packages/pam
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
pam/backport-Move-read_passwords-function-from-pam_unix-to-pam_inline.h.patch

203 lines
6.0 KiB
Diff
Raw Permalink Blame History

From 48f44125fac8873237ade9e94942f82a8e6d6e1d Mon Sep 17 00:00:00 2001
From: ikerexxe <ipedrosa@redhat.com>
Date: Wed, 15 Jul 2020 09:45:12 +0200
Subject: [PATCH] Move read_passwords function from pam_unix to pam_inline.h
[ldv: rewrote commit message]
* modules/pam_unix/passverify.h (read_passwords): Remove prototype.
* modules/pam_unix/passverify.c (read_passwords): Move ...
* libpam/include/pam_inline.h: ... here, rename to pam_read_passwords,
add static inline qualifiers.
Include <unistd.h> and <errno.h>.
* modules/pam_unix/unix_chkpwd.c: Include "pam_inline.h".
(main): Replace read_passwords with pam_read_passwords.
* modules/pam_unix/unix_update.c: Include "pam_inline.h".
(set_password): Replace read_passwords with pam_read_passwords.
---
libpam/include/pam_inline.h | 50 ++++++++++++++++++++++++++++++++++++++++++
modules/pam_unix/passverify.c | 43 ------------------------------------
modules/pam_unix/passverify.h | 2 --
modules/pam_unix/unix_chkpwd.c | 3 ++-
modules/pam_unix/unix_update.c | 3 ++-
5 files changed, 54 insertions(+), 47 deletions(-)
diff --git a/libpam/include/pam_inline.h b/libpam/include/pam_inline.h
index ec05fe4..8040b86 100644
--- a/libpam/include/pam_inline.h
+++ b/libpam/include/pam_inline.h
@@ -10,6 +10,8 @@
#include "pam_cc_compat.h"
#include <string.h>
+#include <unistd.h>
+#include <errno.h>
/*
* Evaluates to
@@ -64,4 +66,52 @@ pam_str_skip_icase_prefix_len(const char *str, const char *prefix, size_t prefix
#define pam_str_skip_icase_prefix(str_, prefix_) \
pam_str_skip_icase_prefix_len((str_), (prefix_), sizeof(prefix_) - 1 + PAM_MUST_BE_ARRAY(prefix_))
+static inline int
+pam_read_passwords(int fd, int npass, char **passwords)
+{
+ /*
+ * The passwords array must contain npass preallocated
+ * buffers of length PAM_MAX_RESP_SIZE + 1.
+ */
+ int rbytes = 0;
+ int offset = 0;
+ int i = 0;
+ char *pptr;
+ while (npass > 0) {
+ rbytes = read(fd, passwords[i]+offset, PAM_MAX_RESP_SIZE+1-offset);
+
+ if (rbytes < 0) {
+ if (errno == EINTR) {
+ continue;
+ }
+ break;
+ }
+ if (rbytes == 0) {
+ break;
+ }
+
+ while (npass > 0 && (pptr=memchr(passwords[i]+offset, '\0', rbytes))
+ != NULL) {
+ rbytes -= pptr - (passwords[i]+offset) + 1;
+ i++;
+ offset = 0;
+ npass--;
+ if (rbytes > 0) {
+ if (npass > 0) {
+ memcpy(passwords[i], pptr+1, rbytes);
+ }
+ memset(pptr+1, '\0', rbytes);
+ }
+ }
+ offset += rbytes;
+ }
+
+ /* clear up */
+ if (offset > 0 && npass > 0) {
+ memset(passwords[i], '\0', offset);
+ }
+
+ return i;
+}
+
#endif /* PAM_INLINE_H */
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index a571b4f..4094b31 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -1180,49 +1180,6 @@ getuidname(uid_t uid)
return username;
}
-int
-read_passwords(int fd, int npass, char **passwords)
-{
- /* The passwords array must contain npass preallocated
- * buffers of length MAXPASS + 1
- */
- int rbytes = 0;
- int offset = 0;
- int i = 0;
- char *pptr;
- while (npass > 0) {
- rbytes = read(fd, passwords[i]+offset, MAXPASS+1-offset);
-
- if (rbytes < 0) {
- if (errno == EINTR) continue;
- break;
- }
- if (rbytes == 0)
- break;
-
- while (npass > 0 && (pptr=memchr(passwords[i]+offset, '\0', rbytes))
- != NULL) {
- rbytes -= pptr - (passwords[i]+offset) + 1;
- i++;
- offset = 0;
- npass--;
- if (rbytes > 0) {
- if (npass > 0)
- memcpy(passwords[i], pptr+1, rbytes);
- memset(pptr+1, '\0', rbytes);
- }
- }
- offset += rbytes;
- }
-
- /* clear up */
- if (offset > 0 && npass > 0) {
- memset(passwords[i], '\0', offset);
- }
-
- return i;
-}
-
#endif
/* ****************************************************************** *
* Copyright (c) Jan Rękorajski 1999.
diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h
index e9a88fb..abd3f3e 100644
--- a/modules/pam_unix/passverify.h
+++ b/modules/pam_unix/passverify.h
@@ -50,8 +50,6 @@ setup_signals(void);
char *
getuidname(uid_t uid);
-int
-read_passwords(int fd, int npass, char **passwords);
#endif
#ifdef HELPER_COMPILE
diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c
index 4384deb..7d0718c 100644
--- a/modules/pam_unix/unix_chkpwd.c
+++ b/modules/pam_unix/unix_chkpwd.c
@@ -33,6 +33,7 @@
#include <security/_pam_macros.h>
#include "passverify.h"
+#include "pam_inline.h"
static int _check_expiry(const char *uname)
{
@@ -162,7 +163,7 @@ int main(int argc, char *argv[])
}
/* read the password from stdin (a pipe from the pam_unix module) */
- npass = read_passwords(STDIN_FILENO, 1, passwords);
+ npass = pam_read_passwords(STDIN_FILENO, 1, passwords);
if (npass != 1) { /* is it a valid password? */
helper_log_err(LOG_DEBUG, "no password supplied");
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c
index 6ea7ea5..b6236cc 100644
--- a/modules/pam_unix/unix_update.c
+++ b/modules/pam_unix/unix_update.c
@@ -32,6 +32,7 @@
#include <security/_pam_macros.h>
#include "passverify.h"
+#include "pam_inline.h"
static int
set_password(const char *forwho, const char *shadow, const char *remember)
@@ -49,7 +50,7 @@ set_password(const char *forwho, const char *shadow, const char *remember)
/* read the password from stdin (a pipe from the pam_unix module) */
- npass = read_passwords(STDIN_FILENO, 2, passwords);
+ npass = pam_read_passwords(STDIN_FILENO, 2, passwords);
if (npass != 2) { /* is it a valid password? */
if (npass == 1) {
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink