aboutsummaryrefslogtreecommitdiff
path: root/lib/libpam
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2017-02-19 21:00:46 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2017-02-19 21:00:46 +0000
commit04e30652172d69d399641893e6a801503a0a1f8f (patch)
tree13dc6a841647bee3f58db67dea6c46970b923e12 /lib/libpam
parentd2afd010d41e1acf0fe4e164246c8055368bf503 (diff)
downloadsrc-04e30652172d69d399641893e6a801503a0a1f8f.tar.gz
src-04e30652172d69d399641893e6a801503a0a1f8f.zip
Vendor import of OpenPAM Radula.vendor/openpam/RADULA
Notes
Notes: svn path=/vendor/openpam/dist/; revision=313968 svn path=/vendor/openpam/RADULA/; revision=313969; tag=vendor/openpam/RADULA
Diffstat (limited to 'lib/libpam')
-rw-r--r--lib/libpam/Makefile.am6
-rw-r--r--lib/libpam/Makefile.in41
-rw-r--r--lib/libpam/openpam_configure.c14
-rw-r--r--lib/libpam/openpam_ctype.h4
-rw-r--r--lib/libpam/openpam_dispatch.c12
-rw-r--r--lib/libpam/openpam_dlfunc.h5
-rw-r--r--lib/libpam/openpam_features.c9
-rw-r--r--lib/libpam/openpam_findenv.c6
-rw-r--r--lib/libpam/openpam_impl.h39
-rw-r--r--lib/libpam/openpam_load.c6
-rw-r--r--lib/libpam/openpam_readlinev.c6
-rw-r--r--lib/libpam/openpam_readword.c6
-rw-r--r--lib/libpam/openpam_strlset.c4
-rw-r--r--lib/libpam/openpam_strlset.h4
-rw-r--r--lib/libpam/openpam_ttyconv.c4
-rw-r--r--lib/libpam/pam_end.c10
-rw-r--r--lib/libpam/pam_get_authtok.c12
-rw-r--r--lib/libpam/pam_get_data.c5
-rw-r--r--lib/libpam/pam_get_item.c5
-rw-r--r--lib/libpam/pam_get_user.c13
-rw-r--r--lib/libpam/pam_getenv.c17
-rw-r--r--lib/libpam/pam_getenvlist.c4
-rw-r--r--lib/libpam/pam_putenv.c16
-rw-r--r--lib/libpam/pam_set_data.c4
-rw-r--r--lib/libpam/pam_set_item.c15
-rw-r--r--lib/libpam/pam_setenv.c9
26 files changed, 150 insertions, 126 deletions
diff --git a/lib/libpam/Makefile.am b/lib/libpam/Makefile.am
index a7781d656786..faf0dd553f21 100644
--- a/lib/libpam/Makefile.am
+++ b/lib/libpam/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am 807 2014-09-09 09:41:32Z des $
+# $Id: Makefile.am 833 2014-10-28 09:03:41Z des $
NULL =
@@ -79,8 +79,8 @@ libpam_la_SOURCES = \
pam_vprompt.c \
$(NULL)
-libpam_la_LDFLAGS = -no-undefined -version-info @LIB_MAJ@
-libpam_la_LIBADD = @DL_LIBS@
+libpam_la_LDFLAGS = -no-undefined -version-info $(LIB_MAJ)
+libpam_la_LIBADD = $(DL_LIBS)
EXTRA_DIST = \
pam_authenticate_secondary.c \
diff --git a/lib/libpam/Makefile.in b/lib/libpam/Makefile.in
index f2971163e0ed..7e73926685d4 100644
--- a/lib/libpam/Makefile.in
+++ b/lib/libpam/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.14 from Makefile.am.
+# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -14,11 +14,21 @@
@SET_MAKE@
-# $Id: Makefile.am 807 2014-09-09 09:41:32Z des $
+# $Id: Makefile.am 833 2014-10-28 09:03:41Z des $
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -82,12 +92,15 @@ POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
subdir = lib/libpam
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(noinst_HEADERS)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.ac
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+ $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(noinst_HEADERS) \
+ $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -121,7 +134,8 @@ am__uninstall_files_from_dir = { \
}
am__installdirs = "$(DESTDIR)$(libdir)"
LTLIBRARIES = $(lib_LTLIBRARIES)
-libpam_la_DEPENDENCIES =
+am__DEPENDENCIES_1 =
+libpam_la_DEPENDENCIES = $(am__DEPENDENCIES_1)
am__objects_1 =
am_libpam_la_OBJECTS = openpam_asprintf.lo openpam_borrow_cred.lo \
openpam_check_owner_perms.lo openpam_configure.lo \
@@ -211,6 +225,7 @@ am__define_uniq_tagged_files = \
done | $(am__uniquify_input)`
ETAGS = etags
CTAGS = ctags
+am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -225,6 +240,7 @@ CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
CPP = @CPP@
CPPFLAGS = @CPPFLAGS@
+CRYB_TEST_LIBS = @CRYB_TEST_LIBS@
CRYPTO_LIBS = @CRYPTO_LIBS@
CRYPT_LIBS = @CRYPT_LIBS@
CYGPATH_W = @CYGPATH_W@
@@ -255,6 +271,7 @@ LIB_MAJ = @LIB_MAJ@
LIPO = @LIPO@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -278,6 +295,7 @@ SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
+SYSTEM_LIBPAM = @SYSTEM_LIBPAM@
VERSION = @VERSION@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
@@ -407,8 +425,8 @@ libpam_la_SOURCES = \
pam_vprompt.c \
$(NULL)
-libpam_la_LDFLAGS = -no-undefined -version-info @LIB_MAJ@
-libpam_la_LIBADD = @DL_LIBS@
+libpam_la_LDFLAGS = -no-undefined -version-info $(LIB_MAJ)
+libpam_la_LIBADD = $(DL_LIBS)
EXTRA_DIST = \
pam_authenticate_secondary.c \
pam_get_mapped_authtok.c \
@@ -444,7 +462,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/libpam/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --foreign lib/libpam/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
@@ -796,6 +813,8 @@ uninstall-am: uninstall-libLTLIBRARIES
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES
+.PRECIOUS: Makefile
+
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/lib/libpam/openpam_configure.c b/lib/libpam/openpam_configure.c
index 5a4ca620222f..e06eba2859dc 100644
--- a/lib/libpam/openpam_configure.c
+++ b/lib/libpam/openpam_configure.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2014 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2015 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_configure.c 796 2014-06-03 21:30:08Z des $
+ * $Id: openpam_configure.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -410,6 +410,10 @@ openpam_load_chain(pam_handle_t *pamh,
for (path = openpam_policy_path; *path != NULL; ++path) {
/* construct filename */
len = strlcpy(filename, *path, sizeof filename);
+ if (len >= sizeof filename) {
+ errno = ENAMETOOLONG;
+ RETURNN(-1);
+ }
if (filename[len - 1] == '/') {
len = strlcat(filename, service, sizeof filename);
if (len >= sizeof filename) {
@@ -463,8 +467,10 @@ openpam_configure(pam_handle_t *pamh,
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt) {
if (pamh->chains[fclt] != NULL)
continue;
- if (openpam_load_chain(pamh, PAM_OTHER, fclt) < 0)
- goto load_err;
+ if (OPENPAM_FEATURE(FALLBACK_TO_OTHER)) {
