Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2011-12-01 22:43:24 +0100
committerArthur de Jong <arthur@arthurdejong.org>2011-12-01 22:43:24 +0100
commit78556f3d344cf898e86b8cf59bb8a20ad200ecfc (patch)
tree96625ad3bd3dc6e1a3cc526eb6e2a3ade039b1d4 /nslcd
parent57ee450dcf199e05bf774f08c98a7858035deae3 (diff)
ensure that uid, gid and pid vars are properly initialised and log denied requests
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1558 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'nslcd')
-rw-r--r--nslcd/nslcd.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index 0d0590e..f7341e3 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -377,9 +377,9 @@ static void handleconnection(int sock,MYLDAP_SESSION *session)
TFILE *fp;
int32_t action;
struct timeval readtimeout,writetimeout;
- uid_t uid;
- gid_t gid;
- pid_t pid;
+ uid_t uid=(uid_t)-1;
+ gid_t gid=(gid_t)-1;
+ pid_t pid=(pid_t)-1;
/* log connection */
if (getpeercred(sock,&uid,&gid,&pid))
log_log(LOG_DEBUG,"connection from unknown client: %s",strerror(errno));
@@ -437,8 +437,10 @@ static void handleconnection(int sock,MYLDAP_SESSION *session)
case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp,session); break;
case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp,session); break;
case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp,session); break;
- case NSLCD_ACTION_SHADOW_BYNAME: if (uid==0) (void)nslcd_shadow_byname(fp,session); break;
- case NSLCD_ACTION_SHADOW_ALL: if (uid==0) (void)nslcd_shadow_all(fp,session); break;
+ case NSLCD_ACTION_SHADOW_BYNAME: if (uid==0) (void)nslcd_shadow_byname(fp,session);
+ else log_log(LOG_DEBUG,"denied shadow request by non-root user"); break;
+ case NSLCD_ACTION_SHADOW_ALL: if (uid==0) (void)nslcd_shadow_all(fp,session);
+ else log_log(LOG_DEBUG,"denied shadow request by non-root user"); break;
case NSLCD_ACTION_PAM_AUTHC: (void)nslcd_pam_authc(fp,session,uid); break;
case NSLCD_ACTION_PAM_AUTHZ: (void)nslcd_pam_authz(fp,session); break;
case NSLCD_ACTION_PAM_SESS_O: (void)nslcd_pam_sess_o(fp,session); break;