The branch, master has been updated via e6574f6 pwrap: Add support for pam_start_confdir() via 8ba6072 cmake: Add a check for pam_start_confdir() via f007f04 cmake: Add link to compile database from cb99388 gitlab-ci: Setup CI for pam_wrapper
https://git.samba.org/?p=pam_wrapper.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit e6574f666cb92947b136ac0c951112b65360be7c Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 6 17:35:28 2020 +0100 pwrap: Add support for pam_start_confdir() This allows us to not do some ugly binary editing hacks to libpam.so. https://github.com/linux-pam/linux-pam/commit/7a84910896d5579bd9c016696224d7d69a307bd9 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 8ba6072b7581f0b0d9ca380b0b48059d0ad1344a Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 6 17:18:06 2020 +0100 cmake: Add a check for pam_start_confdir() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit f007f04f674f1c978d0e325c9c7ce899cefb92c1 Author: Andreas Schneider <a...@samba.org> Date: Fri Mar 6 17:35:16 2020 +0100 cmake: Add link to compile database Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> ----------------------------------------------------------------------- Summary of changes: CMakeLists.txt | 4 ++++ ConfigureChecks.cmake | 1 + config.h.cmake | 1 + src/pam_wrapper.c | 48 +++++++++++++++++++++++++++++++++++++++++++++++- 4 files changed, 53 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/CMakeLists.txt b/CMakeLists.txt index 7d646da..94d7146 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -54,6 +54,10 @@ if (UNIT_TESTING) add_subdirectory(tests) endif (UNIT_TESTING) +# Link compile database for clangd +execute_process(COMMAND cmake -E create_symlink + "${CMAKE_BINARY_DIR}/compile_commands.json" + "${CMAKE_SOURCE_DIR}/compile_commands.json") # pkg-config file get_filename_component(PAM_WRAPPER_LIB ${PAM_WRAPPER_LOCATION} NAME) diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake index ce4a7e5..1d5ca9a 100644 --- a/ConfigureChecks.cmake +++ b/ConfigureChecks.cmake @@ -76,6 +76,7 @@ check_library_exists(${PAM_LIBRARY} openpam_set_option "" HAVE_OPENPAM) set(CMAKE_REQUIRED_LIBRARIES ${PAM_LIBRARY}) check_function_exists(pam_syslog HAVE_PAM_SYSLOG) check_function_exists(pam_vsyslog HAVE_PAM_VSYSLOG) +check_function_exists(pam_start_confdir HAVE_PAM_START_CONFDIR) unset(CMAKE_REQUIRED_LIBRARIES) # OPTIONS diff --git a/config.h.cmake b/config.h.cmake index 7e4451d..4e74315 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -20,6 +20,7 @@ #cmakedefine HAVE_PAM_VSYSLOG 1 #cmakedefine HAVE_PAM_SYSLOG 1 +#cmakedefine HAVE_PAM_START_CONFDIR 1 #cmakedefine HAVE_PAM_VPROMPT_CONST 1 #cmakedefine HAVE_PAM_PROMPT_CONST 1 diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c index 043c00e..2a3a1d8 100644 --- a/src/pam_wrapper.c +++ b/src/pam_wrapper.c @@ -199,6 +199,12 @@ typedef int (*__libpam_pam_start)(const char *service_name, const struct pam_conv *pam_conversation, pam_handle_t **pamh); +typedef int (*__libpam_pam_start_confdir)(const char *service_name, + const char *user, + const struct pam_conv *pam_conversation, + const char *confdir, + pam_handle_t **pamh); + typedef int (*__libpam_pam_end)(pam_handle_t *pamh, int pam_status); typedef int (*__libpam_pam_authenticate)(pam_handle_t *pamh, int flags); @@ -262,6 +268,7 @@ typedef void (*__libpam_pam_vsyslog)(const pam_handle_t *pamh, struct pwrap_libpam_symbols { PWRAP_SYMBOL_ENTRY(pam_start); + PWRAP_SYMBOL_ENTRY(pam_start_confdir); PWRAP_SYMBOL_ENTRY(pam_end); PWRAP_SYMBOL_ENTRY(pam_authenticate); PWRAP_SYMBOL_ENTRY(pam_chauthtok); @@ -397,6 +404,22 @@ static void *_pwrap_bind_symbol(enum pwrap_lib lib, const char *fn_name) * valgrind and has probably something todo with with the linker. * So we need load each function at the point it is called the first time. */ +#ifdef HAVE_PAM_START_CONFDIR +static int libpam_pam_start_confdir(const char *service_name, + const char *user, + const struct pam_conv *pam_conversation, + const char *confdir, + pam_handle_t **pamh) +{ + pwrap_bind_symbol_libpam(pam_start_confdir); + + return pwrap.libpam.symbols._libpam_pam_start_confdir.f(service_name, + user, + pam_conversation, + confdir, + pamh); +} +#else static int libpam_pam_start(const char *service_name, const char *user, const struct pam_conv *pam_conversation, @@ -410,6 +433,8 @@ static int libpam_pam_start(const char *service_name, pamh); } +#endif + static int libpam_pam_end(pam_handle_t *pamh, int pam_status) { pwrap_bind_symbol_libpam(pam_end); @@ -777,6 +802,7 @@ static void pwrap_clean_stale_dirs(const char *dir) return; } +#ifndef HAVE_PAM_START_CONFDIR static int pso_copy(const char *src, const char *dst, const char *pdir, mode_t mode) { #define PSO_COPY_READ_SIZE 16 @@ -895,6 +921,7 @@ out: return rc; #undef PSO_COPY_READ_SIZE } +#endif /* HAVE_PAM_START_CONFDIR */ static void pwrap_init(void) { @@ -904,8 +931,10 @@ static void pwrap_init(void) struct stat sb; int rc; unsigned i; +#ifndef HAVE_PAM_START_CONFDIR char pam_library[128] = { 0 }; char libpam_path[1024] = { 0 }; +#endif ssize_t ret; FILE *pidfile; char pidfile_path[1024] = { 0 }; @@ -996,6 +1025,14 @@ static void pwrap_init(void) exit(1); } +#ifdef HAVE_PAM_START_CONFDIR + pwrap.libpam_so = strdup(PAM_LIBRARY); + if (pwrap.libpam_so == NULL) { + PWRAP_LOG(PWRAP_LOG_ERROR, "No memory"); + p_rmdirs(pwrap.config_dir); + exit(1); + } +#else /* HAVE_PAM_START_CONFDIR */ /* create lib subdirectory */ snprintf(libpam_path, sizeof(libpam_path), @@ -1080,6 +1117,9 @@ static void pwrap_init(void) p_rmdirs(pwrap.config_dir); exit(1); } +#endif /* HAVE_PAM_START_CONFDIR */ + + PWRAP_LOG(PWRAP_LOG_TRACE, "Using libpam path: %s", pwrap.libpam_so); pwrap.initialised = true; @@ -1198,11 +1238,17 @@ static int pwrap_pam_start(const char *service_name, service_name, user); -#ifdef HAVE_OPENPAM +#if defined(HAVE_OPENPAM) return pwrap_openpam_start(service_name, user, pam_conversation, pamh); +#elif defined (HAVE_PAM_START_CONFDIR) + return libpam_pam_start_confdir(service_name, + user, + pam_conversation, + pwrap.config_dir, + pamh); #else return libpam_pam_start(service_name, user, -- pam wrapper repository