+ if (openpam_load_chain(pamh, PAM_OTHER, fclt) < 0)
+ goto load_err;
+ }
}
RETURNC(PAM_SUCCESS);
load_err:
diff --git a/lib/libpam/openpam_ctype.h b/lib/libpam/openpam_ctype.h
index d99d34b4dacf..671c2f5cf8c9 100644
--- a/lib/libpam/openpam_ctype.h
+++ b/lib/libpam/openpam_ctype.h
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2012 Dag-Erling Smørgrav
+ * Copyright (c) 2012-2014 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_ctype.h 763 2014-02-26 16:29:16Z des $
+ * $Id: openpam_ctype.h 890 2016-01-11 16:22:09Z des $
*/
#ifndef OPENPAM_CTYPE_H_INCLUDED
diff --git a/lib/libpam/openpam_dispatch.c b/lib/libpam/openpam_dispatch.c
index 5fa068f8e261..391ce8050d8f 100644
--- a/lib/libpam/openpam_dispatch.c
+++ b/lib/libpam/openpam_dispatch.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2011 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2015 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_dispatch.c 807 2014-09-09 09:41:32Z des $
+ * $Id: openpam_dispatch.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -41,6 +41,8 @@
#include <sys/param.h>
+#include <stdint.h>
+
#include <security/pam_appl.h>
#include "openpam_impl.h"
@@ -67,8 +69,6 @@ openpam_dispatch(pam_handle_t *pamh,
int debug;
ENTER();
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
/* prevent recursion */
if (pamh->current != NULL) {
@@ -117,7 +117,7 @@ openpam_dispatch(pam_handle_t *pamh,
openpam_log(PAM_LOG_LIBDEBUG, "calling %s() in %s",
pam_sm_func_name[primitive], chain->module->path);
r = (chain->module->func[primitive])(pamh, flags,
- chain->optc, (const char **)chain->optv);
+ chain->optc, (const char **)(intptr_t)chain->optv);
pamh->current = NULL;
openpam_log(PAM_LOG_LIBDEBUG, "%s: %s(): %s",
chain->module->path, pam_sm_func_name[primitive],
@@ -128,7 +128,7 @@ openpam_dispatch(pam_handle_t *pamh,
if (r == PAM_IGNORE)
continue;
- if (r == PAM_SUCCESS) {
+ if (r == PAM_SUCCESS) {
++nsuccess;
/*
* For pam_setcred() and pam_chauthtok() with the
diff --git a/lib/libpam/openpam_dlfunc.h b/lib/libpam/openpam_dlfunc.h
index a92ab9cd368d..6f8724a65d4f 100644
--- a/lib/libpam/openpam_dlfunc.h
+++ b/lib/libpam/openpam_dlfunc.h
@@ -10,6 +10,9 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
+ * permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
@@ -23,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_dlfunc.h 660 2013-03-11 15:08:52Z des $
+ * $Id: openpam_dlfunc.h 872 2015-12-01 19:25:07Z des $
*/
#ifndef OPENPAM_DLFCN_H_INCLUDED
diff --git a/lib/libpam/openpam_features.c b/lib/libpam/openpam_features.c
index 8ca8828058be..387d27bcd384 100644
--- a/lib/libpam/openpam_features.c
+++ b/lib/libpam/openpam_features.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2012 Dag-Erling Smørgrav
+ * Copyright (c) 2012-2015 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_features.c 648 2013-03-05 17:54:27Z des $
+ * $Id: openpam_features.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -65,4 +65,9 @@ struct openpam_feature openpam_features[OPENPAM_NUM_FEATURES] = {
"Verify ownership and permissions of module files",
1
),
+ STRUCT_OPENPAM_FEATURE(
+ FALLBACK_TO_OTHER,
+ "Fall back to \"other\" policy for empty chains",
+ 1
+ ),
};
diff --git a/lib/libpam/openpam_findenv.c b/lib/libpam/openpam_findenv.c
index 3512c3f3c96d..3ad2c845794a 100644
--- a/lib/libpam/openpam_findenv.c
+++ b/lib/libpam/openpam_findenv.c
@@ -32,13 +32,14 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_findenv.c 648 2013-03-05 17:54:27Z des $
