[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-110-gb65e3
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-110-gb65e343 |
|
Date: |
Thu, 07 Jun 2012 19:30:15 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via b65e343173354b58ae3f21bdf6d745c7be260bc4 (commit)
via 8ee8d9acbdee43ac24ff873c57d749474cf324c5 (commit)
via 5f1d3b85b5db26495b42d333d6ab9e4313fa21ba (commit)
from 3370c78d40133eae964a669342a3a2be4cf229ef (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=b65e343173354b58ae3f21bdf6d745c7be260bc4
commit b65e343173354b58ae3f21bdf6d745c7be260bc4
Author: Mats Erik Andersson <address@hidden>
Date: Thu Jun 7 21:01:22 2012 +0200
rexecd: PAM code audit.
diff --git a/ChangeLog b/ChangeLog
index 9db9359..0161e7a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,15 @@
2012-06-07 Mats Erik Andersson <address@hidden>
+ rexecd: Audit of PAM code.
+
+ * src/rexecd.c (doc) [WITH_PAM]: Expand string.
+ (doit): Remove variable TOKEN. Add flag PAM_SILENT
+ in call to pam_setcred(). Really update USER when
+ calling pam_get_item(PAM_USER). When execl() fails,
+ close properly by calling pam_end().
+
+2012-06-07 Mats Erik Andersson <address@hidden>
+
ftpd: Audit of existing PAM code.
* ftpd/extern.h (pam_end_login) [WITH_LINUX_PAM]:
diff --git a/src/rexecd.c b/src/rexecd.c
index 0236a5d..0b39524 100644
--- a/src/rexecd.c
+++ b/src/rexecd.c
@@ -50,13 +50,22 @@
/* Implementation of PAM support for a service `rexec'
* was done by Mats Erik Andersson.
*
- * Simple PAM configuration:
+ * Sample PAM configuration with variations for different systems:
*
* rexec auth requisite pam_nologin.so
* rexec auth required pam_unix.so
+ * # rexec auth requisite pam_authtok_get.so
+ * # rexec auth required pam_unix_cred.so
+ * # rexec auth required pam_unix_auth.so
+ * # rexec auth required pam_listfile.so item=user sense=allow \
+ * file=/etc/rexec.allow onerr=fail
+ *
* rexec account required pam_unix.so
* rexec account required pam_time.so
- * rexec session required pam_unix.so
+ * # rexec account requisite pam_roles.so
+ * # rexec account required pam_unix_account.so
+ * # rexec account required pam_list.so allow=/etc/rexec.allow
+ *
* rexec password required pam_deny.so
*/
@@ -140,7 +149,12 @@ parse_opt (int key, char *arg, struct argp_state *state)
return 0;
}
-const char doc[] = "remote execution daemon";
+const char doc[] =
+#ifdef WITH_PAM
+ "Remote execution daemon, using PAM module 'rexec'.";
+#else /* !WITH_PAM */
+ "Remote execution daemon.";
+#endif
static struct argp argp = {
options,
@@ -222,9 +236,6 @@ doit (int f, struct sockaddr *fromp, socklen_t fromlen)
{
char *cmdbuf, *cp, *namep;
char *user, *pass, *pw_password;
-#ifdef WITH_PAM
- const void *token;
-#endif
#ifdef HAVE_GETPWNAM_R
char *pwbuf;
int pwbuflen;
@@ -449,7 +460,7 @@ doit (int f, struct sockaddr *fromp, socklen_t fromlen)
#endif
#ifdef WITH_PAM
- pam_rc = pam_setcred(pam_handle, PAM_ESTABLISH_CRED);
+ pam_rc = pam_setcred (pam_handle, PAM_SILENT | PAM_ESTABLISH_CRED);
if (pam_rc != PAM_SUCCESS)
{
syslog (LOG_ERR, "pam_setcred: %s",
@@ -558,7 +569,8 @@ doit (int f, struct sockaddr *fromp, socklen_t fromlen)
/* Refresh knowledge of user, which might have been
* remapped by the PAM stack during conversation.
