CVS commit: src/external/bsd/openpam/dist/lib/libpam
Module Name:src
Committed By: christos
Date: Wed Aug 11 09:11:05 UTC 2021
Modified Files:
src/external/bsd/openpam/dist/lib/libpam: pam_putenv.c
Log Message:
use const for strchr assignment.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c
diff -u src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c:1.3 src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c:1.4
--- src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c:1.3 Sat May 6 15:50:10 2017
+++ src/external/bsd/openpam/dist/lib/libpam/pam_putenv.c Wed Aug 11 05:11:04 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_putenv.c,v 1.3 2017/05/06 19:50:10 christos Exp $ */
+/* $NetBSD: pam_putenv.c,v 1.4 2021/08/11 09:11:04 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -42,7 +42,7 @@
#endif
#include
-__RCSID("$NetBSD: pam_putenv.c,v 1.3 2017/05/06 19:50:10 christos Exp $");
+__RCSID("$NetBSD: pam_putenv.c,v 1.4 2021/08/11 09:11:04 christos Exp $");
#include
#include
@@ -63,7 +63,8 @@ int
pam_putenv(pam_handle_t *pamh,
const char *namevalue)
{
- char **env, *p;
+ char **env;
+ const char *p;
size_t env_size;
int i;
@@ -78,10 +79,11 @@ pam_putenv(pam_handle_t *pamh,
/* see if the variable is already in the environment */
if ((i = openpam_findenv(pamh, namevalue,
(size_t)(p - namevalue))) >= 0) {
- if ((p = strdup(namevalue)) == NULL)
+ char *q;
+ if ((q = strdup(namevalue)) == NULL)
RETURNC(PAM_BUF_ERR);
FREE(pamh->env[i]);
- pamh->env[i] = p;
+ pamh->env[i] = q;
RETURNC(PAM_SUCCESS);
}
CVS commit: src/external/bsd/openpam/dist/lib/libpam
Module Name:src
Committed By: christos
Date: Tue Mar 3 00:45:21 UTC 2020
Modified Files:
src/external/bsd/openpam/dist/lib/libpam: openpam_borrow_cred.c
Log Message:
the uid is not a pam item!
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c
diff -u src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c:1.3 src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c:1.4
--- src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c:1.3 Sat May 6 15:50:09 2017
+++ src/external/bsd/openpam/dist/lib/libpam/openpam_borrow_cred.c Mon Mar 2 19:45:21 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_borrow_cred.c,v 1.3 2017/05/06 19:50:09 christos Exp $ */
+/* $NetBSD: openpam_borrow_cred.c,v 1.4 2020/03/03 00:45:21 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -42,7 +42,7 @@
#endif
#include
-__RCSID("$NetBSD: openpam_borrow_cred.c,v 1.3 2017/05/06 19:50:09 christos Exp $");
+__RCSID("$NetBSD: openpam_borrow_cred.c,v 1.4 2020/03/03 00:45:21 christos Exp $");
#include
@@ -71,7 +71,7 @@ openpam_borrow_cred(pam_handle_t *pamh,
const void *scredp;
int r;
- ENTERI(pwd->pw_uid);
+ ENTERN(pwd->pw_uid);
r = pam_get_data(pamh, PAM_SAVED_CRED, );
if (r == PAM_SUCCESS && scredp != NULL) {
openpam_log(PAM_LOG_LIBDEBUG,
CVS commit: src/external/bsd/openpam/dist/lib/libpam
Module Name:src
Committed By: christos
Date: Tue Mar 3 00:45:38 UTC 2020
Modified Files:
src/external/bsd/openpam/dist/lib/libpam: openpam_debug.h
Log Message:
print the widest int
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h
diff -u src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h:1.3 src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h:1.4
--- src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h:1.3 Sat May 6 15:50:09 2017
+++ src/external/bsd/openpam/dist/lib/libpam/openpam_debug.h Mon Mar 2 19:45:37 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_debug.h,v 1.3 2017/05/06 19:50:09 christos Exp $ */
+/* $NetBSD: openpam_debug.h,v 1.4 2020/03/03 00:45:37 christos Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@@ -50,8 +50,8 @@
openpam_log(PAM_LOG_LIBDEBUG, "entering: %d", i_); \
} while (/*CONSTCOND*/0)
#define ENTERN(n) do { \
- int n_ = (n); \
- openpam_log(PAM_LOG_LIBDEBUG, "entering: %d", n_); \
+ intmax_t n_ = (n); \
+ openpam_log(PAM_LOG_LIBDEBUG, "entering: %jd", n_); \
} while (/*CONSTCOND*/0)
#define ENTERS(s) do { \
const char *s_ = (s); \
CVS commit: src/external/bsd/openpam/dist/lib/libpam
Module Name:src
Committed By: joerg
Date: Wed May 16 13:54:03 UTC 2018
Modified Files:
src/external/bsd/openpam/dist/lib/libpam: openpam_configure.c
Log Message:
Cast enum explicitly to different type.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c
diff -u src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c:1.3 src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c:1.4
--- src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c:1.3 Sat May 6 19:50:09 2017
+++ src/external/bsd/openpam/dist/lib/libpam/openpam_configure.c Wed May 16 13:54:03 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_configure.c,v 1.3 2017/05/06 19:50:09 christos Exp $ */