+ * $Id: openpam_findenv.c 914 2017-01-21 15:15:29Z des $
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
+#include <errno.h>
#include <string.h>
#include <security/pam_appl.h>
@@ -59,12 +60,11 @@ openpam_findenv(pam_handle_t *pamh,
int i;
ENTER();
- if (pamh == NULL)
- RETURNN(-1);
for (i = 0; i < pamh->env_count; ++i)
if (strncmp(pamh->env[i], name, len) == 0 &&
pamh->env[i][len] == '=')
RETURNN(i);
+ errno = ENOENT;
RETURNN(-1);
}
diff --git a/lib/libpam/openpam_impl.h b/lib/libpam/openpam_impl.h
index c533acb77572..589a3b325539 100644
--- a/lib/libpam/openpam_impl.h
+++ b/lib/libpam/openpam_impl.h
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_impl.h 648 2013-03-05 17:54:27Z des $
+ * $Id: openpam_impl.h 915 2017-02-07 12:03:19Z des $
*/
#ifndef OPENPAM_IMPL_H_INCLUDED
@@ -130,19 +130,28 @@ struct pam_handle {
/*
* Internal functions
*/
-int openpam_configure(pam_handle_t *, const char *);
-int openpam_dispatch(pam_handle_t *, int, int);
-int openpam_findenv(pam_handle_t *, const char *, size_t);
-pam_module_t *openpam_load_module(const char *);
-void openpam_clear_chains(pam_chain_t **);
-
-int openpam_check_desc_owner_perms(const char *, int);
-int openpam_check_path_owner_perms(const char *);
+int openpam_configure(pam_handle_t *, const char *)
+ OPENPAM_NONNULL((1));
+int openpam_dispatch(pam_handle_t *, int, int)
+ OPENPAM_NONNULL((1));
+int openpam_findenv(pam_handle_t *, const char *, size_t)
+ OPENPAM_NONNULL((1,2));
+pam_module_t *openpam_load_module(const char *)
+ OPENPAM_NONNULL((1));
+void openpam_clear_chains(pam_chain_t **)
+ OPENPAM_NONNULL((1));
+
+int openpam_check_desc_owner_perms(const char *, int)
+ OPENPAM_NONNULL((1));
+int openpam_check_path_owner_perms(const char *)
+ OPENPAM_NONNULL((1));
#ifdef OPENPAM_STATIC_MODULES
-pam_module_t *openpam_static(const char *);
+pam_module_t *openpam_static(const char *)
+ OPENPAM_NONNULL((1));
#endif
-pam_module_t *openpam_dynamic(const char *);
+pam_module_t *openpam_dynamic(const char *)
+ OPENPAM_NONNULL((1));
#define FREE(p) \
do { \
@@ -152,11 +161,11 @@ pam_module_t *openpam_dynamic(const char *);
#define FREEV(c, v) \
do { \
- while (c) { \
- --(c); \
- FREE((v)[(c)]); \
+ if ((v) != NULL) { \
+ while ((c)-- > 0) \
+ FREE((v)[(c)]); \
+ FREE(v); \
} \
- FREE(v); \
} while (0)
#include "openpam_constants.h"
diff --git a/lib/libpam/openpam_load.c b/lib/libpam/openpam_load.c
index a926dbd1288e..614c6fb40938 100644
--- a/lib/libpam/openpam_load.c
+++ b/lib/libpam/openpam_load.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2011 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2013 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_load.c 664 2013-03-17 10:56:15Z des $
+ * $Id: openpam_load.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -84,6 +84,7 @@ openpam_load_module(const char *modulename)
static void
openpam_release_module(pam_module_t *module)
{
+
if (module == NULL)
return;
if (module->dlh == NULL)
@@ -104,6 +105,7 @@ openpam_release_module(pam_module_t *module)
static void
openpam_destroy_chain(pam_chain_t *chain)
{
+
if (chain == NULL)
return;
openpam_destroy_chain(chain->next);
diff --git a/lib/libpam/openpam_readlinev.c b/lib/libpam/openpam_readlinev.c
index 5edc368fd356..d73fc5580e8f 100644
--- a/lib/libpam/openpam_readlinev.c
+++ b/lib/libpam/openpam_readlinev.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2012 Dag-Erling Smørgrav
+ * Copyright (c) 2012-2016 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_readlinev.c 648 2013-03-05 17:54:27Z des $
