aboutsummaryrefslogtreecommitdiff
path: root/pam_fscrypt/run_fscrypt.go
diff options
context:
space:
mode:
authorJoseph Richey <joerichey94@gmail.com>2017-09-01 00:47:34 -0700
committerJoseph Richey <joerichey94@gmail.com>2017-09-01 00:47:34 -0700
commit3432f5757293dda39b9fa936a717160cd788ab68 (patch)
tree54f8ff7cba628be6c1ebf8a947b03d4a3911bcea /pam_fscrypt/run_fscrypt.go
parentb04d7ef31dc2e21f055b1b656efb9511e72db6c6 (diff)
pam_fscrypt: PAM module no longer crashes on panic
Now the offending panic will just be logged and the module will fail. This is important as to not crash the login process.
Diffstat (limited to 'pam_fscrypt/run_fscrypt.go')
-rw-r--r--pam_fscrypt/run_fscrypt.go19
1 files changed, 15 insertions, 4 deletions
diff --git a/pam_fscrypt/run_fscrypt.go b/pam_fscrypt/run_fscrypt.go
index c02b05f..6414d99 100644
--- a/pam_fscrypt/run_fscrypt.go
+++ b/pam_fscrypt/run_fscrypt.go
@@ -36,6 +36,7 @@ import (
"log/syslog"
"os"
"path/filepath"
+ "runtime/debug"
"unsafe"
"golang.org/x/sys/unix"
@@ -62,19 +63,29 @@ const (
type PamFunc func(handle *pam.Handle, args map[string]bool) error
// RunPamFunc is used to convert between the Go functions and exported C funcs.
-func RunPamFunc(f PamFunc, pamh unsafe.Pointer, argc C.int, argv **C.char) C.int {
+func RunPamFunc(f PamFunc, pamh unsafe.Pointer, argc C.int, argv **C.char) (ret C.int) {
args := parseArgs(argc, argv)
errorWriter := setupLogging(args)
- handle, err := pam.NewHandle(pamh)
+ // Log any panics to the errorWriter
+ defer func() {
+ if r := recover(); r != nil {
+ ret = C.PAM_SERVICE_ERR
+ fmt.Fprintf(errorWriter,
+ "pam func panicked: %s\nPlease open an issue.\n%s",
+ r, debug.Stack())
+ }
+ }()
+
+ handle, err := pam.NewHandle(pamh)
if err == nil {
err = f(handle, args)
}
-
if err != nil {
- fmt.Fprint(errorWriter, err)
+ fmt.Fprintf(errorWriter, "pam func failed: %s", err)
return C.PAM_SERVICE_ERR
}
+ log.Print("pam func succeeded")
return C.PAM_SUCCESS
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 14:25:07 +0000