subject:"CVS commit\: src\/lib\/libpam\/modules\/pam

CVS commit: src/lib/libpam/modules/pam_krb5

2020-02-07 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Feb  7 23:28:59 UTC 2020

Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.c

Log Message:
there is no potential overflow anymore (thanks Kamil)


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/lib/libpam/modules/pam_krb5/pam_krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.27 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.28
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.27	Fri Feb  7 17:13:35 2020
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c	Fri Feb  7 18:28:59 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_krb5.c,v 1.27 2020/02/07 22:13:35 christos Exp $	*/
+/*	$NetBSD: pam_krb5.c,v 1.28 2020/02/07 23:28:59 christos Exp $	*/
 
 /*-
  * This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
 #ifdef __FreeBSD__
 __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
 #else
-__RCSID("$NetBSD: pam_krb5.c,v 1.27 2020/02/07 22:13:35 christos Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.28 2020/02/07 23:28:59 christos Exp $");
 #endif
 
 #include 
@@ -467,7 +467,6 @@ pam_sm_setcred(pam_handle_t *pamh, int f
 			cache_name = cache_name_buf;
 		}
 
-		/* XXX potential overflow */
 		cache_name_buf2 = p = calloc(len, sizeof(char));
 		q = cache_name;

CVS commit: src/lib/libpam/modules/pam_krb5

2020-02-07 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Feb  7 22:13:35 UTC 2020

Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.c

Log Message:
stop using sprintf and check for buffer overflow.


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 src/lib/libpam/modules/pam_krb5/pam_krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.27
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.26	Sat Dec 28 13:04:03 2013
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c	Fri Feb  7 17:13:35 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_krb5.c,v 1.26 2013/12/28 18:04:03 christos Exp $	*/
+/*	$NetBSD: pam_krb5.c,v 1.27 2020/02/07 22:13:35 christos Exp $	*/
 
 /*-
  * This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
 #ifdef __FreeBSD__
 __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $");
 #else
-__RCSID("$NetBSD: pam_krb5.c,v 1.26 2013/12/28 18:04:03 christos Exp $");
+__RCSID("$NetBSD: pam_krb5.c,v 1.27 2020/02/07 22:13:35 christos Exp $");
 #endif
 
 #include 
@@ -459,6 +459,7 @@ pam_sm_setcred(pam_handle_t *pamh, int f
 if (!cache_name)
 	goto cleanup3;
 	} else {
+		size_t len = PATH_MAX + 16;
 		/* Get the cache name */
 		cache_name = openpam_get_option(pamh, PAM_OPT_CCACHE);
 		if (cache_name == NULL) {
@@ -467,7 +468,7 @@ pam_sm_setcred(pam_handle_t *pamh, int f
 		}
 
 		/* XXX potential overflow */
-		cache_name_buf2 = p = calloc(PATH_MAX + 16, sizeof(char));
+		cache_name_buf2 = p = calloc(len, sizeof(char));
 		q = cache_name;
 	
 		if (p == NULL) {
@@ -479,27 +480,42 @@ pam_sm_setcred(pam_handle_t *pamh, int f
 
 		/* convert %u and %p */
 		while (*q) {
+			int l;
 			if (*q == '%') {
 q++;
 if (*q == 'u') {
-	sprintf(p, "%d", pwd->pw_uid);
-	p += strlen(p);
+	l = snprintf(p, len, "%d", pwd->pw_uid);
 }
 else if (*q == 'p') {
-	sprintf(p, "%d", getpid());
-	p += strlen(p);
+	l = snprintf(p, len, "%d", getpid());
 }
 else {
 	/* Not a special token */
-	*p++ = '%';
+	if (!len)
+		goto truncated;
+	*p = '%';
+	l = 1;
 	q--;
 }
+if ((size_t)l > len) {
+truncated:PAM_LOG("string truncation failure");
+	retval = PAM_BUF_ERR;
+	goto cleanup3;
+}
 q++;
 			}
 			else {
-*p++ = *q++;
+if (!len)
+	goto truncated;
+*p = *q++;
+l = 1;
 			}
+			p += l;
+			len -= (size_t)l;
 		}
+		if (!len)
+			goto truncated;
+		*p = '\0';
 	}
 
 	PAM_LOG("Got cache_name: %s", cache_name);

CVS commit: src/lib/libpam/modules/pam_krb5

2011-04-25 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Apr 25 22:22:25 UTC 2011

Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.c

Log Message:
- make log_krb5 varyadic
- centralize error handling to one function
- check for NULL context


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/lib/libpam/modules/pam_krb5/pam_krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.24 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.25
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.24	Sun Apr 24 14:48:04 2011
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c	Mon Apr 25 18:22:25 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_krb5.c,v 1.24 2011/04/24 18:48:04 elric Exp $	*/
+/*	$NetBSD: pam_krb5.c,v 1.25 2011/04/25 22:22:25 christos Exp $	*/
 
 /*-
  * This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
 #ifdef __FreeBSD__
 __FBSDID($FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $);
 #else
-__RCSID($NetBSD: pam_krb5.c,v 1.24 2011/04/24 18:48:04 elric Exp $);
+__RCSID($NetBSD: pam_krb5.c,v 1.25 2011/04/25 22:22:25 christos Exp $);
 #endif
 
 #include sys/types.h
@@ -83,7 +83,8 @@
 #define	COMPAT_HEIMDAL
 /* #define	COMPAT_MIT */
 
-static void	log_krb5(krb5_context, const char *, krb5_error_code);
+static void	log_krb5(krb5_context, krb5_error_code, struct syslog_data *,
+const char *, ...) __printflike(4, 5);
 static int	verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int);
 static void	cleanup_cache(pam_handle_t *, void *, int);
 static const	char *compat_princ_component(krb5_context, krb5_principal, int);
@@ -201,7 +202,7 @@
 	krbret = krb5_parse_name(pam_context, principal, princ);
 	free(principal);
 	if (krbret != 0) {
-		log_krb5(pam_context, Error krb5_parse_name(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL, krb5_parse_name);
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup3;
@@ -212,7 +213,7 @@
 	/* Now convert the principal name into something human readable */
 	krbret = krb5_unparse_name(pam_context, princ, princ_name);
 	if (krbret != 0) {
-		log_krb5(pam_context, Error krb5_unparse_name(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL, krb5_unparse_name);
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup2;
@@ -236,8 +237,8 @@
 		sizeof(luser), luser);
 		if (krbret != 0) {
 			PAM_VERBOSE_ERROR(Kerberos 5 error);
-			log_krb5(pam_context,
-			Error krb5_aname_to_localname(): %s, krbret);
+			log_krb5(pam_context, krbret, NULL,
+			krb5_aname_to_localname);
 			retval = PAM_USER_UNKNOWN;
 			goto cleanup2;
 		}
@@ -263,8 +264,8 @@
 	pass, NULL, pamh, 0, NULL, opts);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		log_krb5(pam_context,
-		Error krb5_get_init_creds_password(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL,
+		krb5_get_init_creds_password);
 		retval = PAM_AUTH_ERR;
 		goto cleanup2;
 	}
@@ -275,21 +276,21 @@
 	krbret = krb5_cc_new_unique(pam_context, MEMORY, NULL, ccache);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		log_krb5(pam_context, Error krb5_cc_gen_new(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL, krb5_cc_gen_new);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup;
 	}
 	krbret = krb5_cc_initialize(pam_context, ccache, princ);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		log_krb5(pam_context, Error krb5_cc_initialize(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL, krb5_cc_initialize);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup;
 	}
 	krbret = krb5_cc_store_cred(pam_context, ccache, creds);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		log_krb5(pam_context, Error krb5_cc_store_cred(): %s, krbret);
+		log_krb5(pam_context, krbret, NULL, krb5_cc_store_cred);
 		krb5_cc_destroy(pam_context, ccache);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup;
@@ -382,7 +383,6 @@
 	const void *cache_data;
 	char *cache_name_buf = NULL, *p, *cache_name_buf2 = NULL;
 	char pwbuf[1024];
-	const char *errtxt;
 
 	uid_t euid;
 	gid_t egid;
@@ -427,15 +427,8 @@
 	}
 	krbret = krb5_cc_resolve(pam_context, cache_data, ccache_temp);
 	if (krbret != 0) {
-		errtxt = krb5_get_error_message(pam_context, krbret);
-		if (errtxt != NULL) {
-			PAM_LOG(Error krb5_cc_resolve(\%s\): %s,
-			(const char *)cache_data, errtxt);
-			krb5_free_error_message(pam_context, errtxt);
-		} else {
-			PAM_LOG(Error krb5_cc_resolve(\%s\): %d,
-			(const char *)cache_data, krbret);
-		}
+		log_krb5(pam_context, krbret, NULL, krb5_cc_resolve(\%s\),
+		(const char *)cache_data);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup3;
 	}
@@ -514,21 +507,20 @@
 	/* Initialize the new ccache */
 	krbret = krb5_cc_get_principal(pam_context, ccache_temp, princ);