+ * $Id: openpam_readlinev.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -79,6 +79,7 @@ openpam_readlinev(FILE *f, int *lineno, int *lenp)
/* insert our word */
wordv[wordvlen++] = word;
wordv[wordvlen] = NULL;
+ word = NULL;
}
if (errno != 0) {
/* I/O error or out of memory */
@@ -86,6 +87,7 @@ openpam_readlinev(FILE *f, int *lineno, int *lenp)
while (wordvlen--)
free(wordv[wordvlen]);
free(wordv);
+ free(word);
errno = serrno;
return (NULL);
}
diff --git a/lib/libpam/openpam_readword.c b/lib/libpam/openpam_readword.c
index b52e7dfa41c0..a73b900cbacd 100644
--- a/lib/libpam/openpam_readword.c
+++ b/lib/libpam/openpam_readword.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2012 Dag-Erling Smørgrav
+ * Copyright (c) 2012-2014 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_readword.c 648 2013-03-05 17:54:27Z des $
+ * $Id: openpam_readword.c 916 2017-02-07 12:25:58Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -134,7 +134,7 @@ openpam_readword(FILE *f, int *lineno, size_t *lenp)
}
if (ch == EOF && (escape || quote)) {
/* Missing escaped character or closing quote. */
- openpam_log(PAM_LOG_ERROR, "unexpected end of file");
+ openpam_log(PAM_LOG_DEBUG, "unexpected end of file");
free(word);
errno = EINVAL;
return (NULL);
diff --git a/lib/libpam/openpam_strlset.c b/lib/libpam/openpam_strlset.c
index 2f4c4fa7e188..febdb5c4ebc8 100644
--- a/lib/libpam/openpam_strlset.c
+++ b/lib/libpam/openpam_strlset.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2011-2012 Dag-Erling Smørgrav
+ * Copyright (c) 2014 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_strlset.c 807 2014-09-09 09:41:32Z des $
+ * $Id: openpam_strlset.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
diff --git a/lib/libpam/openpam_strlset.h b/lib/libpam/openpam_strlset.h
index 4bb0bb6404d0..282a26bdbde2 100644
--- a/lib/libpam/openpam_strlset.h
+++ b/lib/libpam/openpam_strlset.h
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2011 Dag-Erling Smørgrav
+ * Copyright (c) 2014 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_strlset.h 807 2014-09-09 09:41:32Z des $
+ * $Id: openpam_strlset.h 890 2016-01-11 16:22:09Z des $
*/
#ifndef OPENPAM_STRLSET_H_INCLUDED
diff --git a/lib/libpam/openpam_ttyconv.c b/lib/libpam/openpam_ttyconv.c
index d21320ca7228..7591eed682bc 100644
--- a/lib/libpam/openpam_ttyconv.c
+++ b/lib/libpam/openpam_ttyconv.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2011 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2014 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: openpam_ttyconv.c 807 2014-09-09 09:41:32Z des $
+ * $Id: openpam_ttyconv.c 890 2016-01-11 16:22:09Z des $
*/
#ifdef HAVE_CONFIG_H
diff --git a/lib/libpam/pam_end.c b/lib/libpam/pam_end.c
index f7ece50e535f..c855b59c4885 100644
--- a/lib/libpam/pam_end.c
+++ b/lib/libpam/pam_end.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_end.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_end.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -60,8 +60,6 @@ pam_end(pam_handle_t *pamh,
int i;
ENTER();
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
/* clear module data */
while ((dp = pamh->module_data) != NULL) {
@@ -91,12 +89,6 @@ pam_end(pam_handle_t *pamh,
RETURNC(PAM_SUCCESS);
}
-/*
- * Error codes:
- *
- * PAM_SYSTEM_ERR
- */
-
/**
* The =pam_end function terminates a PAM transaction and destroys the
* corresponding PAM context, releasing all resources allocated to it.
