+2008-12-02 Olivier Fourdan <ofourdan@redhat.com>
+
+ * modules/pam_filter/pam_filter.c (master): Use /dev/ptmx
+ instead of the old BSD pseudoterminal API.
+ (set_filter): Call grantpt(), unlockpt() and ptsname(). Do not
+ close pseudoterminal handle in filter child.
+ * modules/pam_filter/upperLOWER/upperLOWER.c (main): Use
+ regular read() instead of pam_modutil_read() to allow for
+ short reads.
+
2008-12-02 Tomas Mraz <t8m@centrum.cz>
* modules/pam_timestamp/Makefile.am: Add hmacfile to tests.
#include <stdarg.h>
-#define TERMINAL_LEN 12
+#define DEV_PTMX "/dev/ptmx"
static int
-master (const pam_handle_t *pamh, char *terminal)
-/*
- * try to open all of the terminals in sequence return first free one,
- * or -1
- */
+master (void)
{
- const char ptys[] = "pqrs", *pty = ptys;
- const char hexs[] = "0123456789abcdef", *hex;
- struct stat tstat;
- int fd;
-
- strcpy(terminal, "/dev/pty??");
-
- while (*pty) { /* step through four types */
- terminal[8] = *pty++;
- terminal[9] = '0';
- if (stat(terminal,&tstat) < 0) {
- pam_syslog(pamh, LOG_WARNING,
- "unknown pseudo terminal: %s", terminal);
- break;
- }
- for (hex = hexs; *hex; ) { /* step through 16 of these */
- terminal[9] = *hex++;
- if ((fd = open(terminal, O_RDWR)) >= 0) {
- return fd;
- }
- }
- }
-
- /* no terminal found */
-
- return -1;
+ int fd;
+
+ if ((fd = open(DEV_PTMX, O_RDWR)) >= 0) {
+ return fd;
+ }
+
+ return -1;
}
static int process_args(pam_handle_t *pamh
const char **evp, const char *filtername)
{
int status=-1;
- char terminal[TERMINAL_LEN];
+ char* terminal = NULL;
struct termios stored_mode; /* initial terminal mode settings */
int fd[2], child=0, child2=0, aterminal;
/* open the master pseudo terminal */
- fd[0] = master(pamh,terminal);
+ fd[0] = master();
if (fd[0] < 0) {
pam_syslog(pamh, LOG_CRIT, "no master terminal");
return PAM_AUTH_ERR;
return PAM_ABORT;
}
+ /* grant slave terminal */
+ if (grantpt (fd[0]) < 0) {
+ pam_syslog(pamh, LOG_WARNING, "Cannot grant acccess to slave terminal");
+ return PAM_ABORT;
+ }
+
+ /* unlock slave terminal */
+ if (unlockpt (fd[0]) < 0) {
+ pam_syslog(pamh, LOG_WARNING, "Cannot unlock slave terminal");
+ return PAM_ABORT;
+ }
+
/* find slave's name */
- terminal[5] = 't'; /* want to open slave terminal */
+ terminal = ptsname(fd[0]); /* returned value should not be freed */
+
+ if (terminal == NULL) {
+ pam_syslog(pamh, LOG_WARNING,
+ "Cannot get the name of the slave terminal: %m");
+ return PAM_ABORT;
+ }
+
fd[1] = open(terminal, O_RDWR);
close(fd[0]); /* process is the child -- uses line fd[1] */
close(fd[1]);
return PAM_ABORT;
}
-
} else {
/* nothing to do for a simple stream socket */
return PAM_SUCCESS;
}
- /*
- * process is the parent here. So we can close the application's
- * input/output
- */
-
- close(fd[1]);
-
/* Clear out passwords... there is a security problem here in
* that this process never executes pam_end. Consequently, any
* other sensitive data in this process is *not* explicitly
/* application errors */
if ( FD_ISSET(APPERR_FILENO,&readers) ) {
- int got = pam_modutil_read(APPERR_FILENO, buffer, BUFSIZ);
+ int got = read(APPERR_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
}
}
} else if ( FD_ISSET(APPOUT_FILENO,&readers) ) { /* app output */
- int got = pam_modutil_read(APPOUT_FILENO, buffer, BUFSIZ);
+ int got = read(APPOUT_FILENO, buffer, BUFSIZ);
if (got <= 0) {
break;
} else {
}
if ( FD_ISSET(STDIN_FILENO, &readers) ) { /* user input */
- int got = pam_modutil_read(STDIN_FILENO, buffer, BUFSIZ);
+ int got = read(STDIN_FILENO, buffer, BUFSIZ);
if (got < 0) {
syslog(LOG_WARNING,"user input junked");
break;
projects / linux-pam / commitdiff