1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
Do not use fgetpwent_r
fgetpwent_r does not exist on musl
Source: https://git.alpinelinux.org/aports/tree/community/libpwquality/0001-fix-musl-build.patch
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
--- a/src/pam_pwquality.c
+++ b/src/pam_pwquality.c
@@ -19,6 +19,7 @@
#include <stdio.h>
#include <pwd.h>
#include <errno.h>
+#include <security/pam_modutil.h>
#include "pwquality.h"
/*
@@ -43,8 +44,6 @@ struct module_options {
#define CO_RETRY_TIMES 1
-#define PATH_PASSWD "/etc/passwd"
-
static int
_pam_parse (pam_handle_t *pamh, struct module_options *opt,
int argc, const char **argv)
@@ -98,44 +97,7 @@ static int
check_local_user (pam_handle_t *pamh,
const char *user)
{
- struct passwd pw, *pwp;
- char buf[4096];
- int found = 0;
- FILE *fp;
- int errn;
-
- fp = fopen(PATH_PASSWD, "r");
- if (fp == NULL) {
- pam_syslog(pamh, LOG_ERR, "unable to open %s: %s",
- PATH_PASSWD, pam_strerror(pamh, errno));
- return -1;
- }
-
- for (;;) {
- errn = fgetpwent_r(fp, &pw, buf, sizeof (buf), &pwp);
- if (errn == ERANGE) {
- pam_syslog(pamh, LOG_WARNING, "%s contains very long lines; corrupted?",
- PATH_PASSWD);
- /* we can continue here as next call will read further */
- continue;
- }
- if (errn != 0)
- break;
- if (strcmp(pwp->pw_name, user) == 0) {
- found = 1;
- break;
- }
- }
-
- fclose (fp);
-
- if (errn != 0 && errn != ENOENT) {
- pam_syslog(pamh, LOG_ERR, "unable to enumerate local accounts: %s",
- pam_strerror(pamh, errn));
- return -1;
- } else {
- return found;
- }
+ return pam_modutil_check_user_in_passwd(pamh, user, NULL) == PAM_SUCCESS;
}
PAM_EXTERN int
|
