Hello community, here is the log from the commit of package pam_yubico for openSUSE:Factory checked in at 2018-04-16 12:49:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam_yubico (Old) and /work/SRC/openSUSE:Factory/.pam_yubico.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_yubico" Mon Apr 16 12:49:21 2018 rev:7 rq:596421 version:2.25 Changes: -------- --- /work/SRC/openSUSE:Factory/pam_yubico/pam_yubico.changes 2018-04-05 15:33:05.972992712 +0200 +++ /work/SRC/openSUSE:Factory/.pam_yubico.new/pam_yubico.changes 2018-04-16 12:49:22.832257882 +0200 @@ -1,0 +2,11 @@ +Fri Apr 13 14:06:59 UTC 2018 - [email protected] + +- Added patches: + - cloexec.patch: Harden file descriptor handling (boo#1089517) + - compiler-warnings-pointer.patch: Fix compiler warnings due to wrong pointer + casts (boo#1089518) + - compiler-warnings-format-strings.patch: Fix compiler warnings due to wrong + format string specifiers (boo#1089519) + - util_test-mkdtemp.patch: Use mkdtemp() instead of tempnam() (boo#1089520) + +------------------------------------------------------------------- New: ---- cloexec.patch compiler-warnings-format-strings.patch compiler-warnings-pointer.patch util_test-mkdtemp.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_yubico.spec ++++++ --- /var/tmp/diff_new_pack.Zniq4Q/_old 2018-04-16 12:49:23.624229074 +0200 +++ /var/tmp/diff_new_pack.Zniq4Q/_new 2018-04-16 12:49:23.628228928 +0200 @@ -27,6 +27,10 @@ Source1: https://developers.yubico.com/yubico-pam/Releases/pam_yubico-%{version}.tar.gz.sig Source2: baselib.conf Patch0: leaking-file-descriptor.patch +Patch1: util_test-mkdtemp.patch +Patch2: compiler-warnings-format-strings.patch +Patch3: compiler-warnings-pointer.patch +Patch4: cloexec.patch BuildRequires: libykclient-devel >= 2.15 BuildRequires: libyubikey-devel BuildRequires: openldap2-devel @@ -41,6 +45,10 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build %configure --bindir=%{_bindir} --with-pam-dir=/%{_lib}/security --disable-static --disable-silent-rules ++++++ cloexec.patch ++++++ References: e5bd2ef8449799d06f6f8dad3e602cc047e3c1af References: 0b595ee1cdef6cbe0dc4123e3b09c999dc1b6968 References: d51124e8846d1c43a8fb328ccec5672690b564fe References: 079b975469efb6b80b24d50013ff2bf9572112d8 Upstream: merged From: Karol Babioch <[email protected]> Date: Fri Apr 13 16:03:36 CEST 2018 Subject: Fix for bnc#1089517 --- pam_yubico.c | 15 ++++++++++----- util.c | 10 ++++++++-- ykpamcfg.c | 11 +++++++++-- 3 files changed, 27 insertions(+), 9 deletions(-) Index: pam_yubico-2.25/pam_yubico.c =================================================================== --- pam_yubico-2.25.orig/pam_yubico.c +++ pam_yubico-2.25/pam_yubico.c @@ -535,7 +535,7 @@ do_challenge_response(pam_handle_t *pamh } } - fd = open(userfile, O_RDONLY, 0); + fd = open(userfile, O_RDONLY | O_CLOEXEC, 0); if (fd < 0) { DBG ("Cannot open file: %s (%s)", userfile, strerror(errno)); goto restpriv_out; @@ -654,7 +654,7 @@ do_challenge_response(pam_handle_t *pamh strcpy(tmpfile, userfile); strcat(tmpfile, TMPFILE_SUFFIX); - fd = mkstemp(tmpfile); + fd = mkostemp(tmpfile, O_CLOEXEC); if (fd < 0) { DBG ("Cannot open file: %s (%s)", tmpfile, strerror(errno)); goto restpriv_out; @@ -814,15 +814,20 @@ parse_cfg (int flags, int argc, const ch else { struct stat st; + int fd; FILE *file; if(lstat(filename, &st) == 0) { if(S_ISREG(st.st_mode)) { - file = fopen(filename, "a"); - if(file) + fd = open(filename, O_WRONLY | O_CREAT | O_APPEND | O_CLOEXEC, S_IRUSR | S_IWUSR | S_IRGRP); + if (fd >= 0) { - cfg->debug_file = file; + file = fdopen(fd, "a"); + if (file) + { + cfg->debug_file = file; + } } } } Index: pam_yubico-2.25/util.c =================================================================== --- pam_yubico-2.25.orig/util.c +++ pam_yubico-2.25/util.c @@ -109,7 +109,7 @@ check_user_token (const char *authfile, struct stat st; FILE *opwfile; - fd = open(authfile, O_RDONLY, 0); + fd = open(authfile, O_RDONLY | O_CLOEXEC, 0); if (fd < 0) { if(verbose) D (debug_file, "Cannot open file: %s (%s)", authfile, strerror(errno)); @@ -185,8 +185,14 @@ int generate_random(void *buf, int len) { FILE *u; int res; + int fd; - u = fopen("/dev/urandom", "r"); + fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC); + if (fd < 0) { + return -1; + } + + u = fdopen(fd, "r"); if (!u) { return -1; } Index: pam_yubico-2.25/ykpamcfg.c =================================================================== --- pam_yubico-2.25.orig/ykpamcfg.c +++ pam_yubico-2.25/ykpamcfg.c @@ -38,6 +38,7 @@ #include <errno.h> #include <sys/stat.h> #include <sys/types.h> +#include <fcntl.h> #include <ykpers.h> @@ -143,6 +144,7 @@ do_add_hmac_chalresp(YK_KEY *yk, uint8_t unsigned int response_len; char *fn; struct passwd *p; + int fd; FILE *f = NULL; struct stat st; @@ -237,11 +239,16 @@ do_add_hmac_chalresp(YK_KEY *yk, uint8_t umask(077); - f = fopen (fn, "w"); - if (! f) { + fd = open (fn, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); + if (fd < 0) { fprintf (stderr, "Failed opening '%s' for writing : %s\n", fn, strerror (errno)); goto out; } + f = fdopen (fd, "w"); + if (! f) { + fprintf (stderr, "fdopen: %s\n", strerror (errno)); + goto out; + } if (! write_chalresp_state (f, &state)) goto out; ++++++ compiler-warnings-format-strings.patch ++++++ >From 1aacb11538879ba04d582787a69e7fdffcbd0018 Mon Sep 17 00:00:00 2001 From: Karol Babioch <[email protected]> Date: Mon, 9 Apr 2018 11:46:12 +0200 Subject: Fix for bnc#1089519 This fixes several specifiers to better represent the data type, which fixes multiple compiler warnings. --- pam_yubico.c | 6 +++--- util.c | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pam_yubico.c b/pam_yubico.c index af9ed27..10ee6fc 100644 --- a/pam_yubico.c +++ b/pam_yubico.c @@ -362,7 +362,7 @@ authorize_user_token_ldap (struct cfg *cfg, /* Compare each value for the attribute against the token id. */ for (i = 0; vals[i] != NULL; i++) { - DBG("LDAP : Checking value %i: %s:%s", + DBG("LDAP : Checking value %zu: %s:%s", i + 1, cfg->yubi_attr_prefix ? cfg->yubi_attr_prefix : "", vals[i]->bv_val); @@ -745,7 +745,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) for (i = 0; i < argc; i++) { if (strncmp (argv[i], "id=", 3) == 0) - sscanf (argv[i], "id=%d", &cfg->client_id); + sscanf (argv[i], "id=%u", &cfg->client_id); if (strncmp (argv[i], "key=", 4) == 0) cfg->client_key = argv[i] + 4; if (strcmp (argv[i], "debug") == 0) @@ -859,7 +859,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) DBG ("capath=%s", cfg->capath ? cfg->capath : "(null)"); DBG ("cainfo=%s", cfg->cainfo ? cfg->cainfo : "(null)"); DBG ("proxy=%s", cfg->proxy ? cfg->proxy : "(null)"); - DBG ("token_id_length=%d", cfg->token_id_length); + DBG ("token_id_length=%u", cfg->token_id_length); DBG ("mode=%s", cfg->mode == CLIENT ? "client" : "chresp" ); DBG ("chalresp_path=%s", cfg->chalresp_path ? cfg->chalresp_path : "(null)"); } diff --git a/util.c b/util.c index 32bca06..e6e8095 100644 --- a/util.c +++ b/util.c @@ -419,7 +419,7 @@ load_chalresp_state(FILE *f, CR_STATE *state, bool verbose, FILE *debug_file) * 40 is twice the size of CR_RESPONSE_SIZE * (twice because we hex encode the challenge and response) */ - r = fscanf(f, "v2:%126[0-9a-z]:%40[0-9a-z]:%64[0-9a-z]:%d:%d", challenge_hex, response_hex, salt_hex, &iterations, &slot); + r = fscanf(f, "v2:%126[0-9a-z]:%40[0-9a-z]:%64[0-9a-z]:%u:%d", challenge_hex, response_hex, salt_hex, &iterations, &slot); if(r == 5) { if (! yubikey_hex_p(salt_hex)) { D(debug_file, "Invalid salt hex input : %s", salt_hex); @@ -427,7 +427,7 @@ load_chalresp_state(FILE *f, CR_STATE *state, bool verbose, FILE *debug_file) } if(verbose) { - D(debug_file, "Challenge: %s, hashed response: %s, salt: %s, iterations: %d, slot: %d", + D(debug_file, "Challenge: %s, hashed response: %s, salt: %s, iterations: %u, slot: %d", challenge_hex, response_hex, salt_hex, iterations, slot); } ++++++ compiler-warnings-pointer.patch ++++++ >From 998ee88aa50adb77777d9122a5048255a7ab7327 Mon Sep 17 00:00:00 2001 From: Karol Babioch <[email protected]> Date: Mon, 9 Apr 2018 17:14:18 +0200 Subject: [PATCH] tests: Fix compiler warnings due to wrong pointer casts This fixes a couple of compiler warnings due to wrong pointer casts in regards to the pamh structure, which is a bit of a hackery way to access the test data. bnc#1089518 --- tests/pam_test.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/pam_test.c b/tests/pam_test.c index 197d179..fbeb0f4 100644 --- a/tests/pam_test.c +++ b/tests/pam_test.c @@ -28,6 +28,7 @@ */ #include <stdio.h> +#include <stdint.h> #include <stdlib.h> #include <string.h> @@ -146,13 +147,13 @@ static struct pam_conv pam_conversation = { }; int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item) { - fprintf(stderr, "in pam_get_item() %d for %d\n", item_type, (int)pamh); + fprintf(stderr, "in pam_get_item() %d for %d\n", item_type, (int)(uintptr_t)pamh); if(item_type == PAM_CONV) { pam_conversation.appdata_ptr = (void*)pamh; *item = &pam_conversation; } - if(item_type == PAM_AUTHTOK && pamh >= 8) { - *item = (void*)_data[(int)pamh].otp; + if(item_type == PAM_AUTHTOK && pamh >= (pam_handle_t*)8) { + *item = (void*)_data[(int)(uintptr_t)pamh].otp; } return PAM_SUCCESS; } ++++++ util_test-mkdtemp.patch ++++++ >From a92a59c7610d81058de73451ed55fe222e5efe35 Mon Sep 17 00:00:00 2001 From: Karol Babioch <[email protected]> Date: Fri, 6 Apr 2018 16:59:28 +0200 Subject: [PATCH] util_test: Use mkdtemp() instead of tempnam() The latter function is considered insecure and deprecated on some platforms. This will create the directory with 0700 implicitely, where it was 0755 beforehand. Since this is a more secure default and the test suite runs fine, we don't bother to chmod the directory. bnc#1089520 --- tests/util_test.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/util_test.c b/tests/util_test.c index 7b33168..8863e33 100644 --- a/tests/util_test.c +++ b/tests/util_test.c @@ -180,12 +180,10 @@ static void test_check_user_challenge_file(void) { unlink(buf); /* create temporary directory */ - tmpdir_path = tempnam(NULL, "pamtest"); + char template[] = "/tmp/pamtest.XXXXXX"; + tmpdir_path = mkdtemp(template); assert(tmpdir_path != NULL); - ret = mkdir(tmpdir_path, 0755); - assert(ret == 0); - /* set user data */ user.pw_name = "tester"; user.pw_dir = tmpdir_path; @@ -242,7 +240,6 @@ static void test_check_user_challenge_file(void) { /* remove temporary directory */ ret = rmdir(tmpdir_path); assert(ret == 0); - free(tmpdir_path); free(buf); /* check test results */