diff --git a/lib/libpam/pam_get_authtok.c b/lib/libpam/pam_get_authtok.c
index 36382f5d8690..83c6b7053fac 100644
--- a/lib/libpam/pam_get_authtok.c
+++ b/lib/libpam/pam_get_authtok.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2011 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2017 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_get_authtok.c 807 2014-09-09 09:41:32Z des $
+ * $Id: pam_get_authtok.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -76,8 +76,6 @@ pam_get_authtok(pam_handle_t *pamh,
int pitem, r, style, twice;
ENTER();
- if (pamh == NULL || authtok == NULL)
- RETURNC(PAM_SYSTEM_ERR);
*authtok = NULL;
twice = 0;
switch (item) {
@@ -122,9 +120,11 @@ pam_get_authtok(pam_handle_t *pamh,
if ((promptp = openpam_get_option(pamh, prompt_option)) != NULL)
prompt = promptp;
/* no prompt provided, see if there is one tucked away somewhere */
- if (prompt == NULL)
- if (pam_get_item(pamh, pitem, &promptp) && promptp != NULL)
+ if (prompt == NULL) {
+ r = pam_get_item(pamh, pitem, &promptp);
+ if (r == PAM_SUCCESS && promptp != NULL)
prompt = promptp;
+ }
/* fall back to hardcoded default */
if (prompt == NULL)
prompt = default_prompt;
diff --git a/lib/libpam/pam_get_data.c b/lib/libpam/pam_get_data.c
index de31d7013f4c..a2f5072cb374 100644
--- a/lib/libpam/pam_get_data.c
+++ b/lib/libpam/pam_get_data.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_get_data.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_get_data.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -60,8 +60,6 @@ pam_get_data(const pam_handle_t *pamh,
pam_data_t *dp;
ENTERS(module_data_name);
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
for (dp = pamh->module_data; dp != NULL; dp = dp->next) {
if (strcmp(dp->name, module_data_name) == 0) {
*data = (void *)dp->data;
@@ -74,7 +72,6 @@ pam_get_data(const pam_handle_t *pamh,
/*
* Error codes:
*
- * PAM_SYSTEM_ERR
* PAM_NO_MODULE_DATA
*/
diff --git a/lib/libpam/pam_get_item.c b/lib/libpam/pam_get_item.c
index 9dc3dc33b202..e28012ea2672 100644
--- a/lib/libpam/pam_get_item.c
+++ b/lib/libpam/pam_get_item.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_get_item.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_get_item.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -59,8 +59,6 @@ pam_get_item(const pam_handle_t *pamh,
{
ENTERI(item_type);
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
switch (item_type) {
case PAM_SERVICE:
case PAM_USER:
@@ -86,7 +84,6 @@ pam_get_item(const pam_handle_t *pamh,
* Error codes:
*
* PAM_SYMBOL_ERR
- * PAM_SYSTEM_ERR
*/
/**
diff --git a/lib/libpam/pam_get_user.c b/lib/libpam/pam_get_user.c
index 2e22e0ec0364..f3fc4b60b8f2 100644
--- a/lib/libpam/pam_get_user.c
+++ b/lib/libpam/pam_get_user.c
@@ -1,6 +1,6 @@
/*-
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
- * Copyright (c) 2004-2011 Dag-Erling Smørgrav
+ * Copyright (c) 2004-2017 Dag-Erling Smørgrav
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_get_user.c 670 2013-03-17 19:26:07Z des $
+ * $Id: pam_get_user.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -69,8 +69,6 @@ pam_get_user(pam_handle_t *pamh,