+/* $NetBSD: openpam_configure.c,v 1.4 2018/05/16 13:54:03 joerg Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@@ -42,7 +42,7 @@
#endif
#include
-__RCSID("$NetBSD: openpam_configure.c,v 1.3 2017/05/06 19:50:09 christos Exp $");
+__RCSID("$NetBSD: openpam_configure.c,v 1.4 2018/05/16 13:54:03 joerg Exp $");
#include
@@ -262,7 +262,7 @@ openpam_parse_chain(pam_handle_t *pamh,
/* allocate new entry */
if ((this = calloc((size_t)1, sizeof *this)) == NULL)
goto syserr;
- this->flag = ctlf;
+ this->flag = (int)ctlf;
/* load module */
if ((this->module = openpam_load_module(modulename)) == NULL) {
CVS commit: src/external/bsd/openpam/dist/lib/libpam
Module Name:src
Committed By: christos
Date: Sun Feb 11 00:25:12 UTC 2018
Modified Files:
src/external/bsd/openpam/dist/lib/libpam: pam_getenvlist.c
Log Message:
non-null arg.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c
diff -u src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.3 src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.4
--- src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c:1.3 Sat May 6 15:50:10 2017
+++ src/external/bsd/openpam/dist/lib/libpam/pam_getenvlist.c Sat Feb 10 19:25:12 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_getenvlist.c,v 1.3 2017/05/06 19:50:10 christos Exp $ */
+/* $NetBSD: pam_getenvlist.c,v 1.4 2018/02/11 00:25:12 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -42,7 +42,7 @@
#endif
#include
-__RCSID("$NetBSD: pam_getenvlist.c,v 1.3 2017/05/06 19:50:10 christos Exp $");
+__RCSID("$NetBSD: pam_getenvlist.c,v 1.4 2018/02/11 00:25:12 christos Exp $");
#include
#include
@@ -65,8 +65,10 @@ pam_getenvlist(pam_handle_t *pamh)
size_t i;
ENTER();
+#ifdef notdef
if (pamh == NULL)
RETURNP(NULL);
+#endif
envlist = malloc(sizeof(*envlist) * ((size_t)pamh->env_count + 1));
if (envlist == NULL) {
openpam_log(PAM_LOG_ERROR, "%s",
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: spz
Date: Tue Jun 17 07:08:47 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_configure.c
Log Message:
make sure we have a log message at the appropriate level (error) on
why pam is failing in the case of an included pam config file missing.
example: instead of logging with the default log settings:
Jun 17 08:49:37 tucana su: pam_start failed: system error
it will log:
Jun 17 08:55:49 tucana su: in openpam_parse_chain(): failed loading include for
service gibbetnich in /etc/pam.d/su(15): No such file or directory
Jun 17 08:55:49 tucana su: pam_start failed: system error
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 \
src/external/bsd/openpam/dist/lib/openpam_configure.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_configure.c
diff -u src/external/bsd/openpam/dist/lib/openpam_configure.c:1.9 src/external/bsd/openpam/dist/lib/openpam_configure.c:1.10
--- src/external/bsd/openpam/dist/lib/openpam_configure.c:1.9 Tue Jun 3 20:22:54 2014
+++ src/external/bsd/openpam/dist/lib/openpam_configure.c Tue Jun 17 07:08:47 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_configure.c,v 1.9 2014/06/03 20:22:54 christos Exp $ */
+/* $NetBSD: openpam_configure.c,v 1.10 2014/06/17 07:08:47 spz Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@@ -229,8 +229,19 @@ openpam_parse_chain(pam_handle_t *pamh,
* outer loop does not just ignore the
* error and keep searching.
*/
-if (errno == ENOENT)
+if (errno == ENOENT) {
+ /*
+ * we're failing load, make sure
+ * there's a log message of severity
+ * higher than debug
+ */
+ openpam_log(PAM_LOG_ERROR,
+ failed loading include for service
+ %s in %s(%d): %s,
+ servicename, filename, lineno,
+ strerror(errno));
errno = EINVAL;
+}
goto fail;
}
continue;
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Tue Jun 3 20:22:54 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_configure.c
Log Message:
For consistency, handle REQUISITE modules the same way as we handle REQUIRED
and BINDING.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 \
src/external/bsd/openpam/dist/lib/openpam_configure.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_configure.c
diff -u src/external/bsd/openpam/dist/lib/openpam_configure.c:1.8 src/external/bsd/openpam/dist/lib/openpam_configure.c:1.9
--- src/external/bsd/openpam/dist/lib/openpam_configure.c:1.8 Tue Jun 3 16:21:32 2014
+++ src/external/bsd/openpam/dist/lib/openpam_configure.c Tue Jun 3 16:22:54 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_configure.c,v 1.8 2014/06/03 20:21:32 christos Exp $ */
+/* $NetBSD: openpam_configure.c,v 1.9 2014/06/03 20:22:54 christos Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@@ -470,18 +470,19 @@ openpam_configure(pam_handle_t *pamh,
}
#ifdef __NetBSD__
/*
- * On NetBSD we require the AUTH chain to have a binding
- * or a required module.
