Skip to content

Commit

Permalink
Refactoring for ISSUE Yubico#230
Browse files Browse the repository at this point in the history
  • Loading branch information
baimard committed Jul 28, 2021
1 parent 75b0f96 commit 6f05406
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 26 deletions.
2 changes: 1 addition & 1 deletion pam_yubico.c
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ authorize_user_token (struct cfg *cfg,
/* Administrator had configured the database and specified is name
as an argument for this module.
*/
DBG ("Using Mariadb or Mysql Database");
DBG ("Using Mariadb or Mysql Database V1");
retval = check_user_token_mysql(cfg->mysql_server, cfg->mysql_port, cfg->mysql_user, cfg->mysql_password, cfg->mysql_database, username, otp_id, cfg->debug, cfg->debug_file);
#else
DBG (("Trying to use MYSQL, but this function is not compiled in pam_yubico!!"));
Expand Down
55 changes: 30 additions & 25 deletions util.c
Original file line number Diff line number Diff line change
Expand Up @@ -138,16 +138,16 @@ check_user_token_mysql(const char *mysql_server,
int int_data;
int row_count;

if(mysql_library_init(0, NULL, NULL)){
if(verbose){
D (debug_file, "could not initialize MySQL client library");
}

if(mysql_library_init(0, NULL, NULL))
{
if(verbose)
D (debug_file, "could not initialize MySQL client library");
return retval;
}

con = mysql_init(con);
if(!con) {
if(!con)
{
if(verbose)
D (debug_file, "out of memorys");
return retval;
Expand All @@ -164,27 +164,30 @@ check_user_token_mysql(const char *mysql_server,
if(!stmt)
{
if(verbose)
D (debug_file, "Connection failed ... 2");
return retval;
D (debug_file, "Handler failed ...");

goto end_connection;
}

const char *sql = "SELECT count(username) FROM yubikey_mappings WHERE username = ?;";
const char *sql2 = "SELECT count(username) FROM yubikey_mappings WHERE username = ? and otp_id = ?;";
const char *sql = "SELECT count(username) FROM yubikey_mappings WHERE username = ?";
const char *sql2 = "SELECT count(username) FROM yubikey_mappings WHERE username = ? and otp_id = ?";

if(otp_id == NULL)
{
if(mysql_stmt_prepare(stmt, sql, strlen(sql)))
{
if(verbose)
D (debug_file, "mysql_stmt_prepare() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}
}else{
}
else
{
if(mysql_stmt_prepare(stmt, sql2, strlen(sql2)))
{
if(verbose)
D (debug_file, "mysql_stmt_prepare() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}
}

Expand All @@ -208,14 +211,14 @@ check_user_token_mysql(const char *mysql_server,
{
if(verbose)
D (debug_file, "mysql_stmt_bind_param() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

if(mysql_stmt_execute(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_execute() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

memset(bind, 0, sizeof(bind));
Expand All @@ -227,58 +230,60 @@ check_user_token_mysql(const char *mysql_server,
{
if(verbose)
D (debug_file, "mysql_stmt_bind_result() failed %s", mysql_stmt_error(stmt));
goto end_connection;
}

if(mysql_stmt_store_result(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_store_result() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

/* we need to close the connection before the return */
if(mysql_stmt_close(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_close() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

mysql_close(con);
mysql_library_end();

while(!mysql_stmt_fetch(stmt))
{
if(bind[0].is_null_value)
{
if(verbose)
D (debug_file, "mysql_stmt_fetch() failed");
goto end_connection;
}
else
{
if(otp_id != NULL){
if(int_data)
{
return AUTH_FOUND; /* User and token verified */
retval = AUTH_FOUND; /* User and token verified */
}
else
{
return AUTH_NOT_FOUND; /* User ok but bad token */
retval = AUTH_NOT_FOUND; /* User ok but bad token */
}
}
else if(otp_id == NULL)
{
if(int_data)
{
return AUTH_NOT_FOUND; /* We found at least one line for the user */
retval = AUTH_NOT_FOUND; /* We found at least one line for the user */
}
else
{
return AUTH_NO_TOKENS; /* We not found at least any line for the user */
retval = AUTH_NO_TOKENS; /* We not found at least any line for the user */
}
}
}
}

end_connection:
mysql_close(con);
mysql_library_end();
return retval;
}
#endif
Expand Down

0 comments on commit 6f05406

Please sign in to comment.