Module Name: src
Committed By: christos
Date: Fri Sep 24 13:11:39 UTC 2021
Modified Files:
src/external/bsd/pam-u2f/dist: b64.c drop_privs.h pam-u2f.c util.h
Removed Files:
src/external/bsd/pam-u2f/dist: .travis.yml
src/external/bsd/pam-u2f/dist/build-aux/ci: build-bionic-clang7.sh
build-bionic-clang8.sh build-bionic-gcc7.sh build-bionic-gcc8.sh
build-bionic-gcc9.sh build-linux.sh build-osx11-clang.sh
build-osx9.4-clang.sh build-xenial-clang7.sh build-xenial-clang8.sh
build-xenial-gcc7.sh build-xenial-gcc8.sh build-xenial-gcc9.sh
Log Message:
merge conflicts between 1.0.8 and 1.2.0
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r0 src/external/bsd/pam-u2f/dist/.travis.yml
cvs rdiff -u -r1.2 -r1.3 src/external/bsd/pam-u2f/dist/b64.c \
src/external/bsd/pam-u2f/dist/drop_privs.h \
src/external/bsd/pam-u2f/dist/pam-u2f.c \
src/external/bsd/pam-u2f/dist/util.h
cvs rdiff -u -r1.1.1.1 -r0 \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-bionic-clang7.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-bionic-clang8.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-bionic-gcc7.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-bionic-gcc8.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-bionic-gcc9.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-linux.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-osx11-clang.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-osx9.4-clang.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-xenial-clang7.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-xenial-clang8.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-xenial-gcc7.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-xenial-gcc8.sh \
src/external/bsd/pam-u2f/dist/build-aux/ci/build-xenial-gcc9.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/pam-u2f/dist/b64.c
diff -u src/external/bsd/pam-u2f/dist/b64.c:1.2 src/external/bsd/pam-u2f/dist/b64.c:1.3
--- src/external/bsd/pam-u2f/dist/b64.c:1.2 Mon Mar 2 19:27:31 2020
+++ src/external/bsd/pam-u2f/dist/b64.c Fri Sep 24 09:11:38 2021
@@ -4,6 +4,7 @@
#include <openssl/bio.h>
#include <openssl/evp.h>
+#include <limits.h>
#include <stdint.h>
#include <string.h>
Index: src/external/bsd/pam-u2f/dist/drop_privs.h
diff -u src/external/bsd/pam-u2f/dist/drop_privs.h:1.2 src/external/bsd/pam-u2f/dist/drop_privs.h:1.3
--- src/external/bsd/pam-u2f/dist/drop_privs.h:1.2 Mon Mar 2 19:27:08 2020
+++ src/external/bsd/pam-u2f/dist/drop_privs.h Fri Sep 24 09:11:38 2021
@@ -31,6 +31,17 @@
#ifdef HAVE_PAM_MODUTIL_DROP_PRIV
#include <security/pam_modutil.h>
+#elif HAVE_OPENPAM_BORROW_CRED
+#include <sys/types.h>
+#include <security/pam_appl.h>
+#include <security/openpam.h>
+
+#define PAM_MODUTIL_DEF_PRIVS(n) /* noop */
+#define pam_modutil_drop_priv(pamh, privs, pwd) \
+ ((openpam_borrow_cred((pamh), (pwd)) == PAM_SUCCESS) ? 0 : -1)
+#define pam_modutil_regain_priv(pamh, privs) \
+ ((openpam_restore_cred((pamh)) == PAM_SUCCESS) ? 0 : -1)
+
#else
#include <pwd.h>
@@ -67,5 +78,5 @@ int pam_modutil_drop_priv(pam_handle_t *
struct passwd *);
