From d55a70abf9e45c755dac860375960d8b920ac6db Mon Sep 17 00:00:00 2001
From: Steve Langasek <vorlon@debian.org>
Date: Tue, 31 Aug 2010 22:47:56 -0700
Subject: debian/patches/hurd_no_setfsuid: pam_env and pam_mail now also use
 setfsuid, so patch them to be likewise Hurd-safe.

---
 debian/changelog                        |   2 +
 debian/patches-applied/hurd_no_setfsuid | 119 ++++++++++++++++++++++++++++++--
 2 files changed, 114 insertions(+), 7 deletions(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 17a82010..ba9add82 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,8 @@ pam (1.1.1-5) UNRELEASED; urgency=low
     upstream version which now implements minlen=, not min=.
   * Drop patches conditional_module,_conditional_man and
     mkhomedir_linking.patch, which are included upstream.
+  * debian/patches/hurd_no_setfsuid: pam_env and pam_mail now also use
+    setfsuid, so patch them to be likewise Hurd-safe.
 
  -- Steve Langasek <vorlon@debian.org>  Sun, 29 Aug 2010 00:56:28 -0700
 
diff --git a/debian/patches-applied/hurd_no_setfsuid b/debian/patches-applied/hurd_no_setfsuid
index 24ce40a0..f095ada3 100644
--- a/debian/patches-applied/hurd_no_setfsuid
+++ b/debian/patches-applied/hurd_no_setfsuid
@@ -18,9 +18,9 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
  #include <sys/wait.h>
  #include <errno.h>
  #include <fnmatch.h>
-@@ -218,6 +220,9 @@
+@@ -235,6 +237,9 @@
  	FILE *fp;
- 	int i;
+ 	int i, save_errno;
  	uid_t euid;
 +#ifndef HAVE_SYS_FSUID_H
 +	uid_t uid;
@@ -28,7 +28,7 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
  	/* Check this user's <sense> file. */
  	pwd = pam_modutil_getpwnam(pamh, this_user);
  	if (pwd == NULL) {
-@@ -234,9 +239,34 @@
+@@ -251,10 +256,35 @@
  		return PAM_SESSION_ERR;
  	}
  	euid = geteuid();
@@ -49,6 +49,7 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
 +	}
 +#endif
  	fp = fopen(path, "r");
+ 	save_errno = errno;
 +#ifdef HAVE_SYS_FSUID_H
  	setfsuid(euid);
 +#else
@@ -63,7 +64,7 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
  	if (fp != NULL) {
  		char buf[LINE_MAX], *tmp;
  		/* Scan the file for a list of specs of users to "trust". */
-@@ -306,6 +336,9 @@
+@@ -325,6 +355,9 @@
  	int fd, i, debug = 0;
  	int retval = PAM_SUCCESS;
  	uid_t systemuser = 499, targetuser = 0, euid;
@@ -73,7 +74,7 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
  
  	/* Parse arguments.  We don't understand many, so no sense in breaking
  	 * this into a separate function. */
-@@ -554,7 +587,22 @@
+@@ -573,7 +606,22 @@
  
  		/* Generate a new file to hold the data. */
  		euid = geteuid();
@@ -93,10 +94,10 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
 +			}
 +		}
 +#endif
- 		
+ 
  #ifdef WITH_SELINUX
  		if (is_selinux_enabled() > 0) {
-@@ -584,7 +632,17 @@
+@@ -603,7 +651,17 @@
  		save_errno = errno;
  #endif
  
@@ -114,3 +115,107 @@ Index: pam.deb/modules/pam_xauth/pam_xauth.c
  		if (fd == -1) {
  			errno = save_errno;
  			pam_syslog(pamh, LOG_ERR,
+Index: pam.deb/modules/pam_env/pam_env.c
+===================================================================
+--- pam.deb.orig/modules/pam_env/pam_env.c
++++ pam.deb/modules/pam_env/pam_env.c
+@@ -23,7 +23,9 @@
+ #include <string.h>
+ #include <syslog.h>
+ #include <sys/stat.h>
++#ifdef HAVE_SYS_FSUID_H
+ #include <sys/fsuid.h>
++#endif
+ #include <sys/types.h>
+ #include <unistd.h>
+ 
+@@ -792,9 +794,37 @@
+ 	}
+       if (stat(envpath, &statbuf) == 0) {
+ 	uid_t euid = geteuid();
++
++#ifdef HAVE_SYS_FSUID_H
+         setfsuid (user_entry->pw_uid);
++#else
++	uid_t uid = getuid();
++	if (uid == user_entry->pw_uid)
++	  setreuid(euid, uid);
++	else {
++	  setreuid(0, -1);
++	  if (setreuid(-1, uid) == -1) {
++	    setreuid(-1, 0);
++	    setreuid(0, -1);
++	    setreuid(-1, user_entry->pw_uid);
++	    /* If this fails we didn't have root privs anyway, so we fall
++	       through; not the safest, but no different from what we do in
++	       the setfsuid() case. */
++	  }
++	}
++#endif
+         retval = _parse_config_file(pamh, envpath);
++#ifdef HAVE_SYS_FSUID_H
+ 	setfsuid (euid);
++#else
++	if (uid == user_entry->pw_uid)
++	  setreuid(uid, euid);
++	else {
++	  if (setreuid(-1, 0) == 0)
++	    setreuid(uid, -1);
++	  setreuid(-1, euid);
++	}
++#endif
+         if (retval == PAM_IGNORE)
+           retval = PAM_SUCCESS;
+       }
+Index: pam.deb/modules/pam_mail/pam_mail.c
+===================================================================
+--- pam.deb.orig/modules/pam_mail/pam_mail.c
++++ pam.deb/modules/pam_mail/pam_mail.c
+@@ -17,7 +17,9 @@
+ #include <syslog.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
++#ifdef HAVE_SYS_FSUID_H
+ #include <sys/fsuid.h>
++#endif
+ #include <unistd.h>
+ #include <dirent.h>
+ #include <errno.h>
+@@ -446,9 +448,37 @@
+ 	|| (!est && (ctrl & PAM_LOGOUT_TOO))) {
+         uid_t euid = geteuid();
+ 
++ifdef HAVE_SYS_FSUID_H
+         setfsuid (pwd->pw_uid);
++#else
++	uid_t uid = getuid();
++
++	if (uid == pwd->pw_uid)
++	  setreuid(euid, uid);
++	else {
++	  setreuid(0, -1);
++	  if (setreuid(-1, uid) == -1) {
++	    setreuid(-1, 0);
++	    setreuid(0, -1);
++	    setreuid(-1, pwd->pw_uid);
++	    /* If this fails we didn't have root privs anyway, so we fall
++	       through; not the safest, but no different from what we do in
++	       the setfsuid() case. */
++	  }
++	}
++#endif
+ 	type = get_mail_status(pamh, ctrl, folder);
++#ifdef HAVE_SYS_FSUID_H
+ 	setfsuid (euid);
++#else
++	if (uid == pwd->pw_uid)
++	  setreuid(uid, euid);
++	else {
++	  if (setreuid(-1, 0) == 0)
++	    setreuid(uid, -1);
++	  setreuid(-1, euid);
++	}
++#endif
+ 
+ 	if (type != 0) {
+ 	    retval = report_mail(pamh, ctrl, type, folder);
-- 
cgit v1.2.3