*/
- pam_rc = pam_get_item (pam_handle, PAM_USER, &token);
+ free (user);
+ pam_rc = pam_get_item (pam_handle, PAM_USER, (const void **) &user);
if (pam_rc != PAM_SUCCESS)
die (EXIT_FAILURE, "Try again.");
@@ -621,6 +633,9 @@ doit (int f, struct sockaddr *fromp, socklen_t fromlen)
execl (pwd->pw_shell, cp, "-c", cmdbuf, NULL);
if (logging)
syslog (LOG_ERR, "execl fails for \"%s\": %m", user);
+#ifdef WITH_PAM
+ pam_end (pam_handle, PAM_SUCCESS);
+#endif
error (EXIT_FAILURE, errno, "executing %s", pwd->pw_shell);
return -1;
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=8ee8d9acbdee43ac24ff873c57d749474cf324c5
commit 8ee8d9acbdee43ac24ff873c57d749474cf324c5
Author: Mats Erik Andersson <address@hidden>
Date: Thu Jun 7 15:38:52 2012 +0200
ftpd: Audit of PAM code.
diff --git a/ChangeLog b/ChangeLog
index 43c7c52..9db9359 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2012-06-07 Mats Erik Andersson <address@hidden>
+
+ ftpd: Audit of existing PAM code.
+
+ * ftpd/extern.h (pam_end_login) [WITH_LINUX_PAM]:
+ New prototype.
+ * ftpd/ftpd.c (end_login) [WITH_LINUX_PAM]: Call
+ pam_end_login() to tear down current client.
+ * ftpd/pam.c: Include <syslog.h>.
+ (pam_doit): Add missing call to pam_open_session().
+ (pam_end_login): New function.
+
2012-06-06 Mats Erik Andersson <address@hidden>
ftpd: Restrict to Linux-PAM, which is only valid code.
diff --git a/ftpd/extern.h b/ftpd/extern.h
index 68dee1a..7012be6 100644
--- a/ftpd/extern.h
+++ b/ftpd/extern.h
@@ -156,4 +156,5 @@ extern int auth_pass (const char *, struct credentials *);
#ifdef WITH_LINUX_PAM
extern int pam_user (const char *, struct credentials *);
extern int pam_pass (const char *, struct credentials *);
+extern void pam_end_login (struct credentials *);
#endif
diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
index 1ea114d..c73bb7c 100644
--- a/ftpd/ftpd.c
+++ b/ftpd/ftpd.c
@@ -802,9 +802,15 @@ end_login (struct credentials *pcred)
{
char *remotehost = pcred->remotehost;
int atype = pcred->auth_type;
+
seteuid ((uid_t) 0);
if (pcred->logged_in)
- logwtmp_keep_open (ttyline, "", "");
+ {
+ logwtmp_keep_open (ttyline, "", "");
+#ifdef WITH_LINUX_PAM
+ pam_end_login (pcred);
+#endif
+ }
free (pcred->name);
if (pcred->passwd)
diff --git a/ftpd/pam.c b/ftpd/pam.c
index 9608410..41973ce 100644
--- a/ftpd/pam.c
+++ b/ftpd/pam.c
@@ -22,6 +22,7 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
+#include <syslog.h>
#include "extern.h"
#ifdef HAVE_SECURITY_PAM_APPL_H
@@ -192,6 +193,8 @@ pam_doit (struct credentials *pcred)
if (error == PAM_SUCCESS)
error = pam_setcred (pamh, PAM_ESTABLISH_CRED);
if (error == PAM_SUCCESS)
+ error = pam_open_session (pamh, 0);
+ if (error == PAM_SUCCESS)
error = pam_get_item (pamh, PAM_USER, (const void **) &username);
if (error == PAM_SUCCESS)
{
@@ -259,4 +262,26 @@ pam_pass (const char *passwd, struct credentials *pcred)
return error != PAM_SUCCESS;
}
+void
+pam_end_login (struct credentials * pcred)
+{
+ int error;
+
+ if (pamh)
+ {
+ error = pam_close_session (pamh, PAM_SILENT);
+ if (logging && error != PAM_SUCCESS)
+ syslog (LOG_ERR, "pam_session: %s", pam_strerror (pamh, error));
+
+ error = pam_setcred (pamh, PAM_SILENT | PAM_DELETE_CRED);
+ if (logging && error != PAM_SUCCESS)
+ syslog (LOG_ERR, "pam_setcred: %s", pam_strerror (pamh, error));
+
+ error = pam_end (pamh, error);
+ if (logging && error != PAM_SUCCESS)
+ syslog (LOG_ERR, "pam_end: %s", pam_strerror (pamh, error));
+
+ pamh = NULL;
+ }
+}
#endif /* WITH_LINUX_PAM */
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=5f1d3b85b5db26495b42d333d6ab9e4313fa21ba
commit 5f1d3b85b5db26495b42d333d6ab9e4313fa21ba
Author: Mats Erik Andersson <address@hidden>
Date: Wed Jun 6 16:42:31 2012 +0200
ftpd: Only allow Linux-PAM.