CVS commit: src/lib/libpam/modules/pam_krb5

2011-04-24 Thread Roland Dowdeswell

Module Name:src
Committed By:   elric
Date:   Sun Apr 24 18:48:05 UTC 2011

Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.c

Log Message:
Remove use of functions marked as deprecated in Heimdal.


To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 src/lib/libpam/modules/pam_krb5/pam_krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.23 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.24
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.23	Sat Apr  2 10:22:09 2011
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c	Sun Apr 24 18:48:04 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_krb5.c,v 1.23 2011/04/02 10:22:09 mbalmer Exp $	*/
+/*	$NetBSD: pam_krb5.c,v 1.24 2011/04/24 18:48:04 elric Exp $	*/
 
 /*-
  * This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
 #ifdef __FreeBSD__
 __FBSDID($FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $);
 #else
-__RCSID($NetBSD: pam_krb5.c,v 1.23 2011/04/02 10:22:09 mbalmer Exp $);
+__RCSID($NetBSD: pam_krb5.c,v 1.24 2011/04/24 18:48:04 elric Exp $);
 #endif
 
 #include sys/types.h
@@ -83,6 +83,7 @@
 #define	COMPAT_HEIMDAL
 /* #define	COMPAT_MIT */
 
+static void	log_krb5(krb5_context, const char *, krb5_error_code);
 static int	verify_krb_v5_tgt(krb5_context, krb5_ccache, char *, int);
 static void	cleanup_cache(pam_handle_t *, void *, int);
 static const	char *compat_princ_component(krb5_context, krb5_principal, int);
@@ -111,7 +112,7 @@
 	krb5_creds creds;
 	krb5_principal princ;
 	krb5_ccache ccache;
-	krb5_get_init_creds_opt opts;
+	krb5_get_init_creds_opt *opts = NULL;
 	struct passwd *pwd, pwres;
 	int retval;
 	const void *ccache_data;
@@ -150,10 +151,14 @@
 
 	PAM_LOG(Context initialised);
 
-	krb5_get_init_creds_opt_init(opts);
+	krbret = krb5_get_init_creds_opt_alloc(pam_context, opts);
+	if (krbret != 0) {
+		PAM_VERBOSE_ERROR(Kerberos 5 error);
+		return (PAM_SERVICE_ERR);
+	}
 
 	if (openpam_get_option(pamh, PAM_OPT_FORWARDABLE))
-		krb5_get_init_creds_opt_set_forwardable(opts, 1);
+		krb5_get_init_creds_opt_set_forwardable(opts, 1);
 
 	if ((rtime = openpam_get_option(pamh, PAM_OPT_RENEWABLE)) != NULL) {
 		krb5_deltat renew;
@@ -169,7 +174,7 @@
 		else
 			rtime = 1 month;
 		renew = parse_time(rtime, s);
-		krb5_get_init_creds_opt_set_renew_life(opts, renew);
+		krb5_get_init_creds_opt_set_renew_life(opts, renew);
 	}
 
 
@@ -196,8 +201,7 @@
 	krbret = krb5_parse_name(pam_context, principal, princ);
 	free(principal);
 	if (krbret != 0) {
-		PAM_LOG(Error krb5_parse_name(): %s,
-		krb5_get_err_text(pam_context, krbret));
+		log_krb5(pam_context, Error krb5_parse_name(): %s, krbret);
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup3;
@@ -208,8 +212,7 @@
 	/* Now convert the principal name into something human readable */
 	krbret = krb5_unparse_name(pam_context, princ, princ_name);
 	if (krbret != 0) {
-		PAM_LOG(Error krb5_unparse_name(): %s,
-		krb5_get_err_text(pam_context, krbret));
+		log_krb5(pam_context, Error krb5_unparse_name(): %s, krbret);
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup2;
@@ -233,8 +236,8 @@
 		sizeof(luser), luser);
 		if (krbret != 0) {
 			PAM_VERBOSE_ERROR(Kerberos 5 error);
-			PAM_LOG(Error krb5_aname_to_localname(): %s,
-			krb5_get_err_text(pam_context, krbret));
+			log_krb5(pam_context,
+			Error krb5_aname_to_localname(): %s, krbret);
 			retval = PAM_USER_UNKNOWN;
 			goto cleanup2;
 		}
@@ -257,11 +260,11 @@
 	/* Get a TGT */
 	memset(creds, 0, sizeof(krb5_creds));
 	krbret = krb5_get_init_creds_password(pam_context, creds, princ,
-	pass, NULL, pamh, 0, NULL, opts);
+	pass, NULL, pamh, 0, NULL, opts);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		PAM_LOG(Error krb5_get_init_creds_password(): %s,
-		krb5_get_err_text(pam_context, krbret));
+		log_krb5(pam_context,
+		Error krb5_get_init_creds_password(): %s, krbret);
 		retval = PAM_AUTH_ERR;
 		goto cleanup2;
 	}
@@ -269,27 +272,24 @@
 	PAM_LOG(Got TGT);
 
