Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issue 230 #231

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix issue 230 #231

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pam_yubico.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ authorize_user_token (struct cfg *cfg,
/* Administrator had configured the database and specified is name
as an argument for this module.
*/
DBG ("Using Mariadb or Mysql Database");
DBG ("Using Mariadb or Mysql Database V1");
retval = check_user_token_mysql(cfg->mysql_server, cfg->mysql_port, cfg->mysql_user, cfg->mysql_password, cfg->mysql_database, username, otp_id, cfg->debug, cfg->debug_file);
#else
DBG (("Trying to use MYSQL, but this function is not compiled in pam_yubico!!"));
Expand Down
62 changes: 34 additions & 28 deletions util.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,16 +138,16 @@ check_user_token_mysql(const char *mysql_server,
int int_data;
int row_count;

if(mysql_library_init(0, NULL, NULL)){
if(verbose){
D (debug_file, "could not initialize MySQL client library");
}

if(mysql_library_init(0, NULL, NULL))
{
if(verbose)
D (debug_file, "could not initialize MySQL client library");
return retval;
}

con = mysql_init(con);
if(!con) {
if(!con)
{
if(verbose)
D (debug_file, "out of memorys");
return retval;
Expand All @@ -164,27 +164,30 @@ check_user_token_mysql(const char *mysql_server,
if(!stmt)
{
if(verbose)
D (debug_file, "Connection failed ... 2");
return retval;
D (debug_file, "Handler failed ...");

goto end_connection;
}

const char *sql = "SELECT count(username) FROM yubikey_mappings WHERE username = ?;";
const char *sql2 = "SELECT count(username) FROM yubikey_mappings WHERE username = ? and otp_id = ?;";
const char *sql = "SELECT count(username) FROM yubikey_mappings WHERE username = ?";
const char *sql2 = "SELECT count(username) FROM yubikey_mappings WHERE username = ? and otp_id = ?";

if(otp_id == NULL)
{
if(mysql_stmt_prepare(stmt, sql, strlen(sql)))
{
if(verbose)
D (debug_file, "mysql_stmt_prepare() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}
}else{
}
else
{
if(mysql_stmt_prepare(stmt, sql2, strlen(sql2)))
{
if(verbose)
D (debug_file, "mysql_stmt_prepare() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}
}

Expand All @@ -208,14 +211,14 @@ check_user_token_mysql(const char *mysql_server,
{
if(verbose)
D (debug_file, "mysql_stmt_bind_param() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

if(mysql_stmt_execute(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_execute() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

memset(bind, 0, sizeof(bind));
Expand All @@ -227,57 +230,60 @@ check_user_token_mysql(const char *mysql_server,
{
if(verbose)
D (debug_file, "mysql_stmt_bind_result() failed %s", mysql_stmt_error(stmt));
goto end_connection;
}

if(mysql_stmt_store_result(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_store_result() failed %s", mysql_stmt_error(stmt));
return retval;
goto end_connection;
}

if(mysql_stmt_close(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_close() failed %s", mysql_stmt_error(stmt));
goto end_connection;
}

while(!mysql_stmt_fetch(stmt))
{
if(bind[0].is_null_value)
{
if(verbose)
D (debug_file, "mysql_stmt_fetch() failed");
goto end_connection;
}
else
{
if(otp_id != NULL){
if(int_data)
{
return AUTH_FOUND;
retval = AUTH_FOUND; /* User and token verified */
}
else
{
return AUTH_NOT_FOUND;
retval = AUTH_NOT_FOUND; /* User ok but bad token */
}
}
else if(otp_id == NULL)
{
if(int_data)
{
return AUTH_NOT_FOUND;
retval = AUTH_NOT_FOUND; /* We found at least one line for the user */
}
else
{
return AUTH_NO_TOKENS;
retval = AUTH_NO_TOKENS; /* We not found at least any line for the user */
}
}
}
}

if(mysql_stmt_close(stmt))
{
if(verbose)
D (debug_file, "mysql_stmt_close() failed %s", mysql_stmt_error(stmt));
return retval;
}

end_connection:
mysql_close(con);
mysql_library_end();

return retval;
}
#endif
Expand Down