+ * On NetBSD we require the AUTH chain to have a binding,
+ * a required, or requisite module.
*/
{
pam_chain_t *this = pamh-chains[PAM_AUTH];
for (; this != NULL; this = this-next)
if (this-flag == PAM_BINDING ||
- this-flag == PAM_REQUIRED)
+ this-flag == PAM_REQUIRED ||
+ this-flag == PAM_REQUISITE)
break;
if (this == NULL) {
openpam_log(PAM_LOG_ERROR,
- No required or binding component
+ No required, requisite, or binding component
in service %s, facility %s,
service, pam_facility_name[PAM_AUTH]);
goto load_err;
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Tue Jun 3 20:21:32 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_configure.c
Log Message:
CVE-2014-3879: Incorrect error handling in PAM policy parser:
Missing module files were treated as soft failures leading to
unexpected behavior if policy files were copied between hosts with
differently installed modules or in the short period during upgrades
when module files were being replaced.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 \
src/external/bsd/openpam/dist/lib/openpam_configure.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_configure.c
diff -u src/external/bsd/openpam/dist/lib/openpam_configure.c:1.7 src/external/bsd/openpam/dist/lib/openpam_configure.c:1.8
--- src/external/bsd/openpam/dist/lib/openpam_configure.c:1.7 Fri Jan 3 17:49:21 2014
+++ src/external/bsd/openpam/dist/lib/openpam_configure.c Tue Jun 3 16:21:32 2014
@@ -1,8 +1,8 @@
-/* $NetBSD: openpam_configure.c,v 1.7 2014/01/03 22:49:21 joerg Exp $ */
+/* $NetBSD: openpam_configure.c,v 1.8 2014/06/03 20:21:32 christos Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2012 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2014 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -195,6 +195,7 @@ openpam_parse_chain(pam_handle_t *pamh,
openpam_log(PAM_LOG_ERROR,
%s(%d): missing or invalid facility,
filename, lineno);
+ errno = EINVAL;
goto fail;
}
if (facility != fclt facility != PAM_FACILITY_ANY) {
@@ -210,18 +211,28 @@ openpam_parse_chain(pam_handle_t *pamh,
openpam_log(PAM_LOG_ERROR,
%s(%d): missing or invalid service name,
filename, lineno);
+errno = EINVAL;
goto fail;
}
if (wordv[i] != NULL) {
openpam_log(PAM_LOG_ERROR,
%s(%d): garbage at end of line,
filename, lineno);
+errno = EINVAL;
goto fail;
}
ret = openpam_load_chain(pamh, servicename, fclt);
FREEV(wordc, wordv);
- if (ret 0)
+ if (ret 0) {
+/*
+ * Bogus errno, but this ensures that the
+ * outer loop does not just ignore the
+ * error and keep searching.
+ */
+if (errno == ENOENT)
+ errno = EINVAL;
goto fail;
+ }
continue;
}
@@ -231,6 +242,7 @@ openpam_parse_chain(pam_handle_t *pamh,
openpam_log(PAM_LOG_ERROR,
%s(%d): missing or invalid control flag,
filename, lineno);
+ errno = EINVAL;
goto fail;
}
@@ -240,6 +252,7 @@ openpam_parse_chain(pam_handle_t *pamh,
openpam_log(PAM_LOG_ERROR,
%s(%d): missing or invalid module name,
filename, lineno);
+ errno = EINVAL;
goto fail;
}
@@ -249,8 +262,11 @@ openpam_parse_chain(pam_handle_t *pamh,
this-flag = ctlf;
/* load module */
- if ((this-module = openpam_load_module(modulename)) == NULL)
+ if ((this-module = openpam_load_module(modulename)) == NULL) {
+ if (errno == ENOENT)
+errno = ENOEXEC;
goto fail;
+ }
/*
* The remaining items in wordv are the module's
@@ -283,7 +299,11 @@ openpam_parse_chain(pam_handle_t *pamh,
* The loop ended because openpam_readword() returned NULL, which
* can happen for four different reasons: an I/O error (ferror(f)
* is true), a memory allocation failure (ferror(f) is false,
- * errno is non-zero)
+ * feof(f) is false, errno is non-zero), the file ended with an
+ * unterminated quote or backslash escape (ferror(f) is false,
+ * feof(f) is true, errno is non-zero), or the end of the file was
+ * reached without error (ferror(f) is false, feof(f) is true,
+ * errno is zero).