int pam_modutil_regain_priv(pam_handle_t *, struct _ykpam_privs *);
-#endif
-#endif
+#endif /* HAVE_PAM_MODUTIL_DROP_PRIV */
+#endif /* __PAM_U2F_DROP_PRIVS_H_INCLUDED__ */
Index: src/external/bsd/pam-u2f/dist/pam-u2f.c
diff -u src/external/bsd/pam-u2f/dist/pam-u2f.c:1.2 src/external/bsd/pam-u2f/dist/pam-u2f.c:1.3
--- src/external/bsd/pam-u2f/dist/pam-u2f.c:1.2 Mon Mar 2 19:22:29 2020
+++ src/external/bsd/pam-u2f/dist/pam-u2f.c Fri Sep 24 09:11:38 2021
@@ -13,6 +13,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
+#include <stdint.h>
#include <stdlib.h>
#include <syslog.h>
#include <pwd.h>
@@ -31,8 +32,10 @@ char *secure_getenv(const char *name) {
}
#endif
-static void parse_cfg(int flags, int argc, const char **argv, cfg_t *cfg) {
+static void parse_cfg(int flags __unused, int argc, const char **argv, cfg_t *cfg) {
+#ifndef WITH_FUZZING
struct stat st;
+#endif
FILE *file = NULL;
int fd = -1;
int i;
@@ -70,6 +73,8 @@ static void parse_cfg(int flags, int arg
sscanf(argv[i], "pinverification=%d", &cfg->pinverification);
if (strncmp(argv[i], "authfile=", 9) == 0)
cfg->auth_file = argv[i] + 9;
+ if (strncmp(argv[i], "sshformat", 9) == 0)
+ cfg->sshformat = 1;
if (strncmp(argv[i], "authpending_file=", 17) == 0)
cfg->authpending_file = argv[i] + 17;
if (strncmp(argv[i], "origin=", 7) == 0)
@@ -81,6 +86,10 @@ static void parse_cfg(int flags, int arg
if (strncmp(argv[i], "cue_prompt=", 11) == 0)
cfg->cue_prompt = argv[i] + 11;
if (strncmp(argv[i], "debug_file=", 11) == 0) {
+ if (cfg->is_custom_debug_file)
+ fclose(cfg->debug_file);
+ cfg->debug_file = stderr;
+ cfg->is_custom_debug_file = 0;
const char *filename = argv[i] + 11;
if (strncmp(filename, "stdout", 6) == 0) {
cfg->debug_file = stdout;
@@ -91,7 +100,11 @@ static void parse_cfg(int flags, int arg
} else {
fd = open(filename,
O_WRONLY | O_APPEND | O_CLOEXEC | O_NOFOLLOW | O_NOCTTY);
+#ifndef WITH_FUZZING
if (fd >= 0 && (fstat(fd, &st) == 0) && S_ISREG(st.st_mode)) {
+#else
+ if (fd >= 0) {
+#endif
file = fdopen(fd, "a");
if (file != NULL) {
cfg->debug_file = file;
@@ -122,6 +135,7 @@ static void parse_cfg(int flags, int arg
D(cfg->debug_file, "nouserok=%d", cfg->nouserok);
D(cfg->debug_file, "openasuser=%d", cfg->openasuser);
D(cfg->debug_file, "alwaysok=%d", cfg->alwaysok);
+ D(cfg->debug_file, "sshformat=%d", cfg->sshformat);
D(cfg->debug_file, "authfile=%s",
cfg->auth_file ? cfg->auth_file : "(null)");
D(cfg->debug_file, "authpending_file=%s",
@@ -159,6 +173,8 @@ int pam_sm_authenticate(pam_handle_t *pa
char *buf = NULL;
char *authfile_dir;
size_t authfile_dir_len;
+ const char *default_authfile;
+ const char *default_authfile_dir;
int pgu_ret, gpn_ret;
int retval = PAM_IGNORE;
device_t *devices = NULL;
@@ -174,12 +190,16 @@ int pam_sm_authenticate(pam_handle_t *pa
PAM_MODUTIL_DEF_PRIVS(privs);
if (!cfg->origin) {
- strcpy(buffer, DEFAULT_ORIGIN_PREFIX);
+ if (!cfg->sshformat) {
+ strcpy(buffer, DEFAULT_ORIGIN_PREFIX);
- if (gethostname(buffer + strlen(DEFAULT_ORIGIN_PREFIX),
- BUFSIZE - strlen(DEFAULT_ORIGIN_PREFIX)) == -1) {
- DBG("Unable to get host name");