 	/* Generate a temporary cache */
-	krbret = krb5_cc_gen_new(pam_context, krb5_mcc_ops, ccache);
+	krbret = krb5_cc_new_unique(pam_context, MEMORY, NULL, ccache);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		PAM_LOG(Error krb5_cc_gen_new(): %s,
-		krb5_get_err_text(pam_context, krbret));
+		log_krb5(pam_context, Error krb5_cc_gen_new(): %s, krbret);
 		retval = PAM_SERVICE_ERR;
 		goto cleanup;
 	}
 	krbret = krb5_cc_initialize(pam_context, ccache, princ);
 	if (krbret != 0) {
 		PAM_VERBOSE_ERROR(Kerberos 5 error);
-		PAM_LOG(Error krb5_cc_initialize(): %s,
-		krb5_get_err_text(pam_context, krbret));
+		log_krb5(pam_context, Error krb5_cc_initialize(): %s, krbret);
 		retval = PAM_SERVICE_ERR;

CVS commit: src/lib/libpam/modules/pam_krb5

2011-04-02 Thread Marc Balmer

Module Name:src
Committed By:   mbalmer
Date:   Sat Apr  2 10:22:09 UTC 2011

Modified Files:
src/lib/libpam/modules/pam_krb5: pam_krb5.c

Log Message:
Fix misplaced parenthesis, from henning.peter...@t-online.de, thanks.


To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 src/lib/libpam/modules/pam_krb5/pam_krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/libpam/modules/pam_krb5/pam_krb5.c
diff -u src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.22 src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.23
--- src/lib/libpam/modules/pam_krb5/pam_krb5.c:1.22	Sun Mar  8 19:38:03 2009
+++ src/lib/libpam/modules/pam_krb5/pam_krb5.c	Sat Apr  2 10:22:09 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: pam_krb5.c,v 1.22 2009/03/08 19:38:03 christos Exp $	*/
+/*	$NetBSD: pam_krb5.c,v 1.23 2011/04/02 10:22:09 mbalmer Exp $	*/
 
 /*-
  * This pam_krb5 module contains code that is:
@@ -53,7 +53,7 @@
 #ifdef __FreeBSD__
 __FBSDID($FreeBSD: src/lib/libpam/modules/pam_krb5/pam_krb5.c,v 1.22 2005/01/24 16:49:50 rwatson Exp $);
 #else
-__RCSID($NetBSD: pam_krb5.c,v 1.22 2009/03/08 19:38:03 christos Exp $);
+__RCSID($NetBSD: pam_krb5.c,v 1.23 2011/04/02 10:22:09 mbalmer Exp $);
 #endif
 
 #include sys/types.h
@@ -540,7 +540,7 @@
 
 	/* Copy the creds (should be two of them) */
 	while ((krbret = krb5_cc_next_cred(pam_context, ccache_temp,
-cursor, creds) == 0)) {
+cursor, creds)) == 0) {
 
 		krbret = krb5_cc_store_cred(pam_context, ccache_perm, creds);
 		if (krbret != 0) {

CVS commit: src/lib/libpam/modules/pam_krb5

CVS commit: src/lib/libpam/modules/pam_krb5

CVS commit: src/lib/libpam/modules/pam_krb5

CVS commit: src/lib/libpam/modules/pam_krb5

CVS commit: src/lib/libpam/modules/pam_krb5

5 matches

Site Navigation

Mail list logo

Footer information