*/
if (ferror(f) || errno != 0)
goto syserr;
@@ -404,6 +424,9 @@ openpam_load_chain(pam_handle_t *pamh,
}
ret = openpam_load_file(pamh, service, facility,
filename, style);
+ /* success */
+ if (ret 0)
+ RETURNN(ret);
/* the file exists, but an error occurred */
if (ret == -1 errno != ENOENT)
RETURNN(ret);
@@ -413,7 +436,8 @@ openpam_load_chain(pam_handle_t *pamh,
}
/* no hit */
- RETURNN(0);
+ errno = ENOENT;
+ RETURNN(-1);
}
/*
@@ -434,8 +458,10 @@ openpam_configure(pam_handle_t *pamh,
openpam_log(PAM_LOG_ERROR, invalid service name);
RETURNC(PAM_SYSTEM_ERR);
}
- if (openpam_load_chain(pamh, service, PAM_FACILITY_ANY) 0)
- goto load_err;
+ if (openpam_load_chain(pamh, service, PAM_FACILITY_ANY) 0) {
+ if (errno != ENOENT)
+ goto load_err;
+ }
for (fclt = 0; fclt PAM_NUM_FACILITIES; ++fclt) {
if (pamh-chains[fclt] != NULL)
continue;
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src Committed By: joerg Date: Thu Jan 23 13:41:58 UTC 2014 Modified Files: src/external/bsd/openpam/dist/lib: openpam_log.c Log Message: Apply diagnostic overwrite for clang too. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/external/bsd/openpam/dist/lib/openpam_log.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openpam/dist/lib/openpam_log.c diff -u src/external/bsd/openpam/dist/lib/openpam_log.c:1.7 src/external/bsd/openpam/dist/lib/openpam_log.c:1.8 --- src/external/bsd/openpam/dist/lib/openpam_log.c:1.7 Mon Jan 20 01:15:03 2014 +++ src/external/bsd/openpam/dist/lib/openpam_log.c Thu Jan 23 13:41:58 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: openpam_log.c,v 1.7 2014/01/20 01:15:03 christos Exp $ */ +/* $NetBSD: openpam_log.c,v 1.8 2014/01/23 13:41:58 joerg Exp $ */ /*- * Copyright (c) 2002-2003 Networks Associates Technology, Inc. @@ -96,7 +96,7 @@ openpam_log(int level, const char *fmt, #else -#if __GNUC_PREREQ__(4, 5) +#if defined(__clang__) || __GNUC_PREREQ__(4, 5) #pragma GCC diagnostic ignored -Wformat-nonliteral #endif void
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Mon Jan 20 01:15:03 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_log.c
Log Message:
gcc 4.1 does not support pragma diagnostic ignored
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/external/bsd/openpam/dist/lib/openpam_log.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_log.c
diff -u src/external/bsd/openpam/dist/lib/openpam_log.c:1.6 src/external/bsd/openpam/dist/lib/openpam_log.c:1.7
--- src/external/bsd/openpam/dist/lib/openpam_log.c:1.6 Mon Jan 6 21:15:02 2014
+++ src/external/bsd/openpam/dist/lib/openpam_log.c Sun Jan 19 20:15:03 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_log.c,v 1.6 2014/01/07 02:15:02 joerg Exp $ */
+/* $NetBSD: openpam_log.c,v 1.7 2014/01/20 01:15:03 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -96,7 +96,9 @@ openpam_log(int level, const char *fmt,
#else
+#if __GNUC_PREREQ__(4, 5)
#pragma GCC diagnostic ignored -Wformat-nonliteral
+#endif
void
_openpam_log(int level, const char *func, const char *fmt, ...)
{
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: joerg
Date: Tue Jan 7 02:15:02 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_log.c
Log Message:
Ignore non-literal format strings, the modifications can't be expressed
with the current framework.
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/external/bsd/openpam/dist/lib/openpam_log.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_log.c
diff -u src/external/bsd/openpam/dist/lib/openpam_log.c:1.5 src/external/bsd/openpam/dist/lib/openpam_log.c:1.6
--- src/external/bsd/openpam/dist/lib/openpam_log.c:1.5 Fri Dec 27 20:10:21 2013
+++ src/external/bsd/openpam/dist/lib/openpam_log.c Tue Jan 7 02:15:02 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_log.c,v 1.5 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: openpam_log.c,v 1.6 2014/01/07 02:15:02 joerg Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -96,6 +96,7 @@ openpam_log(int level, const char *fmt,
#else
+#pragma GCC diagnostic ignored -Wformat-nonliteral
void
_openpam_log(int level, const char *func, const char *fmt, ...)
