From 86c95423b2908869ee42f9f40896a0bb0b773cf4 Mon Sep 17 00:00:00 2001
From: Timo Weingärtner <timo@tiwe.de>
Date: Sat, 27 Apr 2013 23:55:20 +0200
Subject: rework argument parsing

* don't copy pwdfile argument, we don't need to modify it
* replace sizeof() with strlen() as that is easier to understand and the
  compiler can also optimize it away
* expand DEFINE's so we can get rid of the comments
---
 pam_pwdfile.c | 48 +++++++++++++-----------------------------------
 1 file changed, 13 insertions(+), 35 deletions(-)

diff --git a/pam_pwdfile.c b/pam_pwdfile.c
index d8c9e69..21e37d9 100644
--- a/pam_pwdfile.c
+++ b/pam_pwdfile.c
@@ -65,10 +65,6 @@
 extern char *crypt(const char *key, const char *salt);
 extern char *bigcrypt(const char *key, const char *salt);
 
-#define PWDF_PARAM "pwdfile"
-#define FLOCK_PARAM "flock"
-#define NODELAY_PARAM "nodelay"
-#define PWDFN_LEN 256
 #define CRYPTED_DESPWD_LEN 13
 #define CRYPTED_MD5PWD_LEN 34
 #define CRYPTED_BCPWD_LEN 178
@@ -209,10 +205,10 @@ static int fgetpwnam(FILE *stream, const char *name, char *password) {
 __attribute__((visibility("default")))
 PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
 				   int argc, const char **argv) {
-    int retval, pcnt, pwdfilename_found;
+    int retval, i;
     const char *name;
     char *password;
-    char pwdfilename[PWDFN_LEN];
+    char const * pwdfilename = NULL;
     char salt[12], stored_crypted_password[CRYPTED_BCPWD_LEN+1];
     char *crypted_password;
     FILE *pwdfile;
@@ -222,38 +218,20 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
     int debug = 0;
     
     /* we require the pwdfile switch and argument to be present, else we don't work */
-    /* pcnt is the parameter counter variable for iterating through argv */
-    pcnt = pwdfilename_found = 0;
-    do {
-	/* see if the current parameter looks like "pwdfile" */
-	if (strcmp(argv[pcnt],PWDF_PARAM)==0) {
-	    /* if argv is long enough, grab the subsequent parameter */
-	    if (pcnt+1 < argc) {
-		/* make sure we can't overflow */
-		strncpy(pwdfilename,argv[++pcnt],PWDFN_LEN);
-		/* indicate that we've found it */
-		pwdfilename_found = 1;
-	    }
-	    /* also check for "pwdfile=blah" */
-	} else if (strncmp(argv[pcnt],PWDF_PARAM "=",sizeof(PWDF_PARAM "=")-1)==0) {
-	    /* make sure we can't overflow */
-	    strncpy(pwdfilename,argv[pcnt]+sizeof(PWDF_PARAM),PWDFN_LEN);
-	    /* indicate that we've found it */
-	    pwdfilename_found = 1;
-	} else if (strcmp(argv[pcnt],FLOCK_PARAM)==0) {
-	    /* we have a "flock" parameter */
+    for (i = 0; i < argc; ++i) {
+	if (!strcmp(argv[i], "pwdfile") && i + 1 < argc)
+	    pwdfilename = argv[++i];
+	else if (!strncmp(argv[i], "pwdfile=", strlen("pwdfile=")))
+	    pwdfilename = argv[i] + strlen("pwdfile=");
+	else if (!strcmp(argv[i], "flock"))
 	    use_flock = 1;
-	} else if (strcmp(argv[pcnt],"no" FLOCK_PARAM)==0) {
-	    /* or a "noflock" parameter */
+	else if (!strcmp(argv[i], "noflock"))
 	    use_flock = 0;
-	} else if (strcmp(argv[pcnt],NODELAY_PARAM)==0) {
-	    /* no delay on authentication failure */
+	else if (!strcmp(argv[i], "nodelay"))
 	    use_delay = 0;
-	} else if (strcmp(argv[pcnt], "debug") == 0) {
+	else if (!strcmp(argv[i], "debug"))
 	    debug = 1;
-	}
-	
-    } while (++pcnt < argc);
+    }
     
 #ifdef HAVE_PAM_FAIL_DELAY
     if (use_delay) {
@@ -262,7 +240,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
     }
 #endif
     
-    if (!pwdfilename_found) {
+    if (!pwdfilename) {
 	pam_syslog(pamh, LOG_ERR, "password file name not specified");
 	return PAM_AUTHINFO_UNAVAIL;
     }
-- 
cgit v1.2.3