projects
/
xscreensaver
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
http://svn.poeml.de/viewvc/ppc/src-unpacked/xscreensaver/xscreensaver-4.12.tar.bz2...
[xscreensaver]
/
driver
/
passwd-pam.c
diff --git
a/driver/passwd-pam.c
b/driver/passwd-pam.c
index 7083cfe487f41342c5c26ff1dd10518ceedcbdeb..a5abb806cef71521c5291cb6c0baded8270e75f4 100644
(file)
--- a/
driver/passwd-pam.c
+++ b/
driver/passwd-pam.c
@@
-1,7
+1,7
@@
/* passwd-pam.c --- verifying typed passwords with PAM
* (Pluggable Authentication Modules.)
* written by Bill Nottingham <notting@redhat.com> (and jwz) for
/* passwd-pam.c --- verifying typed passwords with PAM
* (Pluggable Authentication Modules.)
* written by Bill Nottingham <notting@redhat.com> (and jwz) for
- * xscreensaver, Copyright (c) 1993-200
2
Jamie Zawinski <jwz@jwz.org>
+ * xscreensaver, Copyright (c) 1993-200
3
Jamie Zawinski <jwz@jwz.org>
*
* Permission to use, copy, modify, distribute, and sell this software and its
* documentation for any purpose is hereby granted without fee, provided that
*
* Permission to use, copy, modify, distribute, and sell this software and its
* documentation for any purpose is hereby granted without fee, provided that
@@
-52,10
+52,12
@@
extern char *blurb(void);
#include <pwd.h>
#include <grp.h>
#include <security/pam_appl.h>
#include <pwd.h>
#include <grp.h>
#include <security/pam_appl.h>
+#include <signal.h>
+#include <errno.h>
#include <sys/stat.h>
#include <sys/stat.h>
-extern
void
block_sigchld (void);
+extern
sigset_t
block_sigchld (void);
extern void unblock_sigchld (void);
/* blargh */
extern void unblock_sigchld (void);
/* blargh */
@@
-179,6
+181,8
@@
pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
struct pam_conv pc;
struct pam_closure c;
char *user = 0;
struct pam_conv pc;
struct pam_closure c;
char *user = 0;
+ sigset_t set;
+ struct timespec timeout;
struct passwd *p = getpwuid (getuid ());
if (!p) return False;
struct passwd *p = getpwuid (getuid ());
if (!p) return False;
@@
-242,8
+246,11
@@
pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
PAM_NO_DELAY(pamh);
PAM_NO_DELAY(pamh);
- block_sigchld();
+ timeout.tv_sec = 0;
+ timeout.tv_nsec = 1;
+ set = block_sigchld();
status = pam_authenticate (pamh, 0);
status = pam_authenticate (pamh, 0);
+ sigtimedwait (&set, NULL, &timeout);
unblock_sigchld();
if (verbose_p)
unblock_sigchld();
if (verbose_p)
@@
-254,8
+261,13
@@
pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
/* Each time we successfully authenticate, refresh credentials,
for Kerberos/AFS/DCE/etc. If this fails, just ignore that
failure and blunder along; it shouldn't matter.
/* Each time we successfully authenticate, refresh credentials,
for Kerberos/AFS/DCE/etc. If this fails, just ignore that
failure and blunder along; it shouldn't matter.
+
+ Note: this used to be PAM_REFRESH_CRED instead of
+ PAM_REINITIALIZE_CRED, but Jason Heiss <jheiss@ee.washington.edu>
+ says that the Linux PAM library ignores that one, and only refreshes
+ credentials when using PAM_REINITIALIZE_CRED.
*/
*/
- int status2 = pam_setcred (pamh, PAM_RE
FRESH
_CRED);
+ int status2 = pam_setcred (pamh, PAM_RE
INITIALIZE
_CRED);
if (verbose_p)
fprintf (stderr, "%s: pam_setcred (...) ==> %d (%s)\n",
blurb(), status2, PAM_STRERROR(pamh, status2));
if (verbose_p)
fprintf (stderr, "%s: pam_setcred (...) ==> %d (%s)\n",
blurb(), status2, PAM_STRERROR(pamh, status2));
@@
-274,7
+286,12
@@
pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
if (status != PAM_SUCCESS) goto DONE;
PAM_NO_DELAY(pamh);
if (status != PAM_SUCCESS) goto DONE;
PAM_NO_DELAY(pamh);
+
+ set = block_sigchld();
status = pam_authenticate (pamh, 0);
status = pam_authenticate (pamh, 0);
+ sigtimedwait(&set, NULL, &timeout);
+ unblock_sigchld();
+
if (verbose_p)
fprintf (stderr, "%s: pam_authenticate (...) ==> %d (%s)\n",
blurb(), status, PAM_STRERROR(pamh, status));
if (verbose_p)
fprintf (stderr, "%s: pam_authenticate (...) ==> %d (%s)\n",
blurb(), status, PAM_STRERROR(pamh, status));