diff options
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 44 |
1 files changed, 20 insertions, 24 deletions
diff --git a/auth-pam.c b/auth-pam.c index 675006e6f..d51318b3a 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -412,10 +412,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, | |||
| 412 | 412 | ||
| 413 | fail: | 413 | fail: |
| 414 | for(i = 0; i < n; i++) { | 414 | for(i = 0; i < n; i++) { |
| 415 | if (reply[i].resp != NULL) | 415 | free(reply[i].resp); |
| 416 | xfree(reply[i].resp); | ||
| 417 | } | 416 | } |
| 418 | xfree(reply); | 417 | free(reply); |
| 419 | buffer_free(&buffer); | 418 | buffer_free(&buffer); |
| 420 | return (PAM_CONV_ERR); | 419 | return (PAM_CONV_ERR); |
| 421 | } | 420 | } |
| @@ -586,10 +585,9 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg, | |||
| 586 | 585 | ||
| 587 | fail: | 586 | fail: |
| 588 | for(i = 0; i < n; i++) { | 587 | for(i = 0; i < n; i++) { |
| 589 | if (reply[i].resp != NULL) | 588 | free(reply[i].resp); |
| 590 | xfree(reply[i].resp); | ||
| 591 | } | 589 | } |
| 592 | xfree(reply); | 590 | free(reply); |
| 593 | return (PAM_CONV_ERR); | 591 | return (PAM_CONV_ERR); |
| 594 | } | 592 | } |
| 595 | 593 | ||
| @@ -693,7 +691,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
| 693 | /* Start the authentication thread */ | 691 | /* Start the authentication thread */ |
| 694 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { | 692 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { |
| 695 | error("PAM: failed create sockets: %s", strerror(errno)); | 693 | error("PAM: failed create sockets: %s", strerror(errno)); |
| 696 | xfree(ctxt); | 694 | free(ctxt); |
| 697 | return (NULL); | 695 | return (NULL); |
| 698 | } | 696 | } |
| 699 | ctxt->pam_psock = socks[0]; | 697 | ctxt->pam_psock = socks[0]; |
| @@ -703,7 +701,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
| 703 | strerror(errno)); | 701 | strerror(errno)); |
| 704 | close(socks[0]); | 702 | close(socks[0]); |
| 705 | close(socks[1]); | 703 | close(socks[1]); |
| 706 | xfree(ctxt); | 704 | free(ctxt); |
| 707 | return (NULL); | 705 | return (NULL); |
| 708 | } | 706 | } |
| 709 | cleanup_ctxt = ctxt; | 707 | cleanup_ctxt = ctxt; |
| @@ -742,7 +740,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 742 | strlcpy(**prompts + plen, msg, len - plen); | 740 | strlcpy(**prompts + plen, msg, len - plen); |
| 743 | plen += mlen; | 741 | plen += mlen; |
| 744 | **echo_on = (type == PAM_PROMPT_ECHO_ON); | 742 | **echo_on = (type == PAM_PROMPT_ECHO_ON); |
| 745 | xfree(msg); | 743 | free(msg); |
| 746 | return (0); | 744 | return (0); |
| 747 | case PAM_ERROR_MSG: | 745 | case PAM_ERROR_MSG: |
| 748 | case PAM_TEXT_INFO: | 746 | case PAM_TEXT_INFO: |
| @@ -753,7 +751,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 753 | plen += mlen; | 751 | plen += mlen; |
| 754 | strlcat(**prompts + plen, "\n", len - plen); | 752 | strlcat(**prompts + plen, "\n", len - plen); |
| 755 | plen++; | 753 | plen++; |
| 756 | xfree(msg); | 754 | free(msg); |
| 757 | break; | 755 | break; |
| 758 | case PAM_ACCT_EXPIRED: | 756 | case PAM_ACCT_EXPIRED: |
| 759 | sshpam_account_status = 0; | 757 | sshpam_account_status = 0; |
| @@ -766,7 +764,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 766 | *num = 0; | 764 | *num = 0; |
| 767 | **echo_on = 0; | 765 | **echo_on = 0; |
| 768 | ctxt->pam_done = -1; | 766 | ctxt->pam_done = -1; |
| 769 | xfree(msg); | 767 | free(msg); |
| 770 | return 0; | 768 | return 0; |
| 771 | } | 769 | } |
| 772 | /* FALLTHROUGH */ | 770 | /* FALLTHROUGH */ |
