diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | auth-pam.c | 26 |
2 files changed, 23 insertions, 9 deletions
| @@ -97,6 +97,10 @@ | |||
| 97 | ok deraadt@, cloder@, djm@ | 97 | ok deraadt@, cloder@, djm@ |
| 98 | - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on | 98 | - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on |
| 99 | Cygwin. | 99 | Cygwin. |
| 100 | - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux: | ||
| 101 | warning: dereferencing type-punned pointer will break strict-aliasing rules | ||
| 102 | warning: passing arg 3 of `pam_get_item' from incompatible pointer type | ||
| 103 | The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@ | ||
| 100 | 104 | ||
| 101 | 20050524 | 105 | 20050524 |
| 102 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | 106 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| @@ -2596,4 +2600,4 @@ | |||
| 2596 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2600 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
| 2597 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2601 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
| 2598 | 2602 | ||
| 2599 | $Id: ChangeLog,v 1.3787 2005/05/26 03:43:57 dtucker Exp $ | 2603 | $Id: ChangeLog,v 1.3788 2005/05/26 09:59:48 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index a8d372aac..db80017ef 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -47,7 +47,7 @@ | |||
| 47 | 47 | ||
| 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
| 49 | #include "includes.h" | 49 | #include "includes.h" |
| 50 | RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.123 2005/05/26 09:59:48 dtucker Exp $"); |
| 51 | 51 | ||
| 52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
| 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
| @@ -56,6 +56,13 @@ RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $"); | |||
| 56 | #include <pam/pam_appl.h> | 56 | #include <pam/pam_appl.h> |
| 57 | #endif | 57 | #endif |
| 58 | 58 | ||
| 59 | /* OpenGroup RFC86.0 and XSSO specify no "const" on arguments */ | ||
| 60 | #ifdef PAM_SUN_CODEBASE | ||
| 61 | # define sshpam_const /* Solaris, HP-UX, AIX */ | ||
| 62 | #else | ||
| 63 | # define sshpam_const const /* LinuxPAM, OpenPAM */ | ||
| 64 | #endif | ||
| 65 | |||
| 59 | #include "auth.h" | 66 | #include "auth.h" |
| 60 | #include "auth-pam.h" | 67 | #include "auth-pam.h" |
| 61 | #include "buffer.h" | 68 | #include "buffer.h" |
| @@ -300,7 +307,7 @@ import_environments(Buffer *b) | |||
| 300 | * Conversation function for authentication thread. | 307 | * Conversation function for authentication thread. |
| 301 | */ | 308 | */ |
| 302 | static int | 309 | static int |
| 303 | sshpam_thread_conv(int n, struct pam_message **msg, | 310 | sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, |
| 304 | struct pam_response **resp, void *data) | 311 | struct pam_response **resp, void *data) |
| 305 | { | 312 | { |
| 306 | Buffer buffer; | 313 | Buffer buffer; |
| @@ -399,8 +406,10 @@ sshpam_thread(void *ctxtp) | |||
| 399 | char **env_from_pam; | 406 | char **env_from_pam; |
| 400 | u_int i; | 407 | u_int i; |
| 401 | const char *pam_user; | 408 | const char *pam_user; |
| 409 | const char **ptr_pam_user = &pam_user; | ||
| 402 | 410 | ||
| 403 | pam_get_item(sshpam_handle, PAM_USER, (void **)&pam_user); | 411 | pam_get_item(sshpam_handle, PAM_USER, |
| 412 | (sshpam_const void **)ptr_pam_user); | ||
| 404 | environ[0] = NULL; | 413 | environ[0] = NULL; |
| 405 | 414 | ||
| 406 | if (sshpam_authctxt != NULL) { | 415 | if (sshpam_authctxt != NULL) { |
| @@ -492,7 +501,7 @@ sshpam_thread_cleanup(void) | |||
| 492 | } | 501 | } |
| 493 | 502 | ||
| 494 | static int | 503 | static int |
| 495 | sshpam_null_conv(int n, struct pam_message **msg, | 504 | sshpam_null_conv(int n, sshpam_const struct pam_message **msg, |
| 496 | struct pam_response **resp, void *data) | 505 | struct pam_response **resp, void *data) |
| 497 | { | 506 | { |
| 498 | debug3("PAM: %s entering, %d messages", __func__, n); | 507 | debug3("PAM: %s entering, %d messages", __func__, n); |
| @@ -502,7 +511,7 @@ sshpam_null_conv(int n, struct pam_message **msg, | |||
| 502 | static struct pam_conv null_conv = { sshpam_null_conv, NULL }; | 511 | static struct pam_conv null_conv = { sshpam_null_conv, NULL }; |
| 503 | 512 | ||
| 504 | static int | 513 | static int |
| 505 | sshpam_store_conv(int n, struct pam_message **msg, | 514 | sshpam_store_conv(int n, sshpam_const struct pam_message **msg, |
| 506 | struct pam_response **resp, void *data) | 515 | struct pam_response **resp, void *data) |
| 507 | { | 516 | { |
| 508 | struct pam_response *reply; | 517 | struct pam_response *reply; |
| @@ -571,11 +580,12 @@ sshpam_init(Authctxt *authctxt) | |||
| 571 | { | 580 | { |
| 572 | extern char *__progname; | 581 | extern char *__progname; |
| 573 | const char *pam_rhost, *pam_user, *user = authctxt->user; | 582 | const char *pam_rhost, *pam_user, *user = authctxt->user; |
| 583 | const char **ptr_pam_user = &pam_user; | ||
| 574 | 584 | ||
| 575 | if (sshpam_handle != NULL) { | 585 | if (sshpam_handle != NULL) { |
| 576 | /* We already have a PAM context; check if the user matches */ | 586 | /* We already have a PAM context; check if the user matches */ |
| 577 | sshpam_err = pam_get_item(sshpam_handle, | 587 | sshpam_err = pam_get_item(sshpam_handle, |
| 578 | PAM_USER, (void **)&pam_user); | 588 | PAM_USER, (sshpam_const void **)ptr_pam_user); |
| 579 | if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) | 589 | if (sshpam_err == PAM_SUCCESS && strcmp(user, pam_user) == 0) |
| 580 | return (0); | 590 | return (0); |
| 581 | pam_end(sshpam_handle, sshpam_err); | 591 | pam_end(sshpam_handle, sshpam_err); |
| @@ -891,7 +901,7 @@ do_pam_setcred(int init) | |||
| 891 | } | 901 | } |
| 892 | 902 | ||
| 893 | static int | 903 | static int |
| 894 | sshpam_tty_conv(int n, struct pam_message **msg, | 904 | sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, |
| 895 | struct pam_response **resp, void *data) | 905 | struct pam_response **resp, void *data) |
| 896 | { | 906 | { |
| 897 | char input[PAM_MAX_MSG_SIZE]; | 907 | char input[PAM_MAX_MSG_SIZE]; |
| @@ -1050,7 +1060,7 @@ free_pam_environment(char **env) | |||
| 1050 | * display. | 1060 | * display. |
| 1051 | */ | 1061 | */ |
| 1052 | static int | 1062 | static int |
| 1053 | sshpam_passwd_conv(int n, struct pam_message **msg, | 1063 | sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, |
| 1054 | struct pam_response **resp, void *data) | 1064 | struct pam_response **resp, void *data) |
| 1055 | { | 1065 | { |
| 1056 | struct pam_response *reply; | 1066 | struct pam_response *reply; |