int r;
ENTER();
- if (pamh == NULL || user == NULL)
- RETURNC(PAM_SYSTEM_ERR);
r = pam_get_item(pamh, PAM_USER, (const void **)user);
if (r == PAM_SUCCESS && *user != NULL)
RETURNC(PAM_SUCCESS);
@@ -78,10 +76,11 @@ pam_get_user(pam_handle_t *pamh,
if ((promptp = openpam_get_option(pamh, "user_prompt")) != NULL)
prompt = promptp;
/* no prompt provided, see if there is one tucked away somewhere */
- if (prompt == NULL)
- if (pam_get_item(pamh, PAM_USER_PROMPT, &promptp) &&
- promptp != NULL)
+ if (prompt == NULL) {
+ r = pam_get_item(pamh, PAM_USER_PROMPT, &promptp);
+ if (r == PAM_SUCCESS && promptp != NULL)
prompt = promptp;
+ }
/* fall back to hardcoded default */
if (prompt == NULL)
prompt = user_prompt;
diff --git a/lib/libpam/pam_getenv.c b/lib/libpam/pam_getenv.c
index 666903549454..1e034468fbc2 100644
--- a/lib/libpam/pam_getenv.c
+++ b/lib/libpam/pam_getenv.c
@@ -32,13 +32,14 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_getenv.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_getenv.c 914 2017-01-21 15:15:29Z des $
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
+#include <errno.h>
#include <stdlib.h>
#include <string.h>
@@ -61,18 +62,14 @@ pam_getenv(pam_handle_t *pamh,
int i;
ENTERS(name);
- if (pamh == NULL)
- RETURNS(NULL);
- if (name == NULL || strchr(name, '=') != NULL)
+ if (strchr(name, '=') != NULL) {
+ errno = EINVAL;
RETURNS(NULL);
+ }
if ((i = openpam_findenv(pamh, name, strlen(name))) < 0)
RETURNS(NULL);
- for (str = pamh->env[i]; *str != '\0'; ++str) {
- if (*str == '=') {
- ++str;
- break;
- }
- }
+ if ((str = strchr(pamh->env[i], '=')) == NULL)
+ RETURNS("");
RETURNS(str);
}
diff --git a/lib/libpam/pam_getenvlist.c b/lib/libpam/pam_getenvlist.c
index 9dcded0e79b9..4139c2fb4d31 100644
--- a/lib/libpam/pam_getenvlist.c
+++ b/lib/libpam/pam_getenvlist.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_getenvlist.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_getenvlist.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -60,8 +60,6 @@ pam_getenvlist(pam_handle_t *pamh)
int i;
ENTER();
- if (pamh == NULL)
- RETURNP(NULL);
envlist = malloc(sizeof(char *) * (pamh->env_count + 1));
if (envlist == NULL) {
openpam_log(PAM_LOG_ERROR, "%s",
diff --git a/lib/libpam/pam_putenv.c b/lib/libpam/pam_putenv.c
index 0d4d71036cf5..605277fda6f4 100644
--- a/lib/libpam/pam_putenv.c
+++ b/lib/libpam/pam_putenv.c
@@ -32,13 +32,14 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_putenv.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_putenv.c 914 2017-01-21 15:15:29Z des $
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
+#include <errno.h>
#include <stdlib.h>
#include <string.h>
@@ -58,15 +59,16 @@ pam_putenv(pam_handle_t *pamh,
const char *namevalue)
{
char **env, *p;
+ size_t env_size;
int i;
ENTER();
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
/* sanity checks */
- if (namevalue == NULL || (p = strchr(namevalue, '=')) == NULL)
+ if ((p = strchr(namevalue, '=')) == NULL) {
+ errno = EINVAL;
RETURNC(PAM_SYSTEM_ERR);
+ }
/* see if the variable is already in the environment */