| @@ -776,7 +774,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 776 | debug("PAM: %s", **prompts); | 774 | debug("PAM: %s", **prompts); |
| 777 | buffer_append(&loginmsg, **prompts, | 775 | buffer_append(&loginmsg, **prompts, |
| 778 | strlen(**prompts)); | 776 | strlen(**prompts)); |
| 779 | xfree(**prompts); | 777 | free(**prompts); |
| 780 | **prompts = NULL; | 778 | **prompts = NULL; |
| 781 | } | 779 | } |
| 782 | if (type == PAM_SUCCESS) { | 780 | if (type == PAM_SUCCESS) { |
| @@ -790,7 +788,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 790 | *num = 0; | 788 | *num = 0; |
| 791 | **echo_on = 0; | 789 | **echo_on = 0; |
| 792 | ctxt->pam_done = 1; | 790 | ctxt->pam_done = 1; |
| 793 | xfree(msg); | 791 | free(msg); |
| 794 | return (0); | 792 | return (0); |
| 795 | } | 793 | } |
| 796 | error("PAM: %s for %s%.100s from %.100s", msg, | 794 | error("PAM: %s for %s%.100s from %.100s", msg, |
| @@ -801,7 +799,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
| 801 | default: | 799 | default: |
| 802 | *num = 0; | 800 | *num = 0; |
| 803 | **echo_on = 0; | 801 | **echo_on = 0; |
| 804 | xfree(msg); | 802 | free(msg); |
| 805 | ctxt->pam_done = -1; | 803 | ctxt->pam_done = -1; |
| 806 | return (-1); | 804 | return (-1); |
| 807 | } | 805 | } |
| @@ -852,7 +850,7 @@ sshpam_free_ctx(void *ctxtp) | |||
| 852 | 850 | ||
| 853 | debug3("PAM: %s entering", __func__); | 851 | debug3("PAM: %s entering", __func__); |
| 854 | sshpam_thread_cleanup(); | 852 | sshpam_thread_cleanup(); |
| 855 | xfree(ctxt); | 853 | free(ctxt); |
| 856 | /* | 854 | /* |
| 857 | * We don't call sshpam_cleanup() here because we may need the PAM | 855 | * We don't call sshpam_cleanup() here because we may need the PAM |
| 858 | * handle at a later stage, e.g. when setting up a session. It's | 856 | * handle at a later stage, e.g. when setting up a session. It's |
| @@ -1006,10 +1004,9 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, | |||
| 1006 | 1004 | ||
| 1007 | fail: | 1005 | fail: |
| 1008 | for(i = 0; i < n; i++) { | 1006 | for(i = 0; i < n; i++) { |
| 1009 | if (reply[i].resp != NULL) | 1007 | free(reply[i].resp); |
| 1010 | xfree(reply[i].resp); | ||
| 1011 | } | 1008 | } |
| 1012 | xfree(reply); | 1009 | free(reply); |
| 1013 | return (PAM_CONV_ERR); | 1010 | return (PAM_CONV_ERR); |
| 1014 | } | 1011 | } |
| 1015 | 1012 | ||
| @@ -1081,7 +1078,7 @@ do_pam_putenv(char *name, char *value) | |||
| 1081 | 1078 | ||
| 1082 | snprintf(compound, len, "%s=%s", name, value); | 1079 | snprintf(compound, len, "%s=%s", name, value); |
| 1083 | ret = pam_putenv(sshpam_handle, compound); | 1080 | ret = pam_putenv(sshpam_handle, compound); |
| 1084 | xfree(compound); | 1081 | free(compound); |
| 1085 | #endif | 1082 | #endif |
| 1086 | 1083 | ||
| 1087 | return (ret); | 1084 | return (ret); |
| @@ -1108,8 +1105,8 @@ free_pam_environment(char **env) | |||
| 1108 | return; | 1105 | return; |
| 1109 | 1106 | ||
| 1110 | for (envp = env; *envp; envp++) | 1107 | for (envp = env; *envp; envp++) |
| 1111 | xfree(*envp); | 1108 | free(*envp); |
| 1112 | xfree(env); | 1109 | free(env); |
| 1113 | } | 1110 | } |
| 1114 | 1111 | ||
| 1115 | /* | 1112 | /* |
| @@ -1165,10 +1162,9 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, | |||
| 1165 | 1162 | ||
| 1166 | fail: | 1163 | fail: |
| 1167 | for(i = 0; i < n; i++) { | 1164 | for(i = 0; i < n; i++) { |
| 1168 | if (reply[i].resp != NULL) | 1165 | free(reply[i].resp); |
| 1169 | xfree(reply[i].resp); | ||
| 1170 | } | 1166 | } |
| 1171 | xfree(reply); | 1167 | free(reply); |
| 1172 | return (PAM_CONV_ERR); | 1168 | return (PAM_CONV_ERR); |
| 1173 | } | 1169 | } |
| 1174 | 1170 | ||