diff options
| author | Andreas Schneider <asn@samba.org> | 2018-02-22 17:00:14 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2018-03-01 09:53:45 +0100 |
| commit | 0cf640a2f401d43421d4d8c244bdb50da8bebd86 (patch) | |
| tree | 3149b7fa829d671df06b012fb447dd0d28aed56b /third_party | |
| parent | ea3a80e66967cab13a664c50ae5f7d23be805e22 (diff) | |
| download | samba-0cf640a2f401d43421d4d8c244bdb50da8bebd86.tar.gz | |
third_party: Update pam_wrapper to version 1.0.5
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'third_party')
| -rw-r--r-- | third_party/pam_wrapper/pam_wrapper.c | 67 | ||||
| -rw-r--r-- | third_party/pam_wrapper/wscript | 2 |
2 files changed, 39 insertions, 30 deletions
diff --git a/third_party/pam_wrapper/pam_wrapper.c b/third_party/pam_wrapper/pam_wrapper.c index 2db9bcca889..482b38841a3 100644 --- a/third_party/pam_wrapper/pam_wrapper.c +++ b/third_party/pam_wrapper/pam_wrapper.c @@ -34,6 +34,7 @@ #include <libgen.h> #include <signal.h> #include <limits.h> +#include <ctype.h> #include <ftw.h> @@ -508,22 +509,20 @@ static const char *libpam_pam_strerror(pam_handle_t *pamh, int errnum) return pwrap.libpam.symbols._libpam_pam_strerror.f(discard_const_p(pam_handle_t, pamh), errnum); } -#if defined(HAVE_PAM_VSYSLOG) || defined(HAVE_PAM_SYSLOG) +#ifdef HAVE_PAM_VSYSLOG static void libpam_pam_vsyslog(const pam_handle_t *pamh, int priority, const char *fmt, va_list args) { -#ifdef HAVE_PAM_VSYSLOG pwrap_bind_symbol_libpam(pam_vsyslog); pwrap.libpam.symbols._libpam_pam_vsyslog.f(pamh, priority, fmt, args); -#endif } -#endif +#endif /* HAVE_PAM_VSYSLOG */ /********************************************************* * PWRAP INIT @@ -762,13 +761,15 @@ static void pwrap_init(void) char tmp_config_dir[] = "/tmp/pam.X"; size_t len = strlen(tmp_config_dir); const char *env; - uint32_t i; + struct stat sb; int rc; + unsigned i; char pam_library[128] = { 0 }; char libpam_path[1024] = { 0 }; ssize_t ret; FILE *pidfile; char pidfile_path[1024] = { 0 }; + char letter; if (!pam_wrapper_enabled()) { return; @@ -778,33 +779,36 @@ static void pwrap_init(void) return; } - PWRAP_LOG(PWRAP_LOG_DEBUG, "Initialize pam_wrapper"); - - for (i = 0; i < 36; i++) { - struct stat sb; - char c; - - if (i < 10) { - c = (char)(i + 48); - } else { - c = (char)(i + 87); + /* + * The name is selected to match/replace /etc/pam.d + * We start from a random alphanum trying letters until + * an available directory is found. + */ + letter = 48 + (getpid() % 70); + for (i = 0; i < 127; i++) { + if (isalpha(letter) || isdigit(letter)) { + tmp_config_dir[len - 1] = letter; + + rc = lstat(tmp_config_dir, &sb); + if (rc == 0) { + PWRAP_LOG(PWRAP_LOG_TRACE, + "Check if pam_wrapper dir %s is a " + "stale directory", + tmp_config_dir); + pwrap_clean_stale_dirs(tmp_config_dir); + } else if (rc < 0) { + if (errno != ENOENT) { + continue; + } + break; /* found */ + } } - tmp_config_dir[len - 1] = c; - rc = lstat(tmp_config_dir, &sb); - if (rc == 0) { - PWRAP_LOG(PWRAP_LOG_TRACE, - "Check if pam_wrapper dir %s is a " - "stale directory", - tmp_config_dir); - pwrap_clean_stale_dirs(tmp_config_dir); - continue; - } else if (errno == ENOENT) { - break; - } + letter++; + letter %= 127; } - if (i == 36) { + if (i == 127) { PWRAP_LOG(PWRAP_LOG_ERROR, "Failed to find a possible path to create " "pam_wrapper config dir: %s", @@ -812,6 +816,10 @@ static void pwrap_init(void) exit(1); } + PWRAP_LOG(PWRAP_LOG_DEBUG, "Initialize pam_wrapper"); + + pwrap_clean_stale_dirs(tmp_config_dir); + pwrap.config_dir = strdup(tmp_config_dir); if (pwrap.config_dir == NULL) { PWRAP_LOG(PWRAP_LOG_ERROR, @@ -1490,7 +1498,6 @@ const char *pam_strerror(pam_handle_t *pamh, int errnum) } #if defined(HAVE_PAM_VSYSLOG) || defined(HAVE_PAM_SYSLOG) - static void pwrap_pam_vsyslog(const pam_handle_t *pamh, int priority, const char *fmt, @@ -1507,11 +1514,13 @@ static void pwrap_pam_vsyslog(const pam_handle_t *pamh, PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_pam_vsyslog called"); +#ifdef HAVE_PAM_VSYSLOG d = getenv("PAM_WRAPPER_USE_SYSLOG"); if (d != NULL && d[0] == '1') { libpam_pam_vsyslog(pamh, priority, fmt, args); return; } +#endif /* HAVE_PAM_VSYSLOG */ switch(priority) { case 0: /* LOG_EMERG */ diff --git a/third_party/pam_wrapper/wscript b/third_party/pam_wrapper/wscript index b9acf1b96eb..6749159da42 100644 --- a/third_party/pam_wrapper/wscript +++ b/third_party/pam_wrapper/wscript @@ -2,7 +2,7 @@ import os -VERSION="1.0.4" +VERSION="1.0.5" def find_library(library_names, lookup_paths): for directory in lookup_paths: |