[src/trunk]: src/usr.bin/su - avoid calling pam_end twice if pam failed in fatal

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/cd5beb67ea2e
branches:  trunk
changeset: 572571:cd5beb67ea2e
user:      christos <christos%NetBSD.org@localhost>
date:      Sat Jan 08 08:45:53 2005 +0000

description:
- avoid calling pam_end twice if pam failed in fatal
- make fatal proper macros
- fix typos in comments
- fix logical error initializing pam
XXX: Seems to work now, but the whole process is awkward.
Asking for an ssh passphrase and using this to do unix authentication is wrong.
Falling back to the old style auth is awkward. We should really provide a
pam_rootauth module if we want to support that.

diffstat:

 usr.bin/su/su.c |  33 +++++++++++++++++++++++----------
 1 files changed, 23 insertions(+), 10 deletions(-)

diffs (92 lines):

diff -r 933df112847c -r cd5beb67ea2e usr.bin/su/su.c
--- a/usr.bin/su/su.c   Sat Jan 08 08:43:03 2005 +0000
+++ b/usr.bin/su/su.c   Sat Jan 08 08:45:53 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: su.c,v 1.59 2005/01/07 22:34:20 manu Exp $     */
+/*     $NetBSD: su.c,v 1.60 2005/01/08 08:45:53 christos Exp $ */
 
 /*
  * Copyright (c) 1988 The Regents of the University of California.
@@ -40,7 +40,7 @@
 #if 0
 static char sccsid[] = "@(#)su.c       8.3 (Berkeley) 4/2/94";*/
 #else
-__RCSID("$NetBSD: su.c,v 1.59 2005/01/07 22:34:20 manu Exp $");
+__RCSID("$NetBSD: su.c,v 1.60 2005/01/08 08:45:53 christos Exp $");
 #endif
 #endif /* not lint */
 
@@ -73,8 +73,17 @@
 static pam_handle_t *pamh;
 static struct pam_conv pamc;
 
-#define fatal(x) { pam_end(pamh, pam_err); err x; }
-#define fatalx(x) { pam_end(pamh, pam_err); errx x; }
+#define fatal(x) do { \
+       if (pam_err == PAM_SUCCESS) \
+               pam_end(pamh, pam_err); \
+       err x;  \
+} while (/*CONSTCOND*/ 0)
+#define fatalx(x) do { \
+       if (pam_err == PAM_SUCCESS) \
+               pam_end(pamh, pam_err); \
+       errx x; \
+} while (/*CONSTCOND*/ 0)
+
 #else
 #define fatal(x) err x
 #define fatalx(x) errx x
@@ -157,6 +166,10 @@
        char *tty; 
        int pam_err, status;
        pid_t pid;
+#ifdef notdef
+       extern int _openpam_debug;
+       _openpam_debug = 1;
+#endif
 #endif
 
        asme = asthem = fastlogin = 0;
@@ -212,10 +225,12 @@
        /* get current login name and shell */
        ruid = getuid();
        username = getlogin();
+       /* get target login information, default to root */
+       user = *argv ? *argv : "root";
 
 #ifdef USE_PAM
        pamc.conv = &openpam_ttyconv;
-       pam_start("su", username, &pamc, &pamh);
+       pam_start("su", user, &pamc, &pamh);
 
        /* Fill in hostname, username and tty */        
        if ((pam_err = pam_set_item(pamh, PAM_RUSER, username)) != PAM_SUCCESS)
@@ -254,7 +269,7 @@
 
 pam_failed:
        if (pam_err != PAM_SUCCESS) {
-               warn("PAM failed, fallback to plain old authentication");
+               warnx("PAM failed, fallback to plain old authentication");
                pam_end(pamh, pam_err);
                username = getlogin();
        }       
@@ -296,8 +311,6 @@
                        iscsh = NO;
                }
        }
-       /* get target login information, default to root */
-       user = *argv ? *argv : "root";
        np = *argv ? argv : argv-1;
 
        if ((pwd = getpwnam(user)) == NULL)
@@ -408,8 +421,8 @@
 
 #ifdef USE_PAM
        /* 
-        * If PAM is in use, we must release PAM ressources and close
-        * the session after su child exits. That require a fork now,
+        * If PAM is in use, we must release PAM resources and close
+        * the session after su child exits. That requires a fork now,
         * before we drop the root privs (needed for PAM)
         */
        if (pam_err == PAM_SUCCESS) {