summaryrefslogtreecommitdiffstats
path: root/src/sss_client/pam_sss.c
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-03-23 16:35:49 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-03-25 16:02:27 -0400
commit80c8a4f94d54b23bce206fdd75ff2648977ce271 (patch)
tree7a03b98f665e4ebf7005c580fd9873200f023fad /src/sss_client/pam_sss.c
parentf94abf5319d8f74cacae0a98d3925d18eb6839eb (diff)
downloadsssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.tar.gz
sssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.tar.xz
sssd-80c8a4f94d54b23bce206fdd75ff2648977ce271.zip
Allow arbitrary-length PAM messages
The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432
Diffstat (limited to 'src/sss_client/pam_sss.c')
-rw-r--r--src/sss_client/pam_sss.c23
1 files changed, 20 insertions, 3 deletions
diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c
index 07ed4e72..6059dfaa 100644
--- a/src/sss_client/pam_sss.c
+++ b/src/sss_client/pam_sss.c
@@ -588,7 +588,8 @@ static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen,
{
int ret;
uint32_t msg_len;
- char user_msg[256];
+ char *user_msg;
+ size_t bufsize = 0;
if (buflen < 2* sizeof(uint32_t)) {
D(("User info response data is too short"));
@@ -602,19 +603,35 @@ static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen,
return PAM_BUF_ERR;
}
- ret = snprintf(user_msg, sizeof(user_msg), "%s%s%.*s",
+ bufsize = strlen(_("Password change failed. ")) + 1;
+
+ if (msg_len > 0) {
+ bufsize += strlen(_("Server message: ")) + msg_len;
+ }
+
+ user_msg = (char *)malloc(sizeof(char) * bufsize);
+ if (!user_msg) {
+ D(("Out of memory."));
+ return PAM_SYSTEM_ERR;
+ }
+
+ ret = snprintf(user_msg, bufsize, "%s%s%.*s",
_("Password change failed. "),
msg_len > 0 ? _("Server message: ") : "",
msg_len,
msg_len > 0 ? (char *)(buf + 2 * sizeof(uint32_t)) : "" );
- if (ret < 0 || ret >= sizeof(user_msg)) {
+ if (ret < 0 || ret > bufsize) {
D(("snprintf failed."));
+
+ free(user_msg);
return PAM_SYSTEM_ERR;
}
ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL);
+ free(user_msg);
if (ret != PAM_SUCCESS) {
D(("do_pam_conversation failed."));
+
return PAM_SYSTEM_ERR;
}