diff options
Diffstat (limited to 'libpam')
-rw-r--r-- | libpam/include/security/_pam_macros.h | 9 | ||||
-rw-r--r-- | libpam/include/security/_pam_types.h | 14 | ||||
-rw-r--r-- | libpam/pam_end.c | 9 | ||||
-rw-r--r-- | libpam/pam_item.c | 26 | ||||
-rw-r--r-- | libpam/pam_misc.c | 22 | ||||
-rw-r--r-- | libpam/pam_private.h | 4 |
6 files changed, 84 insertions, 0 deletions
diff --git a/libpam/include/security/_pam_macros.h b/libpam/include/security/_pam_macros.h index f7da10a7..72aaf468 100644 --- a/libpam/include/security/_pam_macros.h +++ b/libpam/include/security/_pam_macros.h @@ -25,6 +25,15 @@ do { \ *__xx__++ = '\0'; \ } while (0) +#define _pam_overwrite_n(x,n) \ +do { \ + register char *__xx__; \ + register int __i__ = 0; \ + if ((__xx__=(x))) \ + for (;__i__<n; __i__++) \ + __xx__[__i__] = 0; \ +} while (0) + /* * Don't just free it, forget it too. */ diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h index 45bae97b..2f7e807f 100644 --- a/libpam/include/security/_pam_types.h +++ b/libpam/include/security/_pam_types.h @@ -138,8 +138,11 @@ typedef struct pam_handle pam_handle_t; #define PAM_OLDAUTHTOK 7 /* The old authentication token */ #define PAM_RUSER 8 /* The remote user name */ #define PAM_USER_PROMPT 9 /* the prompt for getting a username */ +/* Linux-PAM extensions */ #define PAM_FAIL_DELAY 10 /* app supplied function to override failure delays */ +#define PAM_XDISPLAY 11 /* X display name */ +#define PAM_XAUTHDATA 12 /* X server authentication data */ /* -------------- Special defines used by Linux-PAM -------------- */ @@ -279,6 +282,17 @@ struct pam_conv { void *appdata_ptr; }; +/* Used by the PAM_XAUTHDATA pam item. Contains X authentication + data used by modules to connect to the user's X display. Note: + this structure is intentionally compatible with xcb_auth_info_t. */ + +struct pam_xauth_data { + int namelen; + char *name; + int datalen; + char *data; +}; + /* ... adapted from the pam_appl.h file created by Theodore Ts'o and * * Copyright Theodore Ts'o, 1996. All rights reserved. diff --git a/libpam/pam_end.c b/libpam/pam_end.c index de1c26ed..f400c325 100644 --- a/libpam/pam_end.c +++ b/libpam/pam_end.c @@ -73,6 +73,15 @@ int pam_end(pam_handle_t *pamh, int pam_status) _pam_drop(pamh->former.substates); + _pam_overwrite(pamh->xdisplay); + _pam_drop(pamh->xdisplay); + + _pam_overwrite(pamh->xauth.name); + _pam_drop(pamh->xauth.name); + _pam_overwrite_n(pamh->xauth.data, pamh->xauth.datalen); + _pam_drop(pamh->xauth.data); + _pam_overwrite_n(&pamh->xauth, sizeof(pamh->xauth)); + /* and finally liberate the memory for the pam_handle structure */ _pam_drop(pamh); diff --git a/libpam/pam_item.c b/libpam/pam_item.c index 52efe80b..41d90087 100644 --- a/libpam/pam_item.c +++ b/libpam/pam_item.c @@ -138,6 +138,24 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item) pamh->fail_delay.delay_fn_ptr = item; break; + case PAM_XDISPLAY: + RESET(pamh->xdisplay, item); + break; + + case PAM_XAUTHDATA: + if (pamh->xauth.namelen) { + _pam_overwrite(pamh->xauth.name); + free(pamh->xauth.name); + } + if (pamh->xauth.datalen) { + _pam_overwrite_n(pamh->xauth.data, pamh->xauth.datalen); + free(pamh->xauth.data); + } + pamh->xauth = *((const struct pam_xauth_data *) item); + pamh->xauth.name = _pam_strdup(pamh->xauth.name); + pamh->xauth.data = _pam_memdup(pamh->xauth.data, pamh->xauth.datalen); + break; + default: retval = PAM_BAD_ITEM; } @@ -220,6 +238,14 @@ int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item) *item = pamh->fail_delay.delay_fn_ptr; break; + case PAM_XDISPLAY: + *item = pamh->xdisplay; + break; + + case PAM_XAUTHDATA: + *item = &pamh->xauth; + break; + default: retval = PAM_BAD_ITEM; } diff --git a/libpam/pam_misc.c b/libpam/pam_misc.c index 770c9cce..574a570e 100644 --- a/libpam/pam_misc.c +++ b/libpam/pam_misc.c @@ -137,6 +137,28 @@ char *_pam_strdup(const char *x) return new; /* return the duplicate or NULL on error */ } +/* + * Safe duplication of memory buffers. "Paranoid"; don't leave + * evidence of old token around for later stack analysis. + */ + +char *_pam_memdup(const char *x, int len) +{ + register char *new=NULL; + + if (x != NULL) { + if ((new = malloc(len)) == NULL) { + len = 0; + pam_syslog(NULL, LOG_CRIT, "_pam_memdup: failed to get memory"); + } else { + memcpy (new, x, len); + } + x = NULL; + } + + return new; /* return the duplicate or NULL on error */ +} + /* Generate argv, argc from s */ /* caller must free(argv) */ diff --git a/libpam/pam_private.h b/libpam/pam_private.h index bf32ad44..333f4d0f 100644 --- a/libpam/pam_private.h +++ b/libpam/pam_private.h @@ -152,9 +152,11 @@ struct pam_handle { char *rhost; char *ruser; char *tty; + char *xdisplay; struct pam_data *data; struct pam_environ *env; /* structure to maintain environment list */ struct _pam_fail_delay fail_delay; /* helper function for easy delays */ + struct pam_xauth_data xauth; /* auth info for X display */ struct service handlers; struct _pam_former_state former; /* library state - support for event driven applications */ @@ -267,6 +269,8 @@ char *_pam_StrTok(char *from, const char *format, char **next); char *_pam_strdup(const char *s); +char *_pam_memdup(const char *s, int len); + int _pam_mkargv(char *s, char ***argv, int *argc); void _pam_sanitize(pam_handle_t *pamh); |