if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) >= 0) {
@@ -79,12 +81,12 @@ pam_putenv(pam_handle_t *pamh,
/* grow the environment list if necessary */
if (pamh->env_count == pamh->env_size) {
- env = realloc(pamh->env,
- sizeof(char *) * (pamh->env_size * 2 + 1));
+ env_size = pamh->env_size * 2 + 1;
+ env = realloc(pamh->env, sizeof(char *) * env_size);
if (env == NULL)
RETURNC(PAM_BUF_ERR);
pamh->env = env;
- pamh->env_size = pamh->env_size * 2 + 1;
+ pamh->env_size = env_size;
}
/* add the variable at the end */
diff --git a/lib/libpam/pam_set_data.c b/lib/libpam/pam_set_data.c
index 344f4ef30fae..6a26b6fb02e0 100644
--- a/lib/libpam/pam_set_data.c
+++ b/lib/libpam/pam_set_data.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_set_data.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_set_data.c 913 2017-01-21 15:11:12Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -64,8 +64,6 @@ pam_set_data(pam_handle_t *pamh,
pam_data_t *dp;
ENTERS(module_data_name);
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
for (dp = pamh->module_data; dp != NULL; dp = dp->next) {
if (strcmp(dp->name, module_data_name) == 0) {
if (dp->cleanup)
diff --git a/lib/libpam/pam_set_item.c b/lib/libpam/pam_set_item.c
index 10c855aa9e10..0e8f76f7fa6b 100644
--- a/lib/libpam/pam_set_item.c
+++ b/lib/libpam/pam_set_item.c
@@ -32,7 +32,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_set_item.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_set_item.c 918 2017-02-19 17:46:22Z des $
*/
#ifdef HAVE_CONFIG_H
@@ -60,18 +60,16 @@ pam_set_item(pam_handle_t *pamh,
int item_type,
const void *item)
{
- void **slot, *tmp;
+ void **slot;
size_t nsize, osize;
ENTERI(item_type);
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
slot = &pamh->item[item_type];
osize = nsize = 0;
switch (item_type) {
case PAM_SERVICE:
/* set once only, by pam_start() */
- if (*slot != NULL)
+ if (*slot != NULL && item != NULL)
RETURNC(PAM_SYSTEM_ERR);
/* fall through */
case PAM_USER:
@@ -103,13 +101,12 @@ pam_set_item(pam_handle_t *pamh,
FREE(*slot);
}
if (item != NULL) {
- if ((tmp = malloc(nsize)) == NULL)
+ if ((*slot = malloc(nsize)) == NULL)
RETURNC(PAM_BUF_ERR);
- memcpy(tmp, item, nsize);
+ memcpy(*slot, item, nsize);
} else {
- tmp = NULL;
+ *slot = NULL;
}
- *slot = tmp;
RETURNC(PAM_SUCCESS);
}
diff --git a/lib/libpam/pam_setenv.c b/lib/libpam/pam_setenv.c
index 070a185e6019..3c2209c1c0dd 100644
--- a/lib/libpam/pam_setenv.c
+++ b/lib/libpam/pam_setenv.c
@@ -32,13 +32,14 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: pam_setenv.c 648 2013-03-05 17:54:27Z des $
+ * $Id: pam_setenv.c 914 2017-01-21 15:15:29Z des $
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
+#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -65,12 +66,12 @@ pam_setenv(pam_handle_t *pamh,
int r;
ENTER();
- if (pamh == NULL)
- RETURNC(PAM_SYSTEM_ERR);
/* sanity checks */
- if (name == NULL || value == NULL || strchr(name, '=') != NULL)
+ if (*name == '\0' || strchr(name, '=') != NULL) {
+ errno = EINVAL;
RETURNC(PAM_SYSTEM_ERR);
+ }
/* is it already there? */
if (!overwrite && openpam_findenv(pamh, name, strlen(name)) >= 0)