diff --git a/lib/pam_get_authtok.c b/lib/pam_get_authtok.c index 7886603..e8b329b 100644 --- a/lib/pam_get_authtok.c +++ b/lib/pam_get_authtok.c @@ -31,11 +31,13 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#13 $ + * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#14 $ */ #include +#include + #include #include @@ -95,8 +97,11 @@ pam_get_authtok(pam_handle_t *pamh, r = pam_prompt(pamh, style, &resp, "%s", prompt); if (r != PAM_SUCCESS) return (r); - *authtok = resp; - return (pam_set_item(pamh, item, *authtok)); + r = pam_set_item(pamh, pitem, resp); + free(resp); + if (r != PAM_SUCCESS) + return (r); + return (pam_get_item(pamh, pitem, (const void **)authtok)); } /* @@ -124,9 +129,10 @@ pam_get_authtok(pam_handle_t *pamh, * authentication tokens. * * The =prompt argument specifies a prompt to use if no token is cached. - * If =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item, as - * appropriate, will be used. If that item is also =NULL, a hardcoded + * If it is =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item, + * as appropriate, will be used. If that item is also =NULL, a hardcoded * default prompt will be used. * * >pam_get_item + * >pam_get_user */ diff --git a/lib/pam_get_user.c b/lib/pam_get_user.c index 5e10f30..608614a 100644 --- a/lib/pam_get_user.c +++ b/lib/pam_get_user.c @@ -31,16 +31,20 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_user.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_get_user.c#11 $ */ #include +#include + #include #include #include "openpam_impl.h" +const char user_prompt[] = "Login:"; + /* * XSSO 4.2.1 * XSSO 6 page 52 @@ -53,7 +57,7 @@ pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) { - char *p, *resp; + char *resp; int r; if (pamh == NULL || user == NULL) @@ -63,16 +67,18 @@ pam_get_user(pam_handle_t *pamh, if (r == PAM_SUCCESS) return (PAM_SUCCESS); if (prompt == NULL) { - if (pam_get_item(pamh, PAM_USER_PROMPT, - (const void **)&p) != PAM_SUCCESS || p == NULL) - prompt = "Login: "; + r = pam_get_item(pamh, PAM_USER_PROMPT, (const void **)&prompt); + if (r != PAM_SUCCESS || prompt == NULL) + prompt = user_prompt; } - r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, - "%s", prompt ? prompt : p); + r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, "%s", prompt); if (r != PAM_SUCCESS) return (r); - *user = resp; - return (pam_set_item(pamh, PAM_USER, *user)); + r = pam_set_item(pamh, PAM_USER, resp); + free(resp); + if (r != PAM_SUCCESS) + return (r); + return (pam_get_item(pamh, PAM_USER, (const void **)user)); } /* @@ -83,3 +89,18 @@ pam_get_user(pam_handle_t *pamh, * =pam_set_item * !PAM_SYMBOL_ERR */ + +/** + * The =pam_get_user function returns the name of the target user, as + * specified to =pam_start. If no user was specified, nor set using + * =pam_set_item, =pam_get_user will prompt for a user name. Either way, + * a pointer to the user name is stored in the location pointed to by the + * =user argument. + + * The =prompt argument specifies a prompt to use if no user name is + * cached. If it is =NULL, the =PAM_USER_PROMPT will be used. If that + * item is also =NULL, a hardcoded default prompt will be used. + * + * >pam_get_item + * >pam_get_authtok + */