- goto done;
+ if (gethostname(buffer + strlen(DEFAULT_ORIGIN_PREFIX),
+ BUFSIZE - strlen(DEFAULT_ORIGIN_PREFIX)) == -1) {
+ DBG("Unable to get host name");
+ goto done;
+ }
+ } else {
+ strcpy(buffer, SSH_ORIGIN);
}
DBG("Origin not specified, using \"%s\"", buffer);
cfg->origin = strdup(buffer);
@@ -207,6 +227,10 @@ int pam_sm_authenticate(pam_handle_t *pa
DBG("Maximum devices number not set. Using default (%d)", MAX_DEVS);
cfg->max_devs = MAX_DEVS;
}
+#if WITH_FUZZING
+ if (cfg->max_devs > 256)
+ cfg->max_devs = 256;
+#endif
devices = calloc(cfg->max_devs, sizeof(device_t));
if (!devices) {
@@ -236,14 +260,22 @@ int pam_sm_authenticate(pam_handle_t *pa
DBG("Found user %s", user);
DBG("Home directory for %s is %s", user, pw->pw_dir);
+ if (!cfg->sshformat) {
+ default_authfile = DEFAULT_AUTHFILE;
+ default_authfile_dir = DEFAULT_AUTHFILE_DIR;
+ } else {
+ default_authfile = DEFAULT_AUTHFILE_SSH;
+ default_authfile_dir = DEFAULT_AUTHFILE_DIR_SSH;
+ }
+
if (!cfg->auth_file) {
buf = NULL;
authfile_dir = secure_getenv(DEFAULT_AUTHFILE_DIR_VAR);
if (!authfile_dir) {
- DBG("Variable %s is not set. Using default value ($HOME/.config/)",
- DEFAULT_AUTHFILE_DIR_VAR);
- authfile_dir_len =
- strlen(pw->pw_dir) + strlen("/.config") + strlen(DEFAULT_AUTHFILE) + 1;
+ DBG("Variable %s is not set. Using default value ($HOME%s/)",
+ DEFAULT_AUTHFILE_DIR_VAR, default_authfile_dir);
+ authfile_dir_len = strlen(pw->pw_dir) + strlen(default_authfile_dir) +
+ strlen(default_authfile) + 1;
buf = malloc(sizeof(char) * (authfile_dir_len));
if (!buf) {
@@ -255,11 +287,11 @@ int pam_sm_authenticate(pam_handle_t *pa
/* Opening a file in a users $HOME, need to drop privs for security */
openasuser = geteuid() == 0 ? 1 : 0;
- snprintf(buf, authfile_dir_len, "%s/.config%s", pw->pw_dir,
- DEFAULT_AUTHFILE);
+ snprintf(buf, authfile_dir_len, "%s%s%s", pw->pw_dir,
+ default_authfile_dir, default_authfile);
} else {
DBG("Variable %s set to %s", DEFAULT_AUTHFILE_DIR_VAR, authfile_dir);
- authfile_dir_len = strlen(authfile_dir) + strlen(DEFAULT_AUTHFILE) + 1;
+ authfile_dir_len = strlen(authfile_dir) + strlen(default_authfile) + 1;
buf = malloc(sizeof(char) * (authfile_dir_len));
if (!buf) {
@@ -268,7 +300,7 @@ int pam_sm_authenticate(pam_handle_t *pa
goto done;
}
- snprintf(buf, authfile_dir_len, "%s%s", authfile_dir, DEFAULT_AUTHFILE);
+ snprintf(buf, authfile_dir_len, "%s%s", authfile_dir, default_authfile);
if (!cfg->openasuser) {
DBG("WARNING: not dropping privileges when reading %s, please "
@@ -320,9 +352,8 @@ int pam_sm_authenticate(pam_handle_t *pa
}
DBG("Switched to uid %i", pw->pw_uid);
}
- retval =
- get_devices_from_authfile(cfg->auth_file, user, cfg->max_devs, cfg->debug,
- cfg->debug_file, devices, &n_devices);
+ retval = get_devices_from_authfile(cfg, user, devices, &n_devices);
+
if (openasuser) {
if (pam_modutil_regain_priv(pamh, &privs)) {
DBG("could not restore privileges");
@@ -395,8 +426,10 @@ int pam_sm_authenticate(pam_handle_t *pa
if (cfg->manual == 0) {
if (cfg->interactive) {
- converse(pamh, PAM_PROMPT_ECHO_ON,