{
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: joerg
Date: Fri Jan 3 22:49:21 UTC 2014
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_configure.c
Log Message:
Avoid implicit cast on the return value.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 \
src/external/bsd/openpam/dist/lib/openpam_configure.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_configure.c
diff -u src/external/bsd/openpam/dist/lib/openpam_configure.c:1.6 src/external/bsd/openpam/dist/lib/openpam_configure.c:1.7
--- src/external/bsd/openpam/dist/lib/openpam_configure.c:1.6 Fri Dec 27 20:10:21 2013
+++ src/external/bsd/openpam/dist/lib/openpam_configure.c Fri Jan 3 22:49:21 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_configure.c,v 1.6 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: openpam_configure.c,v 1.7 2014/01/03 22:49:21 joerg Exp $ */
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@@ -109,9 +109,9 @@ parse_facility_name(const char *name)
static pam_control_t
parse_control_flag(const char *name)
{
- int i;
+ pam_control_t i;
- for (i = 0; i PAM_NUM_CONTROL_FLAGS; ++i)
+ for (i = PAM_BINDING; i PAM_NUM_CONTROL_FLAGS; ++i)
if (strcmp(pam_control_flag_name[i], name) == 0)
return (i);
return ((pam_control_t)-1);
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Sun Dec 29 22:55:32 UTC 2013
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_set_option.c
openpam_straddch.c openpam_subst.c openpam_ttyconv.c
pam_getenvlist.c pam_putenv.c pam_start.c
Log Message:
- add casts for sign-changing conversions
- fix types
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/external/bsd/openpam/dist/lib/openpam_set_option.c \
src/external/bsd/openpam/dist/lib/openpam_subst.c \
src/external/bsd/openpam/dist/lib/pam_getenvlist.c \
src/external/bsd/openpam/dist/lib/pam_putenv.c
cvs rdiff -u -r1.1.1.2 -r1.2 \
src/external/bsd/openpam/dist/lib/openpam_straddch.c
cvs rdiff -u -r1.8 -r1.9 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c
cvs rdiff -u -r1.5 -r1.6 src/external/bsd/openpam/dist/lib/pam_start.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_set_option.c
diff -u src/external/bsd/openpam/dist/lib/openpam_set_option.c:1.4 src/external/bsd/openpam/dist/lib/openpam_set_option.c:1.5
--- src/external/bsd/openpam/dist/lib/openpam_set_option.c:1.4 Fri Dec 27 15:10:21 2013
+++ src/external/bsd/openpam/dist/lib/openpam_set_option.c Sun Dec 29 17:55:32 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_set_option.c,v 1.4 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: openpam_set_option.c,v 1.5 2013/12/29 22:55:32 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -93,7 +93,8 @@ openpam_set_option(pam_handle_t *pamh,
RETURNC(PAM_BUF_ERR);
if (i == cur-optc) {
/* add */
- optv = realloc(cur-optv, sizeof(char *) * (cur-optc + 2));
+ optv = realloc(cur-optv,
+ sizeof(*optv) * ((size_t)cur-optc + 2));
if (optv == NULL) {
FREE(opt);
RETURNC(PAM_BUF_ERR);
Index: src/external/bsd/openpam/dist/lib/openpam_subst.c
diff -u src/external/bsd/openpam/dist/lib/openpam_subst.c:1.4 src/external/bsd/openpam/dist/lib/openpam_subst.c:1.5
--- src/external/bsd/openpam/dist/lib/openpam_subst.c:1.4 Fri Dec 27 15:10:21 2013
+++ src/external/bsd/openpam/dist/lib/openpam_subst.c Sun Dec 29 17:55:32 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_subst.c,v 1.4 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: openpam_subst.c,v 1.5 2013/12/29 22:55:32 christos Exp $ */
/*-
* Copyright (c) 2011 Dag-Erling Smørgrav
@@ -40,7 +40,7 @@
#include openpam_impl.h
#define subst_char(ch) do { \
- int ch_ = (ch);\
+ char ch_ = (ch); \
if (buf len *bufsize) \
*buf++ = ch_; \
++len; \
Index: src/external/bsd/openpam/dist/lib/pam_getenvlist.c
diff -u src/external/bsd/openpam/dist/lib/pam_getenvlist.c:1.4 src/external/bsd/openpam/dist/lib/pam_getenvlist.c:1.5
--- src/external/bsd/openpam/dist/lib/pam_getenvlist.c:1.4 Fri Dec 27 15:10:21 2013
+++ src/external/bsd/openpam/dist/lib/pam_getenvlist.c Sun Dec 29 17:55:32 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_getenvlist.c,v 1.4 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: pam_getenvlist.c,v 1.5 2013/12/29 22:55:32 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -64,7 +64,7 @@ pam_getenvlist(pam_handle_t *pamh)
ENTER();
if (pamh == NULL)
RETURNP(NULL);
- envlist = malloc(sizeof(char *) * (pamh-env_count + 1));
+ envlist = malloc(sizeof(*envlist) * ((size_t)pamh-env_count + 1));
if (envlist == NULL) {
openpam_log(PAM_LOG_ERROR, %s,
pam_strerror(pamh, PAM_BUF_ERR));
Index: src/external/bsd/openpam/dist/lib/pam_putenv.c
diff -u src/external/bsd/openpam/dist/lib/pam_putenv.c:1.4 src/external/bsd/openpam/dist/lib/pam_putenv.c:1.5
--- src/external/bsd/openpam/dist/lib/pam_putenv.c:1.4 Fri Dec 27 15:10:21 2013
+++ src/external/bsd/openpam/dist/lib/pam_putenv.c Sun Dec 29 17:55:32 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_putenv.c,v 1.4 2013/12/27 20:10:21 christos Exp $ */
+/* $NetBSD: pam_putenv.c,v 1.5 2013/12/29 22:55:32 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -83,7 +83,7 @@ pam_putenv(pam_handle_t *pamh,
/* grow the environment list if necessary */
if (pamh-env_count == pamh-env_size) {
env = realloc(pamh-env,
- sizeof(char *) * (pamh-env_size * 2 + 1));
+ sizeof(*env) * ((size_t)pamh-env_size * 2 + 1));
if (env == NULL)
RETURNC(PAM_BUF_ERR);
pamh-env = env;
Index: src/external/bsd/openpam/dist/lib/openpam_straddch.c
diff -u src/external/bsd/openpam/dist/lib/openpam_straddch.c:1.1.1.2 src/external/bsd/openpam/dist/lib/openpam_straddch.c:1.2
--- src/external/bsd/openpam/dist/lib/openpam_straddch.c:1.1.1.2 Fri Dec 27 14:27:42 2013
+++ src/external/bsd/openpam/dist/lib/openpam_straddch.c Sun Dec 29 17:55:32 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_straddch.c,v 1.1.1.2 2013/12/27 19:27:42 christos Exp $ */
+/* $NetBSD: openpam_straddch.c,v 1.2 2013/12/29 22:55:32 christos Exp $ */
/*-
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Tue Feb 5 23:47:43 UTC 2013
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_dynamic.c
Log Message:
- dlopen(3) errors should be printed with dlerror(3) so we get the reason the
module link failed, instead of printing Undefined error 0.
