summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--auth-pam.c26
2 files changed, 23 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index c153fd19f..4dec60c1b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -97,6 +97,10 @@
97 ok deraadt@, cloder@, djm@ 97 ok deraadt@, cloder@, djm@
98 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on 98 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on
99 Cygwin. 99 Cygwin.
100 - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:
101 warning: dereferencing type-punned pointer will break strict-aliasing rules
102 warning: passing arg 3 of `pam_get_item' from incompatible pointer type
103 The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
100 104
10120050524 10520050524
102 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 106 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
@@ -2596,4 +2600,4 @@
2596 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 2600 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
2597 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 2601 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2598 2602
2599$Id: ChangeLog,v 1.3787 2005/05/26 03:43:57 dtucker Exp $ 2603$Id: ChangeLog,v 1.3788 2005/05/26 09:59:48 dtucker Exp $
diff --git a/auth-pam.c b/auth-pam.c
index a8d372aac..db80017ef 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -47,7 +47,7 @@
47 47
48/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ 48/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
49#include "includes.h" 49#include "includes.h"
50RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $"); 50RCSID("$Id: auth-pam.c,v 1.123 2005/05/26 09:59:48 dtucker Exp $");
51 51
52#ifdef USE_PAM 52#ifdef USE_PAM
53#if defined(HAVE_SECURITY_PAM_APPL_H) 53#if defined(HAVE_SECURITY_PAM_APPL_H)
@@ -56,6 +56,13 @@ RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $");
56#include <pam/pam_appl.h> 56#include <pam/pam_appl.h>
57#endif 57#endif
58 58
59/* OpenGroup RFC86.0 and XSSO specify no "const" on arguments */
60#ifdef PAM_SUN_CODEBASE
61# define sshpam_const /* Solaris, HP-UX, AIX */
62#else
63# define sshpam_const const /* LinuxPAM, OpenPAM */
64#endif
65
59#include "auth.h" 66#include "auth.h"
60#include "auth-pam.h" 67#include "auth-pam.h"
61#include "buffer.h" 68#include "buffer.h"
@@ -300,7 +307,7 @@ import_environments(Buffer *b)
300 * Conversation function for authentication thread. 307 * Conversation function for authentication thread.
301 */ 308 */
302static int 309static int
303sshpam_thread_conv(int n, struct pam_message **msg, 310sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
304 struct pam_response **resp, void *data) 311 struct pam_response **resp, void *data)
305{ 312{
306 Buffer buffer; 313 Buffer buffer;
@@ -399,8 +406,10 @@ sshpam_thread(void *ctxtp)
399 char **env_from_pam; 406 char **env_from_pam;
400 u_int i; 407 u_int i;
401 const char *pam_user; 408 const char *pam_user;
409 const char **ptr_pam_user = &pam_user;
402 410
403 pam_get_item(sshpam_handle, PAM_USER, (void **)&pam_user); 411 pam_get_item(sshpam_handle, PAM_USER,
412 (sshpam_const void **)ptr_pam_user);
404 environ[0] = NULL; 413 environ[0] = NULL;
405 414
406 if (sshpam_authctxt != NULL) { 415 if (sshpam_authctxt != NULL) {
@@ -492,7 +501,7 @@ sshpam_thread_cleanup(void)
492} 501}
493 502
494static int 503static int
495sshpam_null_conv(int n, struct pam_message **msg, 504sshpam_null_conv(int n, sshpam_const struct pam_message **msg,
496 struct pam_response **resp, void *data) 505 struct pam_response **resp, void *data)
497{ 506{
498 debug3("PAM: %s entering, %d messages", __func__, n); 507 debug3("PAM: %s entering, %d messages", __func__, n);
@@ -502,7 +511,7 @@ sshpam_null_conv(int n, struct pam_message **msg,
502static struct pam_conv null_conv = { sshpam_null_conv, NULL }; 511static struct pam_conv null_conv = { sshpam_null_conv, NULL };
503 512
504static int 513static int
505sshpam_store_conv(int n, struct pam_message **msg, 514sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
506 struct pam_response **resp, void *data) 515 struct pam_response **resp, void *data)
507{ 516{
508 struct pam_response *reply; 517 struct pam_response *reply;
@@ -571,11 +580,12 @@ sshpam_init(Authctxt *authctxt)
571{ 580{
572 extern char *__progname; 581 extern char *__progname;
573 const char *pam_rhost, *pam_user, *user = authctxt->user; 582 const char *pam_rhost, *pam_user, *user = authctxt->user;
583 const char **ptr_pam_user = &pam_user;
574 584
575 if (sshpam_handle != NULL) { 585 if (sshpam_handle != NULL) {
576 /* We already have a PAM context; check if the user matches */ 586 /* We already have a PAM context; check if the user matches */
577 sshpam_err = pam_get_item(sshpam_handle, 587 sshpam_err = pam_get_item(sshpam_handle,
578 PAM_USER, (void **)&pam_user); 588 PAM_USER, (sshpam_const void **)ptr_pam_user);
579 if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) 589 if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0)
580 return (0); 590 return (0);
581 pam_end(sshpam_handle, sshpam_err); 591 pam_end(sshpam_handle, sshpam_err);
@@ -891,7 +901,7 @@ do_pam_setcred(int init)
891} 901}
892 902
893static int 903static int
894sshpam_tty_conv(int n, struct pam_message **msg, 904sshpam_tty_conv(int n, sshpam_const struct pam_message **msg,
895 struct pam_response **resp, void *data) 905 struct pam_response **resp, void *data)
896{ 906{
897 char input[PAM_MAX_MSG_SIZE]; 907 char input[PAM_MAX_MSG_SIZE];
@@ -1050,7 +1060,7 @@ free_pam_environment(char **env)
1050 * display. 1060 * display.
1051 */ 1061 */
1052static int 1062static int
1053sshpam_passwd_conv(int n, struct pam_message **msg, 1063sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
1054 struct pam_response **resp, void *data) 1064 struct pam_response **resp, void *data)
1055{ 1065{
1056 struct pam_response *reply; 1066 struct pam_response *reply;