The existing code is only working with
the variant Linux-PAM. Adapt to this fact.
diff --git a/ChangeLog b/ChangeLog
index 5504e7a..43c7c52 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,24 @@
+2012-06-06 Mats Erik Andersson <address@hidden>
+
+ ftpd: Restrict to Linux-PAM, which is only valid code.
+
+ * configure.ac (WITH_PAM): Add check for PAM_CONV_AGAIN.
+ (WITH_LINUX_PAM, FTPD_LIBPAM): New variables.
+ * ftpd/Makefile.am (LDADD): Replace LIBPAM by FTPD_LIBPAM.
+ * ftpd/auth.c (auth_user, auth_pass) [WITH_LINUX_PAM]:
+ Replace old WITH_PAM by correct WITH_LINUX_PAM.
+ * ftpd/extern.h [WITH_LINUX_PAM]: Likewise.
+ * ftpd/ftpd.c [WITH_LINUX_PAM]: Likewise.
+ * ftpd/pam.c [WITH_LINUX_PAM]: Likewise.
+ (PAM_CONV_AGAIN, PAM_INCOMPLETE): Removed macro definitions.
+ (PAM_conversation): Initialise second element to NULL.
+ (GET_MEM): Return PAM_BUF_ERR.
+ (PAM_conv) [!PAM_CONV_AGAIN]: Set RETVAL to PAM_CONV_ERR.
+ (pam_doit) [PAM_CONV_AGAIN]: Test `error == PAM_CONV_AGAIN'.
+ [PAM_INCOMPLETE]: Test `error == PAM_INCOMPLETE'.
+ (pam_doit): Return PAM_SUCCESS, not 0.
+ (pam_user): Initialise `PAM_conversation.appdata_ptr'.
+
2012-06-02 Mats Erik Andersson <address@hidden>
ftpd: Long passive transfer request.
diff --git a/configure.ac b/configure.ac
index 6b474c1..eaa68dd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -176,15 +176,22 @@ AC_SUBST(LIBUTIL)
# Check if they want support for PAM. Certain daemons like ftpd have
# support for it.
-# See if we have libpam.a this is for ftpd.
+# See if we have libpam.a. Investigate PAM versus Linux-PAM.
if test "$with_pam" = yes ; then
AC_CHECK_LIB(dl, dlopen)
AC_CHECK_LIB(pam, pam_authenticate, LIBPAM=-lpam)
if test "$ac_cv_lib_pam_pam_authenticate" = yes ; then
- AC_DEFINE([WITH_PAM], 1, [Define to one if you have -lpam.])
+ AC_DEFINE([WITH_PAM], 1, [Define to one if you have -lpam.])
+ AC_CHECK_DECLS(PAM_CONV_AGAIN, , , [#include <security/pam_appl.h>])
+ if test "$ac_cv_have_decl_PAM_CONV_AGAIN" = yes ; then
+ AC_DEFINE([WITH_LINUX_PAM], 1, [Define to one if you use Linux-PAM.])
+ # Presently ftpd is coded for Linux-PAM only.