- don't print free'd variable on error, restructure so that we free at the
end and print the consistent name of the path dlopened.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/external/bsd/openpam/dist/lib/openpam_dynamic.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_dynamic.c
diff -u src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.4 src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.5
--- src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.4 Wed Aug 15 02:16:41 2012
+++ src/external/bsd/openpam/dist/lib/openpam_dynamic.c Tue Feb 5 18:47:42 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_dynamic.c,v 1.4 2012/08/15 06:16:41 christos Exp $ */
+/* $NetBSD: openpam_dynamic.c,v 1.5 2013/02/05 23:47:42 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -63,12 +63,14 @@
*/
static void *
-try_dlopen(const char *modfn)
+try_dlopen(const char *modfn, int *error)
{
-
- if (openpam_check_path_owner_perms(modfn) != 0)
- return (NULL);
- return (dlopen(modfn, RTLD_NOW));
+ if (openpam_check_path_owner_perms(modfn) != 0) {
+ *error = errno;
+ return NULL;
+ }
+ *error = 0;
+ return dlopen(modfn, RTLD_NOW);
}
/*
@@ -82,12 +84,13 @@ openpam_dynamic(const char *path)
{
const pam_module_t *dlmodule;
pam_module_t *module;
- const char *prefix, *epath = path;
+ const char *prefix;
char *vpath;
void *dlh;
int i, serrno;
dlh = NULL;
+ module = NULL;
/* Prepend the standard prefix if not an absolute pathname. */
if (path[0] != '/')
@@ -98,16 +101,18 @@ openpam_dynamic(const char *path)
/* try versioned module first, then unversioned module */
if (asprintf(vpath, %s/%s.%d, prefix, path, LIB_MAJ) 0)
goto err;
- epath = vpath;
- if ((dlh = try_dlopen(vpath)) == NULL errno == ENOENT) {
+ if ((dlh = try_dlopen(vpath, serrno)) == NULL errno == ENOENT) {
*strrchr(vpath, '.') = '\0';
- dlh = try_dlopen(vpath);
+ dlh = try_dlopen(vpath, serrno);
+ }
+ if (dlh == NULL) {
+ if (serrno == 0)
+ goto dl_err;
+ else {
+ errno = serrno;
+ goto err;
+ }
}
- serrno = errno;
- FREE(vpath);
- errno = serrno;
- if (dlh == NULL)
- goto err;
if ((module = calloc((size_t)1, sizeof *module)) == NULL)
goto buf_err;
if ((module-path = strdup(path)) == NULL)
@@ -119,9 +124,10 @@ openpam_dynamic(const char *path)
(pam_func_t)dlsym(dlh, pam_sm_func_name[i]);
if (module-func[i] == NULL)
openpam_log(PAM_LOG_DEBUG, %s: %s(): %s,
- path, pam_sm_func_name[i], dlerror());
+ vpath, pam_sm_func_name[i], dlerror());
}
- return (module);
+ free(vpath);
+ return module;
buf_err:
serrno = errno;
if (dlh != NULL)
@@ -130,8 +136,13 @@ buf_err:
errno = serrno;
err:
openpam_log(errno == ENOENT ? PAM_LOG_DEBUG : PAM_LOG_ERROR, %s: %s,
- epath, strerror(errno));
- return (NULL);
+ vpath, strerror(errno));
+ free(vpath);
+ return NULL;
+dl_err:
+ openpam_log(PAM_LOG_ERROR, %s: %s, vpath, dlerror());
+ free(vpath);
+ return NULL;
}
/*
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src Committed By: christos Date: Wed Aug 15 06:16:41 UTC 2012 Modified Files: src/external/bsd/openpam/dist/lib: openpam_dynamic.c Log Message: PR/46801: Izumi Tsutsui: - downgrade the error of not finding a file to load to a debug message. Statically linked OpenPAM (like on sun2) does not have shared objects. - make sure we preserve errno around dlclose() which will call munmap() XXX: Pullup to 6 To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/bsd/openpam/dist/lib/openpam_dynamic.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openpam/dist/lib/openpam_dynamic.c diff -u src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.3 src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.4 --- src/external/bsd/openpam/dist/lib/openpam_dynamic.c:1.3 Tue Jan 3 13:56:49 2012 +++ src/external/bsd/openpam/dist/lib/openpam_dynamic.c Wed Aug 15 02:16:41 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: openpam_dynamic.c,v 1.3 2012/01/03 18:56:49 christos Exp $ */ +/* $NetBSD: openpam_dynamic.c,v 1.4 2012/08/15 06:16:41 christos Exp $ */ /*- * Copyright (c) 2002-2003 Networks Associates Technology, Inc. @@ -123,11 +123,14 @@ openpam_dynamic(const char *path) } return (module); buf_err: + serrno = errno; if (dlh != NULL) dlclose(dlh); FREE(module); + errno = serrno; err: - openpam_log(PAM_LOG_ERROR, %s: %s, epath, strerror(errno)); + openpam_log(errno == ENOENT ? PAM_LOG_DEBUG : PAM_LOG_ERROR, %s: %s, + epath, strerror(errno)); return (NULL); }