- cfg->prompt != NULL ? cfg->prompt : DEFAULT_PROMPT);
+ buf = converse(pamh, PAM_PROMPT_ECHO_ON,
+ cfg->prompt != NULL ? cfg->prompt : DEFAULT_PROMPT);
+ free(buf);
+ buf = NULL;
}
retval = do_authentication(cfg, devices, n_devices, pamh);
@@ -428,7 +461,7 @@ done:
free(buf);
buf = NULL;
}
-#define free_const(a) free((void *)(uintptr_t)(a))
+#define free_const(a) free((void *) (uintptr_t)(a))
if (should_free_origin) {
free_const(cfg->origin);
cfg->origin = NULL;
@@ -473,5 +506,5 @@ PAM_EXTERN int pam_sm_setcred(pam_handle
}
#ifdef PAM_MODULE_ENTRY
-PAM_MODULE_ENTRY("pam_u2f");
+PAM_MODULE_ENTRY("pam_u2f");
#endif
Index: src/external/bsd/pam-u2f/dist/util.h
diff -u src/external/bsd/pam-u2f/dist/util.h:1.2 src/external/bsd/pam-u2f/dist/util.h:1.3
--- src/external/bsd/pam-u2f/dist/util.h:1.2 Mon Mar 2 19:20:45 2020
+++ src/external/bsd/pam-u2f/dist/util.h Fri Sep 24 09:11:38 2021
@@ -16,21 +16,24 @@
#define DEVSIZE (((PK_LEN) + (KH_LEN) + (RD_LEN)))
#define DEFAULT_AUTHFILE_DIR_VAR "XDG_CONFIG_HOME"
#define DEFAULT_AUTHFILE "/Yubico/u2f_keys"
+#define DEFAULT_AUTHFILE_SSH "/id_ecdsa_sk"
+#define DEFAULT_AUTHFILE_DIR "/.config"
+#define DEFAULT_AUTHFILE_DIR_SSH "/.ssh"
#define DEFAULT_AUTHPENDING_FILE_PATH "/var/run/user/%d/pam-u2f-authpending"
#define DEFAULT_PROMPT "Insert your U2F device, then press ENTER."
#define DEFAULT_CUE "Please touch the device."
#define DEFAULT_ORIGIN_PREFIX "pam://"
+#define SSH_ORIGIN "ssh:"
#define DEBUG_STR "debug(pam_u2f): %s:%d (%s): "
#if defined(DEBUG_PAM)
#define D(file, ...) _debug(file, __FILE__, __LINE__, __func__, __VA_ARGS__)
#else
-#define D(file, ...) ((void)0)
+#define D(file, ...) ((void) 0)
#endif /* DEBUG_PAM */
typedef struct {
unsigned max_devs;
- const char *client_key;
int manual;
int debug;
int nouserok;
@@ -42,6 +45,7 @@ typedef struct {
int userpresence;
int userverification;
int pinverification;
+ int sshformat;
const char *auth_file;
const char *authpending_file;
const char *origin;
@@ -60,8 +64,7 @@ typedef struct {
int old_format;
} device_t;
-int get_devices_from_authfile(const char *authfile, const char *username,
- unsigned max_devs, int verbose, FILE *debug_file,
+int get_devices_from_authfile(const cfg_t *cfg, const char *username,
device_t *devices, unsigned *n_devs);
void free_devices(device_t *devices, const unsigned n_devs);
@@ -70,8 +73,16 @@ int do_authentication(const cfg_t *cfg,
int do_manual_authentication(const cfg_t *cfg, const device_t *devices,
const unsigned n_devs, pam_handle_t *pamh);
char *converse(pam_handle_t *pamh, int echocode, const char *prompt);
-void _debug(FILE *, const char *, int, const char *, const char *, ...);
int random_bytes(void *, size_t);
+int cose_type(const char *, int *);
+const char *cose_string(int);
+
+#ifdef __GNUC__
+void _debug(FILE *, const char *, int, const char *, const char *, ...)
+ __attribute__((__format__(printf, 5, 6)));
+#else
+void _debug(FILE *, const char *, int, const char *, const char *, ...);
+#endif /* __GNUC__ */
#if !defined(HAVE_EXPLICIT_BZERO)
void explicit_bzero(void *, size_t);
