summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/pam_exec/pam_exec.8.xml3
-rw-r--r--modules/pam_exec/pam_exec.c4
-rw-r--r--modules/pam_unix/pam_unix.8.xml7
-rw-r--r--modules/pam_unix/pam_unix_passwd.c23
-rw-r--r--modules/pam_unix/passverify.c5
-rw-r--r--modules/pam_unix/passverify.h2
-rw-r--r--modules/pam_unix/support.c7
7 files changed, 37 insertions, 14 deletions
diff --git a/modules/pam_exec/pam_exec.8.xml b/modules/pam_exec/pam_exec.8.xml
index 23793668..d1b00a21 100644
--- a/modules/pam_exec/pam_exec.8.xml
+++ b/modules/pam_exec/pam_exec.8.xml
@@ -106,7 +106,8 @@
During authentication the calling command can read
the password from <citerefentry>
<refentrytitle>stdin</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry>.
+ </citerefentry>. Only first <emphasis>PAM_MAX_RESP_SIZE</emphasis>
+ bytes of a password are provided to the command.
</para>
</listitem>
</varlistentry>
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index 5ab96303..17ba6ca2 100644
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -178,11 +178,11 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
}
pam_set_item (pamh, PAM_AUTHTOK, resp);
- authtok = strdupa (resp);
+ authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
_pam_drop (resp);
}
else
- authtok = void_pass;
+ authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
if (pipe(fds) != 0)
{
diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml
index 40084023..a8b64bb5 100644
--- a/modules/pam_unix/pam_unix.8.xml
+++ b/modules/pam_unix/pam_unix.8.xml
@@ -80,6 +80,13 @@
</para>
<para>
+ The maximum length of a password supported by the pam_unix module
+ via the helper binary is <emphasis>PAM_MAX_RESP_SIZE</emphasis>
+ - currently 512 bytes. The rest of the password provided by the
+ conversation function to the module will be ignored.
+ </para>
+
+ <para>
The password component of this module performs the task of updating
the user's password. The default encryption hash is taken from the
<emphasis remap='B'>ENCRYPT_METHOD</emphasis> variable from
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 2d330e51..c2e5de5e 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -240,15 +240,22 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const
/* wait for child */
/* if the stored password is NULL */
int rc=0;
- if (fromwhat)
- pam_modutil_write(fds[1], fromwhat, strlen(fromwhat)+1);
- else
- pam_modutil_write(fds[1], "", 1);
- if (towhat) {
- pam_modutil_write(fds[1], towhat, strlen(towhat)+1);
+ if (fromwhat) {
+ int len = strlen(fromwhat);
+
+ if (len > PAM_MAX_RESP_SIZE)
+ len = PAM_MAX_RESP_SIZE;
+ pam_modutil_write(fds[1], fromwhat, len);
}
- else
- pam_modutil_write(fds[1], "", 1);
+ pam_modutil_write(fds[1], "", 1);
+ if (towhat) {
+ int len = strlen(towhat);
+
+ if (len > PAM_MAX_RESP_SIZE)
+ len = PAM_MAX_RESP_SIZE;
+ pam_modutil_write(fds[1], towhat, len);
+ }
+ pam_modutil_write(fds[1], "", 1);
close(fds[0]); /* close here to avoid possible SIGPIPE above */
close(fds[1]);
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index b325602c..e79b55e6 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -1115,12 +1115,15 @@ getuidname(uid_t uid)
int
read_passwords(int fd, int npass, char **passwords)
{
+ /* The passwords array must contain npass preallocated
+ * buffers of length MAXPASS + 1
+ */
int rbytes = 0;
int offset = 0;
int i = 0;
char *pptr;
while (npass > 0) {
- rbytes = read(fd, passwords[i]+offset, MAXPASS-offset);
+ rbytes = read(fd, passwords[i]+offset, MAXPASS+1-offset);
if (rbytes < 0) {
if (errno == EINTR) continue;
diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h
index 3de67593..caf7ae8a 100644
--- a/modules/pam_unix/passverify.h
+++ b/modules/pam_unix/passverify.h
@@ -8,7 +8,7 @@
#define PAM_UNIX_RUN_HELPER PAM_CRED_INSUFFICIENT
-#define MAXPASS 200 /* the maximum length of a password */
+#define MAXPASS PAM_MAX_RESP_SIZE /* the maximum length of a password */
#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index fdb45c20..abccd828 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -609,7 +609,12 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
/* if the stored password is NULL */
int rc=0;
if (passwd != NULL) { /* send the password to the child */
- if (write(fds[1], passwd, strlen(passwd)+1) == -1) {
+ int len = strlen(passwd);
+
+ if (len > PAM_MAX_RESP_SIZE)
+ len = PAM_MAX_RESP_SIZE;
+ if (write(fds[1], passwd, len) == -1 ||
+ write(fds[1], "", 1) == -1) {
pam_syslog (pamh, LOG_ERR, "Cannot send password to helper: %m");
retval = PAM_AUTH_ERR;
}