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Sat Apr 14 15:14:08 UTC 2012
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_ttyconv.c
Log Message:
use a function constant instead of NetBSD
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_ttyconv.c
diff -u src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.5 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.6
--- src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.5 Fri Apr 13 12:36:37 2012
+++ src/external/bsd/openpam/dist/lib/openpam_ttyconv.c Sat Apr 14 11:14:08 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_ttyconv.c,v 1.5 2012/04/13 16:36:37 christos Exp $ */
+/* $NetBSD: openpam_ttyconv.c,v 1.6 2012/04/14 15:14:08 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -60,7 +60,7 @@
int openpam_ttyconv_timeout = 0;
-#ifdef __NetBSD__
+#ifdef GETPASS_ECHO
static char *
xprompt(const char *msg, FILE *infp, FILE *outfp, FILE *errfp, int fl)
{
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Fri Apr 13 16:36:38 UTC 2012
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_ttyconv.c
Log Message:
replace the custom getpass with getpassfd()
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_ttyconv.c
diff -u src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.4 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.5
--- src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.4 Tue Apr 10 22:28:46 2012
+++ src/external/bsd/openpam/dist/lib/openpam_ttyconv.c Fri Apr 13 12:36:37 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_ttyconv.c,v 1.4 2012/04/11 02:28:46 christos Exp $ */
+/* $NetBSD: openpam_ttyconv.c,v 1.5 2012/04/13 16:36:37 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -60,6 +60,28 @@
int openpam_ttyconv_timeout = 0;
+#ifdef __NetBSD__
+static char *
+xprompt(const char *msg, FILE *infp, FILE *outfp, FILE *errfp, int fl)
+{
+ char *rv;
+ int fd[3];
+ fd[0] = fileno(infp);
+ fd[1] = fileno(outfp);
+ fd[2] = fileno(errfp);
+
+ rv = getpassfd(msg, NULL, 0, fd, GETPASS_NEED_TTY |
+ GETPASS_FAIL_EOF | GETPASS_NO_SIGNAL |
+ (fl == 0 ? GETPASS_ECHO : 0), openpam_ttyconv_timeout);
+ if (rv == NULL)
+ fprintf(errfp, %s\n, strerror(errno));
+ else if (fl)
+ fputs(\n, errfp);
+ return rv;
+}
+#define prompt(m, i, o, e) xprompt(m, i, o, e, 0)
+#define prompt_echo_off(m, i, o, e) xprompt(m, i, o, e, 1)
+#else
static void
timeout(int sig)
{
@@ -168,6 +190,7 @@ prompt_echo_off(const char *msg, FILE *i
fputs(\n, outfp);
return (ret);
}
+#endif
/*
* OpenPAM extension
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src Committed By: christos Date: Wed Apr 11 02:28:47 UTC 2012 Modified Files: src/external/bsd/openpam/dist/lib: openpam_ttyconv.c Log Message: Add sigquit for completeness to the list of blocked signals with int and tstp. Does not have any security implication. From Pierre Carrier To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/openpam/dist/lib/openpam_ttyconv.c diff -u src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.3 src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.4 --- src/external/bsd/openpam/dist/lib/openpam_ttyconv.c:1.3 Tue Jan 3 13:56:49 2012 +++ src/external/bsd/openpam/dist/lib/openpam_ttyconv.c Tue Apr 10 22:28:46 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: openpam_ttyconv.c,v 1.3 2012/01/03 18:56:49 christos Exp $ */ +/* $NetBSD: openpam_ttyconv.c,v 1.4 2012/04/11 02:28:46 christos Exp $ */ /*- * Copyright (c) 2002-2003 Networks Associates Technology, Inc. @@ -82,6 +82,7 @@ prompt(const char *msg, FILE *infp, FILE saved_alarm = 0; sigemptyset(sigs); sigaddset(sigs, SIGINT); + sigaddset(sigs, SIGQUIT); sigaddset(sigs, SIGTSTP); sigprocmask(SIG_SETMASK, sigs, saved_sigset); action.sa_handler = timeout;
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Wed Dec 28 14:53:38 UTC 2011
Modified Files:
src/external/bsd/openpam/dist/lib: openpam_log.c
Log Message:
Reverse the order of printf formatting to make it easier for compilers to
check printf arguments.
