1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
From 76769ad16cfe28984fe31ec595a7435c8a10d15c Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Thu, 5 Nov 2015 16:27:34 +0200
Subject: [PATCH 08/15] login: move check_securetty to libbb
---
include/libbb.h | 1 +
libbb/Kbuild.src | 1 +
libbb/securetty.c | 27 +++++++++++++++++++++++++++
loginutils/login.c | 19 -------------------
4 files changed, 29 insertions(+), 19 deletions(-)
create mode 100644 libbb/securetty.c
diff --git a/include/libbb.h b/include/libbb.h
index e39021e..25c5868 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -1374,6 +1374,7 @@ extern void selinux_or_die(void) FAST_FUNC;
#define SETUP_ENV_NO_CHDIR (1 << 4)
void setup_environment(const char *shell, int flags, const struct passwd *pw) FAST_FUNC;
void nuke_str(char *str) FAST_FUNC;
+int check_securetty(const char *short_tty);
int check_password(const struct passwd *pw, const char *plaintext) FAST_FUNC;
int ask_and_check_password_extended(const struct passwd *pw, int timeout, const char *prompt) FAST_FUNC;
int ask_and_check_password(const struct passwd *pw) FAST_FUNC;
diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src
index 52a90e9..ddaa873 100644
--- a/libbb/Kbuild.src
+++ b/libbb/Kbuild.src
@@ -83,6 +83,7 @@ lib-y += safe_gethostname.o
lib-y += safe_poll.o
lib-y += safe_strncpy.o
lib-y += safe_write.o
+lib-y += securetty.o
lib-y += setup_environment.o
lib-y += signals.o
lib-y += simplify_path.o
diff --git a/libbb/securetty.c b/libbb/securetty.c
new file mode 100644
index 0000000..95edbc9
--- /dev/null
+++ b/libbb/securetty.c
@@ -0,0 +1,27 @@
+/* vi: set sw=4 ts=4: */
+/*
+ * /etc/securetty checking.
+ *
+ * Licensed under GPLv2, see file LICENSE in this source tree.
+ */
+
+#include "libbb.h"
+
+#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
+int check_securetty(const char *short_tty)
+{
+ char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
+ parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
+ while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
+ if (strcmp(buf, short_tty) == 0)
+ break;
+ buf = NULL;
+ }
+ config_close(parser);
+ /* buf != NULL here if config file was not found, empty
+ * or line was found which equals short_tty */
+ return buf != NULL;
+}
+#else
+ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
+#endif
diff --git a/loginutils/login.c b/loginutils/login.c
index 94b6c45..9ecf606 100644
--- a/loginutils/login.c
+++ b/loginutils/login.c
@@ -173,25 +173,6 @@ static void die_if_nologin(void)
# define die_if_nologin() ((void)0)
#endif
-#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
-static int check_securetty(const char *short_tty)
-{
- char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
- parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
- while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
- if (strcmp(buf, short_tty) == 0)
- break;
- buf = NULL;
- }
- config_close(parser);
- /* buf != NULL here if config file was not found, empty
- * or line was found which equals short_tty */
- return buf != NULL;
-}
-#else
-static ALWAYS_INLINE int check_securetty(const char *short_tty UNUSED_PARAM) { return 1; }
-#endif
-
#if ENABLE_SELINUX
static void initselinux(char *username, char *full_tty,
security_context_t *user_sid)
--
2.9.1
|
