv, ctx); if (options == NULL) { warn("error parsing options (shouldn't happen)"); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } if (options->debug) { @@ -168,7 +168,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, retval = PAM_USER_UNKNOWN; } _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } @@ -180,7 +180,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, } _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_IGNORE; } @@ -191,7 +191,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, user); _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return PAM_SERVICE_ERR; } @@ -320,7 +320,7 @@ _pam_krb5_sly_maybe_refresh(pam_handle_t *pamh, int flags, _pam_krb5_user_info_free(ctx, userinfo); _pam_krb5_options_free(pamh, ctx, options); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return retval; } diff --git a/src/stash.c b/src/stash.c index 2f56365..42a44ed 100644 --- a/src/stash.c +++ b/src/stash.c @@ -514,7 +514,7 @@ _pam_krb5_stash_get(pam_handle_t *pamh, const char *user, stash = malloc(sizeof(struct _pam_krb5_stash)); if (stash == NULL) { free(key); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return NULL; } memset(stash, 0, sizeof(struct _pam_krb5_stash)); @@ -716,39 +716,6 @@ _pam_krb5_stash_chown_keyring(krb5_context ctx, struct _pam_krb5_stash *stash, } #endif -static char * -_pam_krb5_stash_guess_unique_ccname(struct _pam_krb5_stash *stash, - struct _pam_krb5_options *options, - char *newname, - char *append_if_needed) -{ - struct _pam_krb5_ccname_list *node; - char *ret; - /* Search for a match in our list of already-created ccache names. */ - for (node = stash->v5ccnames; - (node != NULL) && (strcmp(node->name, newname) != 0); - node = node->next) { - continue; - } - if (node == NULL) { - /* No match -> return. */ - return newname; - } - /* Append something which will hopefully make it unique. */ - ret = malloc(strlen(newname) + strlen(append_if_needed) + 1); - if (ret != NULL) { - sprintf(ret, "%s%s", newname, append_if_needed); - if (options->debug) { - debug("already have a ccache named \"%s\", " - "will create one named \"%s\" instead", - newname, ret); - } - free(newname); - } - return _pam_krb5_stash_guess_unique_ccname(stash, options, - ret, append_if_needed); -} - void _pam_krb5_stash_push(krb5_context ctx, struct _pam_krb5_stash *stash, diff --git a/src/uuauth.c b/src/uuauth.c index 580a43a..8e3079f 100644 --- a/src/uuauth.c +++ b/src/uuauth.c @@ -214,7 +214,7 @@ main(int argc, const char **argv) krb5_cc_close(ctx, occache); } krb5_cc_close(ctx, ccache); - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return 0; } diff --git a/src/vfy.c b/src/vfy.c index d0ffc00..77360ff 100644 --- a/src/vfy.c +++ b/src/vfy.c @@ -129,7 +129,7 @@ main(int argc, const char **argv) printf("OK\n"); } - krb5_free_context(ctx); + _pam_krb5_free_ctx(ctx); return ret; }