Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/015-pam_conversation_fix.patch
author Huie-Ying Lee <huieying.lee@oracle.com>
Tue, 01 Jul 2014 13:51:11 -0700
changeset 1979 bdbb0de8834e
child 2206 e71c20dca64b
permissions -rw-r--r--
19034156 PAM coversation function for passwd auth method has an incorrect assumption 18890096 migrate PAM enhancements from SunSSH to OpenSSH
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1979
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     1
 
#
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     2
 
# This patch contains an important bug fix for the PAM password userauth
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     3
 
# conversation function. This bug fix was contributed back to the upstream in
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     4
 
# 2009, but it was not accepted by the upstream.  For more information, see
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     5
 
# https://bugzilla.mindrot.org/show_bug.cgi?id=1681.
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     6
 
#
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     7
 
--- orig/auth-pam.c	Fri Jun 20 14:55:27 2014
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     8
 
+++ new/auth-pam.c	Fri Jun 20 14:54:39 2014
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
     9
 
@@ -1111,11 +1111,13 @@
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    10
 
 	free(env);
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    11
 
 }
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    12
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    13
 
+#ifndef PAM_BUGFIX
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    14
 
 /*
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    15
 
  * "Blind" conversation function for password authentication.  Assumes that
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    16
 
  * echo-off prompts are for the password and stores messages for later
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    17
 
  * display.
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    18
 
  */
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    19
 
+#endif
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    20
 
 static int
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    21
 
 sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    22
 
     struct pam_response **resp, void *data)
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    23
 
@@ -1137,6 +1139,17 @@
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    24
 
 	for (i = 0; i < n; ++i) {
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    25
 
 		switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    26
 
 		case PAM_PROMPT_ECHO_OFF:
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    27
 
+#ifdef PAM_BUGFIX
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    28
 
+                       /*
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    29
 
+                        * PAM conversation function for the password userauth
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    30
 
+			* method (non-interactive) really cannot do any
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    31
 
+			* prompting.  We set the PAM_AUTHTOK item in
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    32
 
+                        * sshpam_auth_passwd()to avoid conversation. If some
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    33
 
+			* modules still try to converse, then the password
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    34
 
+			* userauth will fail.
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    35
 
+			*/
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    36
 
+			goto fail;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    37
 
+#else
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    38
 
 			if (sshpam_password == NULL)
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    39
 
 				goto fail;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    40
 
 			if ((reply[i].resp = strdup(sshpam_password)) == NULL)
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    41
 
@@ -1143,6 +1156,7 @@
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    42
 
 				goto fail;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    43
 
 			reply[i].resp_retcode = PAM_SUCCESS;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    44
 
 			break;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    45
 
+#endif
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    46
 
 		case PAM_ERROR_MSG:
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    47
 
 		case PAM_TEXT_INFO:
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    48
 
 			len = strlen(PAM_MSG_MEMBER(msg, i, msg));
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    49
 
@@ -1197,6 +1211,15 @@
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    50
 
 	    options.permit_root_login != PERMIT_YES))
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    51
 
 		sshpam_password = badpw;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    52
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    53
 
+#ifdef PAM_BUGFIX
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    54
 
+  	sshpam_err = pam_set_item(sshpam_handle, PAM_AUTHTOK, password);
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    55
 
+	if (sshpam_err != PAM_SUCCESS) {
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    56
 
+		debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__,
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    57
 
+		    pam_strerror(sshpam_handle, sshpam_err));
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    58
 
+		return 0;
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    59
 
+	}
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    60
 
+#endif
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    61
 
+
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    62
 
 	sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    63
 
 	    (const void *)&passwd_conv);
bdbb0de8834e 19034156 PAM coversation function for passwd auth method has an incorrect assumption
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff changeset 
    64
 
 	if (sshpam_err != PAM_SUCCESS)
upstream/oracle/userland-gate