From joerg@
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/bsd/openpam/dist/lib/openpam_log.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/openpam_log.c
diff -u src/external/bsd/openpam/dist/lib/openpam_log.c:1.2 src/external/bsd/openpam/dist/lib/openpam_log.c:1.3
--- src/external/bsd/openpam/dist/lib/openpam_log.c:1.2 Sun Dec 25 17:27:55 2011
+++ src/external/bsd/openpam/dist/lib/openpam_log.c Wed Dec 28 09:53:38 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: openpam_log.c,v 1.2 2011/12/25 22:27:55 christos Exp $ */
+/* $NetBSD: openpam_log.c,v 1.3 2011/12/28 14:53:38 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -100,8 +100,8 @@ void
_openpam_log(int level, const char *func, const char *fmt, ...)
{
va_list ap;
- char *format;
- int priority;
+ char *msg;
+ int priority, rv;
switch (level) {
case PAM_LOG_DEBUG:
@@ -120,14 +120,18 @@ _openpam_log(int level, const char *func
priority = LOG_ERR;
break;
}
+
va_start(ap, fmt);
- if (asprintf(format, in %s(): %s, func, fmt) 0) {
- vsyslog(priority, format, ap);
- FREE(format);
- } else {
- vsyslog(priority, fmt, ap);
- }
+ rv = vasprintf(msg, fmt, ap);
va_end(ap);
+
+ if (rv 0) {
+ syslog(priority, Can't format message from %s: %s (%m),
+ func, fmt);
+ return;
+ }
+ syslog(priority, in %s(): %s, func, msg);
+ FREE(msg);
}
#endif
CVS commit: src/external/bsd/openpam/dist/lib
Module Name:src
Committed By: christos
Date: Tue Dec 27 20:29:08 UTC 2011
Modified Files:
src/external/bsd/openpam/dist/lib: pam_start.c
Log Message:
don't allocate variable arrays on the stack for SSP (from joerg)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/bsd/openpam/dist/lib/pam_start.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/openpam/dist/lib/pam_start.c
diff -u src/external/bsd/openpam/dist/lib/pam_start.c:1.2 src/external/bsd/openpam/dist/lib/pam_start.c:1.3
--- src/external/bsd/openpam/dist/lib/pam_start.c:1.2 Sun Dec 25 17:27:56 2011
+++ src/external/bsd/openpam/dist/lib/pam_start.c Tue Dec 27 15:29:08 2011
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_start.c,v 1.2 2011/12/25 22:27:56 christos Exp $ */
+/* $NetBSD: pam_start.c,v 1.3 2011/12/27 20:29:08 christos Exp $ */
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
@@ -50,11 +50,6 @@
#include openpam_impl.h
#include openpam_strlcpy.h
-#ifdef _SC_HOST_NAME_MAX
-#define HOST_NAME_MAX sysconf(_SC_HOST_NAME_MAX)
-#else
-#define HOST_NAME_MAX 1024
-#endif
/*
* XSSO 4.2.1
@@ -69,17 +64,28 @@ pam_start(const char *service,
const struct pam_conv *pam_conv,
pam_handle_t **pamh)
{
- char hostname[HOST_NAME_MAX + 1];
+ char *hostname = NULL;
struct pam_handle *ph;
int r;
+ size_t hostname_size;
+ long h;
+
+#ifdef _SC_HOST_NAME_MAX
+ h = sysconf(_SC_HOST_NAME_MAX);
+#else
+ h = -1;
+#endif
+ hostname_size = (h 10 ? 1024 : h) + 1;
ENTER();
if ((ph = calloc((size_t)1, sizeof *ph)) == NULL)
RETURNC(PAM_BUF_ERR);
if ((r = pam_set_item(ph, PAM_SERVICE, service)) != PAM_SUCCESS)
goto fail;
- if (gethostname(hostname, sizeof hostname) != 0)
- strlcpy(hostname, localhost, sizeof hostname);
+ if ((hostname = malloc(hostname_size)) == NULL)
+ goto fail;
+ if (gethostname(hostname, hostname_size) != 0)
+ strlcpy(hostname, localhost, hostname_size);
if ((r = pam_set_item(ph, PAM_HOST, hostname)) != PAM_SUCCESS)
goto fail;
if ((r = pam_set_item(ph, PAM_USER, user)) != PAM_SUCCESS)
@@ -88,10 +94,12 @@ pam_start(const char *service,
goto fail;
if ((r = openpam_configure(ph, service)) != PAM_SUCCESS)
goto fail;
+ free(hostname);
*pamh = ph;
openpam_log(PAM_LOG_DEBUG, pam_start(\%s\) succeeded, service);
RETURNC(PAM_SUCCESS);
fail:
+ free(hostname);
pam_end(ph, r);
RETURNC(r);
/*NOTREACHED*/
