lists.arthurdejong.org
RSS feed

nss-pam-ldapd commit: r1558 - nss-pam-ldapd/nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1558 - nss-pam-ldapd/nslcd



Author: arthur
Date: Thu Dec  1 22:43:24 2011
New Revision: 1558
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1558&view=revision

Log:
ensure that uid, gid and pid vars are properly initialised and log denied 
requests

Modified:
   nss-pam-ldapd/nslcd/nslcd.c

Modified: nss-pam-ldapd/nslcd/nslcd.c
==============================================================================
--- nss-pam-ldapd/nslcd/nslcd.c Wed Nov 30 22:51:06 2011        (r1557)
+++ nss-pam-ldapd/nslcd/nslcd.c Thu Dec  1 22:43:24 2011        (r1558)
@@ -377,9 +377,9 @@
   TFILE *fp;
   int32_t action;
   struct timeval readtimeout,writetimeout;
-  uid_t uid;
-  gid_t gid;
-  pid_t pid;
+  uid_t uid=(uid_t)-1;
+  gid_t gid=(gid_t)-1;
+  pid_t pid=(pid_t)-1;
   /* log connection */
   if (getpeercred(sock,&uid,&gid,&pid))
     log_log(LOG_DEBUG,"connection from unknown client: %s",strerror(errno));
@@ -437,8 +437,10 @@
     case NSLCD_ACTION_SERVICE_BYNAME:   
(void)nslcd_service_byname(fp,session); break;
     case NSLCD_ACTION_SERVICE_BYNUMBER: 
(void)nslcd_service_bynumber(fp,session); break;
     case NSLCD_ACTION_SERVICE_ALL:      (void)nslcd_service_all(fp,session); 
break;
-    case NSLCD_ACTION_SHADOW_BYNAME:    if (uid==0) 
(void)nslcd_shadow_byname(fp,session); break;
-    case NSLCD_ACTION_SHADOW_ALL:       if (uid==0) 
(void)nslcd_shadow_all(fp,session); break;
+    case NSLCD_ACTION_SHADOW_BYNAME:    if (uid==0) 
(void)nslcd_shadow_byname(fp,session);
+                                        else log_log(LOG_DEBUG,"denied shadow 
request by non-root user"); break;
+    case NSLCD_ACTION_SHADOW_ALL:       if (uid==0) 
(void)nslcd_shadow_all(fp,session);
+                                        else log_log(LOG_DEBUG,"denied shadow 
request by non-root user"); break;
     case NSLCD_ACTION_PAM_AUTHC:        (void)nslcd_pam_authc(fp,session,uid); 
break;
     case NSLCD_ACTION_PAM_AUTHZ:        (void)nslcd_pam_authz(fp,session); 
break;
     case NSLCD_ACTION_PAM_SESS_O:       (void)nslcd_pam_sess_o(fp,session); 
break;
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/