diff options
Diffstat (limited to 'debian/patches-applied/pam_unix_thread-safe_save_old_password.patch')
| -rw-r--r-- | debian/patches-applied/pam_unix_thread-safe_save_old_password.patch | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch b/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch new file mode 100644 index 00000000..094c63d2 --- /dev/null +++ b/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch @@ -0,0 +1,70 @@ +Patch to keep save_old_password() thread-safe when called by the PAM +module, since nothing blocks other threads from calling getpwnam in +parallel + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: to be submitted + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -535,9 +535,15 @@ + } + #endif + ++#ifdef HELPER_COMPILE + int + save_old_password(const char *forwho, const char *oldpass, + int howmany) ++#else ++int ++save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, ++ int howmany) ++#endif + { + static char buf[16384]; + static char nbuf[16384]; +@@ -653,7 +659,7 @@ + fclose(opwfile); + + if (!found) { +- pwd = getpwnam(forwho); ++ pwd = pam_modutil_getpwnam(pamh, forwho); + if (pwd == NULL) { + err = 1; + } else { +Index: pam.deb/modules/pam_unix/passverify.h +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.h ++++ pam.deb/modules/pam_unix/passverify.h +@@ -33,9 +33,15 @@ + void + unlock_pwdf(void); + ++#ifdef HELPER_COMPILE + int + save_old_password(const char *forwho, const char *oldpass, + int howmany); ++#else ++int ++save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, ++ int howmany); ++#endif + + #ifdef HELPER_COMPILE + void +Index: pam.deb/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_passwd.c ++++ pam.deb/modules/pam_unix/pam_unix_passwd.c +@@ -385,7 +385,7 @@ + return _unix_run_update_binary(pamh, ctrl, forwho, fromwhat, towhat, remember); + #endif + /* first, save old password */ +- if (save_old_password(forwho, fromwhat, remember)) { ++ if (save_old_password(pamh, forwho, fromwhat, remember)) { + retval = PAM_AUTHTOK_ERR; + goto done; + } |