summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2008-07-28 20:51:56 +0000
committerSteve Langasek <vorlon@debian.org>2008-07-28 20:51:56 +0000
commitb4a78564bec722ef5b17dbba4b2830b2c8d2085b (patch)
treecf22a65dbb995f5dc623154723fde97a1fdc1f8c
parentd8f48f659521b4f2b6403f9b9dc2a8eed1f8d399 (diff)
Relevant BUGIDs:
Purpose of commit: bugfix (thread safety) Commit summary: --------------- 2008-07-28 Steve Langasek <vorlon@debian.org> * modules/pam_unix/passverify.c: make save_old_password() thread-safe by using pam_modutil_getpwnam() instead of getpwnam() * modules/pam_unix/passverify.c, modules/pam_unix/passverify.h, modules/pam_unix/pam_unix_passwd.c: add pamh argument to save_old_password()
-rw-r--r--ChangeLog5
-rw-r--r--modules/pam_unix/pam_unix_passwd.c2
-rw-r--r--modules/pam_unix/passverify.c8
-rw-r--r--modules/pam_unix/passverify.h6
4 files changed, 19 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 677224a7..f178342f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,11 @@
* libpamc/test/regress/test.libpamc.c: use standard u_int8_t
type instead of __u8, as elsewhere.
Patch from Roger Leigh <rleigh@debian.org>.
+ * modules/pam_unix/passverify.c: make save_old_password()
+ thread-safe by using pam_modutil_getpwnam() instead of getpwnam()
+ * modules/pam_unix/passverify.c, modules/pam_unix/passverify.h,
+ modules/pam_unix/pam_unix_passwd.c: add pamh argument to
+ save_old_password()
2008-07-27 Steve Langasek <vorlon@debian.org>
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index abb04c53..240caddb 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -378,7 +378,7 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho,
return _unix_run_update_binary(pamh, ctrl, forwho, fromwhat, towhat, remember);
#endif
/* first, save old password */
- if (save_old_password(forwho, fromwhat, remember)) {
+ if (save_old_password(pamh, forwho, fromwhat, remember)) {
retval = PAM_AUTHTOK_ERR;
goto done;
}
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index ce5bc450..0f58b019 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -535,9 +535,15 @@ unlock_pwdf(void)
}
#endif
+#ifdef HELPER_COMPILE
int
save_old_password(const char *forwho, const char *oldpass,
int howmany)
+#else
+int
+save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass,
+ int howmany)
+#endif
{
static char buf[16384];
static char nbuf[16384];
@@ -653,7 +659,7 @@ save_old_password(const char *forwho, const char *oldpass,
fclose(opwfile);
if (!found) {
- pwd = getpwnam(forwho);
+ pwd = pam_modutil_getpwnam(pamh, forwho);
if (pwd == NULL) {
err = 1;
} else {
diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h
index e8e112d0..21bb9232 100644
--- a/modules/pam_unix/passverify.h
+++ b/modules/pam_unix/passverify.h
@@ -33,9 +33,15 @@ lock_pwdf(void);
void
unlock_pwdf(void);
+#ifdef HELPER_COMPILE
int
save_old_password(const char *forwho, const char *oldpass,
int howmany);
+#else
+int
+save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass,
+ int howmany);
+#endif
#ifdef HELPER_COMPILE
void