su: reorder functions

Signed-off-by: Karel Zak <kzak@redhat.com>

1 files changed, 70 insertions, 70 deletions

diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index 629451d13..c647d60ff 100644
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -234,6 +234,75 @@ static void supam_export_environment(struct su_context *su)
 	}
 }
 
+static void supam_authenticate(struct su_context *su, const struct passwd *pw)
+{
+	const struct passwd *lpw = NULL;
+	const char *cp, *srvname = NULL;
+	int retval;
+
+	srvname = su->runuser ?
+		   (su->simulate_login ? PAM_SRVNAME_RUNUSER_L : PAM_SRVNAME_RUNUSER) :
+		   (su->simulate_login ? PAM_SRVNAME_SU_L : PAM_SRVNAME_SU);
+
+	retval = pam_start(srvname, pw->pw_name, &su->conv, &su->pamh);
+	if (is_pam_failure(retval))
+		goto done;
+
+	if (isatty(0) && (cp = ttyname(0)) != NULL) {
+		const char *tty;
+
+		if (strncmp(cp, "/dev/", 5) == 0)
+			tty = cp + 5;
+		else
+			tty = cp;
+		retval = pam_set_item(su->pamh, PAM_TTY, tty);
+		if (is_pam_failure(retval))
+			goto done;
+	}
+
+	lpw = current_getpwuid();
+	if (lpw && lpw->pw_name) {
+		retval = pam_set_item(su->pamh, PAM_RUSER, (const void *)lpw->pw_name);
+		if (is_pam_failure(retval))
+			goto done;
+	}
+
+	if (su->runuser) {
+		/*
+		 * This is the only difference between runuser(1) and su(1). The command
+		 * runuser(1) does not required authentication, because user is root.
+		 */
+		if (su->restricted)
+			errx(EXIT_FAILURE, _("may not be used by non-root users"));
+		return;
+	}
+
+	retval = pam_authenticate(su->pamh, 0);
+	if (is_pam_failure(retval))
+		goto done;
+
+	retval = pam_acct_mgmt(su->pamh, 0);
+	if (retval == PAM_NEW_AUTHTOK_REQD) {
+		/* Password has expired.  Offer option to change it.  */
+		retval = pam_chauthtok(su->pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+	}
+
+ done:
+
+	log_syslog(su, pw, !is_pam_failure(retval));
+
+	if (is_pam_failure(retval)) {
+		const char *msg;
+
+		log_btmp(pw);
+
+		msg = pam_strerror(su->pamh, retval);
+		pam_end(su->pamh, retval);
+		sleep(getlogindefs_num("FAIL_DELAY", 1));
+		errx(EXIT_FAILURE, "%s", msg ? msg : _("incorrect password"));
+	}
+}
+
 static void
 create_watching_parent(struct su_context *su)
 {
@@ -371,75 +440,6 @@ create_watching_parent(struct su_context *su)
 	exit(status);
 }
 
-static void
-authenticate(struct su_context *su, const struct passwd *pw)
-{
-	const struct passwd *lpw = NULL;
-	const char *cp, *srvname = NULL;
-	int retval;
-
-	srvname = su->runuser ?
-		   (su->simulate_login ? PAM_SRVNAME_RUNUSER_L : PAM_SRVNAME_RUNUSER) :
-		   (su->simulate_login ? PAM_SRVNAME_SU_L : PAM_SRVNAME_SU);
-
-	retval = pam_start(srvname, pw->pw_name, &su->conv, &su->pamh);
-	if (is_pam_failure(retval))
-		goto done;
-
-	if (isatty(0) && (cp = ttyname(0)) != NULL) {
-		const char *tty;
-
-		if (strncmp(cp, "/dev/", 5) == 0)
-			tty = cp + 5;
-		else
-			tty = cp;
-		retval = pam_set_item(su->pamh, PAM_TTY, tty);
-		if (is_pam_failure(retval))
-			goto done;
-	}
-
-	lpw = current_getpwuid();
-	if (lpw && lpw->pw_name) {
-		retval = pam_set_item(su->pamh, PAM_RUSER, (const void *)lpw->pw_name);
-		if (is_pam_failure(retval))
-			goto done;
-	}
-
-	if (su->runuser) {
-		/*
-		 * This is the only difference between runuser(1) and su(1). The command
-		 * runuser(1) does not required authentication, because user is root.
-		 */
-		if (su->restricted)
-			errx(EXIT_FAILURE, _("may not be used by non-root users"));
-		return;
-	}
-
-	retval = pam_authenticate(su->pamh, 0);
-	if (is_pam_failure(retval))
-		goto done;
-
-	retval = pam_acct_mgmt(su->pamh, 0);
-	if (retval == PAM_NEW_AUTHTOK_REQD) {
-		/* Password has expired.  Offer option to change it.  */
-		retval = pam_chauthtok(su->pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-	}
-
- done:
-
-	log_syslog(su, pw, !is_pam_failure(retval));
-
-	if (is_pam_failure(retval)) {
-		const char *msg;
-
-		log_btmp(pw);
-
-		msg = pam_strerror(su->pamh, retval);
-		pam_end(su->pamh, retval);
-		sleep(getlogindefs_num("FAIL_DELAY", 1));
-		errx(EXIT_FAILURE, "%s", msg ? msg : _("incorrect password"));
-	}
-}
 
 static void
 set_path(const struct passwd * const pw)
@@ -883,7 +883,7 @@ su_main(int argc, char **argv, int mode)
 	else if (use_gid)
 		pw->pw_gid = gid;
 
-	authenticate(su, pw);
+	supam_authenticate(su, pw);
 
 	if (request_same_session || !command || !pw->pw_uid)
 		su->same_session = 1;