From 606077ee1e77af5908431d003fb28461ef7be092 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 17 May 2019 13:14:12 +1000 Subject: Add no-op implementation of pam_putenv. Some platforms such as HP-UX do not have pam_putenv. Currently the calls are ifdef'ed out, but a new one was recently added. Remove the ifdefs and add a no-op implementation. bz#3008, ok djm. --- auth-pam.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'auth-pam.c') diff --git a/auth-pam.c b/auth-pam.c index bde0a8f56..289d9f4f7 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -266,6 +266,14 @@ pam_getenvlist(pam_handle_t *pamh) } #endif +#ifndef HAVE_PAM_PUTENV +static int +pam_putenv(pam_handle_t *pamh, const char *name_value) +{ + return PAM_SUCCESS; +} +#endif /* HAVE_PAM_PUTENV */ + /* * Some platforms, notably Solaris, do not enforce password complexity * rules during pam_chauthtok() if the real uid of the calling process @@ -360,13 +368,11 @@ import_environments(struct sshbuf *b) for (i = 0; i < num_env; i++) { if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -#ifdef HAVE_PAM_PUTENV /* Errors are not fatal here */ if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) { error("PAM: pam_putenv: %s", pam_strerror(sshpam_handle, r)); } -#endif /* XXX leak env? */ } #endif @@ -1205,7 +1211,6 @@ int do_pam_putenv(char *name, char *value) { int ret = 1; -#ifdef HAVE_PAM_PUTENV char *compound; size_t len; @@ -1215,7 +1220,6 @@ do_pam_putenv(char *name, char *value) snprintf(compound, len, "%s=%s", name, value); ret = pam_putenv(sshpam_handle, compound); free(compound); -#endif return (ret); } -- cgit v1.2.3 From 1bd4f7f25f653e0cadb2e6f25d79bc3c35c6aa4d Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Thu, 25 Apr 2019 13:36:27 -0700 Subject: pthread_create(3) returns positive values on failure. Found by inspection after finding similar bugs in other code used by Android. --- auth-pam.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'auth-pam.c') diff --git a/auth-pam.c b/auth-pam.c index 289d9f4f7..8efd7b672 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -777,6 +777,7 @@ sshpam_init_ctx(Authctxt *authctxt) { struct pam_ctxt *ctxt; int socks[2]; + int result; debug3("PAM: %s entering", __func__); /* @@ -803,9 +804,10 @@ sshpam_init_ctx(Authctxt *authctxt) } ctxt->pam_psock = socks[0]; ctxt->pam_csock = socks[1]; - if (pthread_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) { + result = pthread_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt); + if (result != 0) { error("PAM: failed to start authentication thread: %s", - strerror(errno)); + strerror(result)); close(socks[0]); close(socks[1]); free(ctxt); -- cgit v1.2.3 From d220b675205185e0b4d6b6524acc2e5c599ef0e2 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 7 Jun 2019 14:26:54 +1000 Subject: Have pthread_create return errno on failure. According to POSIX, pthread_create returns the failure reason in the non-zero function return code so make the fork wrapper do that. Matches previous change. --- auth-pam.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'auth-pam.c') diff --git a/auth-pam.c b/auth-pam.c index 8efd7b672..c0504fd05 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -197,7 +197,7 @@ pthread_create(sp_pthread_t *thread, const void *attr, switch ((pid = fork())) { case -1: error("fork(): %s", strerror(errno)); - return (-1); + return errno; case 0: close(ctx->pam_psock); ctx->pam_psock = -1; @@ -776,8 +776,7 @@ static void * sshpam_init_ctx(Authctxt *authctxt) { struct pam_ctxt *ctxt; - int socks[2]; - int result; + int result, socks[2]; debug3("PAM: %s entering", __func__); /* -- cgit v1.2.3 From fc0340f7c4ee29bfb12bd1de9f99defa797e16b4 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 8 Jun 2019 00:10:59 +1000 Subject: Typo fixes in error messages. Patch from knweiss at gmail.com via github pull req #97 (portable- specific parts). --- auth-pam.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'auth-pam.c') diff --git a/auth-pam.c b/auth-pam.c index c0504fd05..55253e6ab 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -258,7 +258,7 @@ static char ** pam_getenvlist(pam_handle_t *pamh) { /* - * XXX - If necessary, we can still support envrionment passing + * XXX - If necessary, we can still support environment passing * for platforms without pam_getenvlist by searching for known * env vars (e.g. KRB5CCNAME) from the PAM environment. */ @@ -541,7 +541,7 @@ sshpam_thread(void *ctxtp) for (i = 0; environ[i] != NULL; i++) { /* Count */ if (i > INT_MAX) - fatal("%s: too many enviornment strings", __func__); + fatal("%s: too many environment strings", __func__); } if ((r = sshbuf_put_u32(buffer, i)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); @@ -554,7 +554,7 @@ sshpam_thread(void *ctxtp) for (i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) { /* Count */ if (i > INT_MAX) - fatal("%s: too many PAM enviornment strings", __func__); + fatal("%s: too many PAM environment strings", __func__); } if ((r = sshbuf_put_u32(buffer, i)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); -- cgit v1.2.3 From ec0e6243660bf2df30c620a6a0d83eded376c9c6 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 13 Sep 2019 13:14:39 +1000 Subject: memleak of buffer in sshpam_query coverity report via Ed Maste; ok dtucker@ --- auth-pam.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'auth-pam.c') diff --git a/auth-pam.c b/auth-pam.c index 55253e6ab..d3f400bc3 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -851,6 +851,7 @@ sshpam_query(void *ctx, char **name, char **info, plen += mlen; **echo_on = (type == PAM_PROMPT_ECHO_ON); free(msg); + sshbuf_free(buffer); return (0); case PAM_ERROR_MSG: case PAM_TEXT_INFO: @@ -879,6 +880,7 @@ sshpam_query(void *ctx, char **name, char **info, **echo_on = 0; ctxt->pam_done = -1; free(msg); + sshbuf_free(buffer); return 0; } /* FALLTHROUGH */ @@ -905,6 +907,7 @@ sshpam_query(void *ctx, char **name, char **info, **echo_on = 0; ctxt->pam_done = 1; free(msg); + sshbuf_free(buffer); return (0); } error("PAM: %s for %s%.100s from %.100s", msg, @@ -916,9 +919,11 @@ sshpam_query(void *ctx, char **name, char **info, **echo_on = 0; free(msg); ctxt->pam_done = -1; + sshbuf_free(buffer); return (-1); } } + sshbuf_free(buffer); return (-1); } -- cgit v1.2.3