summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTomas Mraz <tm@t8m.info>2008-12-02 11:15:13 +0000
committerTomas Mraz <tm@t8m.info>2008-12-02 11:15:13 +0000
commit7630ed2ce08055607206d25ba078cc081f1b12b7 (patch)
tree9cac0e90fe7a6863e90e585c8eb18d587aee7dee
parentf9cde35ec82267c2fa3012276a35a6f1b2cf131f (diff)
Relevant BUGIDs:
Purpose of commit: bugfix Commit summary: --------------- 2008-12-02 Olivier Fourdan <ofourdan@redhat.com> * modules/pam_filter/pam_filter.c (master): Use /dev/ptmx instead of the old BSD pseudoterminal API. (set_filter): Call grantpt(), unlockpt() and ptsname(). Do not close pseudoterminal handle in filter child. * modules/pam_filter/upperLOWER/upperLOWER.c (main): Use regular read() instead of pam_modutil_read() to allow for short reads.
-rw-r--r--ChangeLog10
-rw-r--r--modules/pam_filter/pam_filter.c74
-rw-r--r--modules/pam_filter/upperLOWER/upperLOWER.c6
3 files changed, 44 insertions, 46 deletions
diff --git a/ChangeLog b/ChangeLog
index 7f12805d..0eb8d73d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2008-12-02 Olivier Fourdan <ofourdan@redhat.com>
+
+ * modules/pam_filter/pam_filter.c (master): Use /dev/ptmx
+ instead of the old BSD pseudoterminal API.
+ (set_filter): Call grantpt(), unlockpt() and ptsname(). Do not
+ close pseudoterminal handle in filter child.
+ * modules/pam_filter/upperLOWER/upperLOWER.c (main): Use
+ regular read() instead of pam_modutil_read() to allow for
+ short reads.
+
2008-12-02 Tomas Mraz <t8m@centrum.cz>
* modules/pam_timestamp/Makefile.am: Add hmacfile to tests.
diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c
index 86bc172b..6b821efc 100644
--- a/modules/pam_filter/pam_filter.c
+++ b/modules/pam_filter/pam_filter.c
@@ -48,41 +48,18 @@
#include <stdarg.h>
-#define TERMINAL_LEN 12
+#define DEV_PTMX "/dev/ptmx"
static int
-master (const pam_handle_t *pamh, char *terminal)
-/*
- * try to open all of the terminals in sequence return first free one,
- * or -1
- */
+master (void)
{
- const char ptys[] = "pqrs", *pty = ptys;
- const char hexs[] = "0123456789abcdef", *hex;
- struct stat tstat;
- int fd;
-
- strcpy(terminal, "/dev/pty??");
-
- while (*pty) { /* step through four types */
- terminal[8] = *pty++;
- terminal[9] = '0';
- if (stat(terminal,&tstat) < 0) {
- pam_syslog(pamh, LOG_WARNING,
- "unknown pseudo terminal: %s", terminal);
- break;
- }
- for (hex = hexs; *hex; ) { /* step through 16 of these */
- terminal[9] = *hex++;
- if ((fd = open(terminal, O_RDWR)) >= 0) {
- return fd;
- }
- }
- }
-
- /* no terminal found */
-
- return -1;
+ int fd;
+
+ if ((fd = open(DEV_PTMX, O_RDWR)) >= 0) {
+ return fd;
+ }
+
+ return -1;
}
static int process_args(pam_handle_t *pamh
@@ -279,7 +256,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
const char **evp, const char *filtername)
{
int status=-1;
- char terminal[TERMINAL_LEN];
+ char* terminal = NULL;
struct termios stored_mode; /* initial terminal mode settings */
int fd[2], child=0, child2=0, aterminal;
@@ -299,7 +276,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
/* open the master pseudo terminal */
- fd[0] = master(pamh,terminal);
+ fd[0] = master();
if (fd[0] < 0) {
pam_syslog(pamh, LOG_CRIT, "no master terminal");
return PAM_AUTH_ERR;
@@ -392,8 +369,27 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
return PAM_ABORT;
}
+ /* grant slave terminal */
+ if (grantpt (fd[0]) < 0) {
+ pam_syslog(pamh, LOG_WARNING, "Cannot grant acccess to slave terminal");
+ return PAM_ABORT;
+ }
+
+ /* unlock slave terminal */
+ if (unlockpt (fd[0]) < 0) {
+ pam_syslog(pamh, LOG_WARNING, "Cannot unlock slave terminal");
+ return PAM_ABORT;
+ }
+
/* find slave's name */
- terminal[5] = 't'; /* want to open slave terminal */
+ terminal = ptsname(fd[0]); /* returned value should not be freed */
+
+ if (terminal == NULL) {
+ pam_syslog(pamh, LOG_WARNING,
+ "Cannot get the name of the slave terminal: %m");
+ return PAM_ABORT;
+ }
+
fd[1] = open(terminal, O_RDWR);
close(fd[0]); /* process is the child -- uses line fd[1] */
@@ -412,7 +408,6 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
close(fd[1]);
return PAM_ABORT;
}
-
} else {
/* nothing to do for a simple stream socket */
@@ -450,13 +445,6 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
return PAM_SUCCESS;
}
- /*
- * process is the parent here. So we can close the application's
- * input/output
- */
-
- close(fd[1]);
-
/* Clear out passwords... there is a security problem here in
* that this process never executes pam_end. Consequently, any
* other sensitive data in this process is *not* explicitly
diff --git a/modules/pam_filter/upperLOWER/upperLOWER.c b/modules/pam_filter/upperLOWER/upperLOWER.c
index 0ede4a0d..25e70a5a 100644
--- a/modules/pam_filter/upperLOWER/upperLOWER.c
+++ b/modules/pam_filter/upperLOWER/upperLOWER.c
@@ -89,7 +89,7 @@ int main(int argc, char **argv UNUSED)
/* application errors */
if ( FD_ISSET(APPERR_FILENO,&readers) ) {
- int got = pam_modutil_read(APPERR_FILENO, buffer, BUFSIZ);
+ int got = read(APPERR_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
@@ -102,7 +102,7 @@ int main(int argc, char **argv UNUSED)
}
}
} else if ( FD_ISSET(APPOUT_FILENO,&readers) ) { /* app output */
- int got = pam_modutil_read(APPOUT_FILENO, buffer, BUFSIZ);
+ int got = read(APPOUT_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
@@ -117,7 +117,7 @@ int main(int argc, char **argv UNUSED)
}
if ( FD_ISSET(STDIN_FILENO, &readers) ) { /* user input */
- int got = pam_modutil_read(STDIN_FILENO, buffer, BUFSIZ);
+ int got = read(STDIN_FILENO, buffer, BUFSIZ);
if (got < 0) {
syslog(LOG_WARNING,"user input junked");
break;