* configure.ac: Check for pam libraries and header files.

* pam_sql/pam_mysql.c (mysql_setenv): Protect by #ifdef
HAVE_PAM_MISC_SETENV.  Prevent coredumps on NULL values.
* pam_sql/pam_pgsql.c (pgsql_setenv): Likewise.
* pam_sql/Makefile.am (pam_mysql_la_LDADD,pam_pgsql_la_LDADD): Add
@PAM_MISC@.
* pam_sql/pam_sql.c (read_config): Read lines of arbitrary length.




git-svn-id: file:///svnroot/pam-modules/trunk@90 56984be4-0537-0410-a56c-fcb268c96130

configure.ac

@@ -34,11 +34,21 @@ AC_PROG_INSTALL
 AM_PROG_LIBTOOL
 
 dnl Checks for libraries.
+AC_CHECK_LIB(pam, pam_get_item,:,
+		  [AC_MSG_ERROR([Required library libpam is not found])])
 AC_CHECK_LIB(crypt, crypt)
+AC_SUBST(PAM_MISC)
+AH_TEMPLATE([HAVE_PAM_MISC_SETENV],[Define if pam_misc_setenv is available.])
+AC_CHECK_LIB(pam_misc, pam_misc_setenv,
+             [PAM_MISC=-lpam_misc
+	      AC_DEFINE([HAVE_PAM_MISC_SETENV],1)],:,[-lpam])
 			    
 dnl Checks for header files.
 AC_HEADER_STDC
-AC_CHECK_HEADERS(fcntl.h syslog.h unistd.h crypt.h)
+AC_CHECK_HEADERS(security/pam_appl.h security/pam_modules.h,
+                 :,
+		 AC_MSG_ERROR([Required PAM header files not found]))
+AC_CHECK_HEADERS(fcntl.h syslog.h unistd.h crypt.h security/_pam_aconf.h)
 AC_CHECK_HEADER(shadow.h,
                 [],
                 [AC_MSG_ERROR(shadow.h is not present on your system)])

pam_sql/Makefile.am

@@ -15,9 +15,9 @@ EXTRA_PROGRAMS = pam_mysql.la pam_pgsql.la
 EXTRA_DIST = sha1.h sha1.c pam_sql.c md5.c md5.h
 LDADD = ../lib/libgraypam.la
 pam_mysql_la_SOURCES = pam_mysql.c pam_sql.c
-pam_mysql_la_LDADD = -lpam @MYSQLLIBS@
+pam_mysql_la_LDADD = -lpam @PAM_MISC@ @MYSQLLIBS@
 pam_pgsql_la_SOURCES = pam_pgsql.c pam_sql.c
-pam_pgsql_la_LDADD = -lpam @PGSQLLIBS@
+pam_pgsql_la_LDADD = -lpam @PAM_MISC@ @PGSQLLIBS@
 AM_LDFLAGS = -version-info @VI_CURRENT@:@VI_REVISION@:@VI_AGE@
 
 AM_CPPFLAGS=-DSYSCONFDIR=\"${sysconfdir}\" 

pam_sql/pam_mysql.c

@@ -304,10 +304,8 @@ mysql_do_query(MYSQL *mysql, const char *query)
 static int
 mysql_setenv(pam_handle_t *pamh, MYSQL *mysql, const char *query)
 {
+#ifdef HAVE_PAM_MISC_SETENV
 	MYSQL_RES *result;
-	MYSQL_ROW row;
-	MYSQL_FIELD *fields;
-	size_t nf, i;
 
 	DEBUG(10,("Executing %s", query));
 	if (mysql_query(mysql, query)) {
@@ -319,13 +317,21 @@ mysql_setenv(pam_handle_t *pamh, MYSQL *mysql, const char *query)
 			 mysql_error(mysql));
 		return PAM_SERVICE_ERR;
 	}
-	row = mysql_fetch_row(result);
-	fields = mysql_fetch_fields(result);
-	nf = mysql_num_fields(result);
+	if (mysql_num_rows(result)) {
+		MYSQL_ROW row = mysql_fetch_row(result);
+		MYSQL_FIELD *fields = mysql_fetch_fields(result);
+		size_t i, nf = mysql_num_fields(result);
 		for (i = 0; i < nf; i++)
-		pam_misc_setenv(pamh, fields[i].name, row[i], 0);
+			if (row[i])
+				pam_misc_setenv(pamh, fields[i].name,
+						row[i], 0);
+	}
 	mysql_free_result(result);
 	return PAM_SUCCESS;
+#else
+	_pam_log(LOG_ERR, "MySQL: PAM setenv is not available.");
+	return PAM_SERVICE_ERR;
+#endif
 }
 
 static int

pam_sql/pam_pgsql.c

@@ -60,6 +60,7 @@ pgsql_do_query(PGconn **ppgconn, PGresult **pres, const char *query)
 static int
 pgsql_setenv(pam_handle_t *pamh, PGconn *pgconn, const char *query)
 {
+#ifdef HAVE_PAM_MISC_SETENV	
 	int rc;
 	PGresult *res;
 	
@@ -71,20 +72,26 @@ pgsql_setenv(pam_handle_t *pamh, PGconn *pgconn, const char *query)
 	} else if (PQresultStatus(res) != PGRES_TUPLES_OK) {
 		_pam_log(LOG_ERR, "PQexec: query did not return tuples");
 		rc = PAM_SERVICE_ERR;
-	} else {
+	} else if (PQntuples(res) > 0) {
 		char *p;
 		int i, nf;
 
 		nf = PQnfields(res);
 		for (i = 0; i < nf; i++) {
 			p = PQgetvalue(res, 0, i);
+			if (p) {
 				chop(p);
 				pam_misc_setenv(pamh, PQfname(res, i), p, 0);
 			}
+		}
 		rc = PAM_SUCCESS;
 	}
 	PQclear(res);
 	return rc;
+#else
+	_pam_log(LOG_ERR, "MySQL: PAM setenv is not available.");
+	return PAM_SERVICE_ERR;
+#endif
 }
 
 

pam_sql/pam_sql.c

@@ -248,9 +248,18 @@ read_config ()
 		if (len == 0)
 			continue;
 		if (p[len-1] != '\n') {
-			_pam_log(LOG_EMERG, "%s:%d: string too long",
-				 config_file, line);
-			continue;
+			if (!slist)
+				slist = gray_slist_create();
+			gray_slist_append(slist, p, len);
+			while (p = fgets(buf, sizeof buf, fp)) {
+				len = strlen(p);
+				gray_slist_append(slist, p, len);
+				if (p[len - 1] == '\n')
+					break;
+			} 
+			gray_slist_append_char(slist, 0);
+			p = gray_slist_finish(slist);
+			len = strlen(p);
 		}
 
 		p[len-1] = 0;
@@ -266,7 +275,7 @@ read_config ()
 			if (!slist)
 				slist = gray_slist_create();
 			do {
-				gray_slist_append(slist, p, len-2);
+				gray_slist_append(slist, p, len - 1);
 				p = fgets (buf, sizeof buf, fp);
 				if (!p)
 					break;