+ FTPD_LIBPAM=$LIBPAM
+ fi
fi
fi
AC_SUBST(LIBPAM)
+AC_SUBST(FTPD_LIBPAM)
# Can we use libls? but we must have fchdir()
if test "$enable_libls" = yes && test "$ac_cv_func_fchdir" = yes ; then
diff --git a/ftpd/Makefile.am b/ftpd/Makefile.am
index 7f4c284..c9b4e8f 100644
--- a/ftpd/Makefile.am
+++ b/ftpd/Makefile.am
@@ -36,6 +36,6 @@ AM_CPPFLAGS = $(PATHDEF_FTPWELCOME) $(PATHDEF_FTPUSERS) \
$(PATHDEF_FTPLOGINMESG) $(PATHDEF_FTPCHROOT) $(PATHDEF_FTPDPID) \
$(PATHDEF_DEVNULL) $(PATHDEF_NOLOGIN) $(PATHDEF_BSHELL)
-LDADD = $(LIBLS) $(LIBCRYPT) $(LIBWRAP) $(LIBPAM) $(iu_LIBRARIES)
+LDADD = $(LIBLS) $(LIBCRYPT) $(LIBWRAP) $(FTPD_LIBPAM) $(iu_LIBRARIES)
EXTRA_DIST = ftpcmd.c
diff --git a/ftpd/auth.c b/ftpd/auth.c
index a6956c9..1270faa 100644
--- a/ftpd/auth.c
+++ b/ftpd/auth.c
@@ -51,7 +51,7 @@ auth_user (const char *name, struct credentials *pcred)
switch (pcred->auth_type)
{
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
case AUTH_TYPE_PAM:
return pam_user (name, pcred);
#endif
@@ -143,7 +143,7 @@ auth_pass (const char *passwd, struct credentials *pcred)
{
switch (pcred->auth_type)
{
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
case AUTH_TYPE_PAM:
return pam_pass (passwd, pcred);
#endif
diff --git a/ftpd/extern.h b/ftpd/extern.h
index ed53cce..68dee1a 100644
--- a/ftpd/extern.h
+++ b/ftpd/extern.h
@@ -153,7 +153,7 @@ extern int auth_user (const char *, struct credentials *);
extern int auth_pass (const char *, struct credentials *);
/* Exported from pam.c */
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
extern int pam_user (const char *, struct credentials *);
extern int pam_pass (const char *, struct credentials *);
#endif
diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
index 9014a1e..1ea114d 100644
--- a/ftpd/ftpd.c
+++ b/ftpd/ftpd.c
@@ -296,7 +296,7 @@ static struct argp_option options[] = {
{ " default", 0, NULL, OPTION_DOC|OPTION_NO_TRANS,
"passwd authentication",
GRID+3 },
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
{ " pam", 0, NULL, OPTION_DOC|OPTION_NO_TRANS,
"using pam 'ftp' module",
GRID+3 },
@@ -342,7 +342,7 @@ parse_opt (int key, char *arg, struct argp_state *state)
case 'a':
if (strcasecmp (arg, "default") == 0)
cred.auth_type = AUTH_TYPE_PASSWD;
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
else if (strcasecmp (arg, "pam") == 0)
cred.auth_type = AUTH_TYPE_PAM;
#endif
diff --git a/ftpd/pam.c b/ftpd/pam.c
index 9d04c2e..9608410 100644
--- a/ftpd/pam.c
+++ b/ftpd/pam.c
@@ -28,22 +28,21 @@
# include <security/pam_appl.h>
#endif
-#ifndef PAM_CONV_AGAIN
-# define PAM_CONV_AGAIN PAM_TRY_AGAIN
-#endif
-#ifndef PAM_INCOMPLETE
-# define PAM_INCOMPLETE PAM_TRY_AGAIN
-#endif
+/* June 3rd, 2012:
+ * The draft of A.G Morgan on behalf of the the Open-PAM
+ * working group has clearly not been able to get the
+ * additions PAM_INCOMPLETE and PAM_CONV_AGAIN accepted
+ * sufficiently well in order that the present code should
+ * force them upon BSD and Solaris. They are thus protected
+ * by preprocessor conditionals for the time being.
+ */
-#ifdef WITH_PAM
+#ifdef WITH_LINUX_PAM
static int PAM_conv (int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr);
-/* FIXME: We still have a side effect since we use the global variable
- cred. A better approach would be to use the pcred parameter
- in pam_user(). */
-static struct pam_conv PAM_conversation = { &PAM_conv, &cred };
+static struct pam_conv PAM_conversation = { &PAM_conv, NULL };
/* PAM authentication, now using the PAM's async feature. */
static pam_handle_t *pamh;
@@ -59,7 +58,7 @@ PAM_conv (int num_msg, const struct pam_message **msg,
# define GET_MEM \
if (!(repl = realloc (repl, size))) \
- return PAM_CONV_ERR; \
+ return PAM_BUF_ERR; \
size += sizeof (struct pam_response)
retval = PAM_SUCCESS;
@@ -78,10 +77,14 @@ PAM_conv (int num_msg, const struct pam_message **msg,
break;
case PAM_PROMPT_ECHO_OFF:
GET_MEM;
- if (pcred->pass == 0)
+ if (pcred->pass == NULL)
{
savemsg = 1;
+# ifdef PAM_CONV_AGAIN
retval = PAM_CONV_AGAIN;
+# else /* !PAM_CONV_AGAIN */
+ retval = PAM_CONV_ERR;
+# endif
}
else
{
@@ -163,8 +166,15 @@ pam_doit (struct credentials *pcred)
error = pam_authenticate (pamh, 0);
- /* Probably being call for the passwd. */
- if (error == PAM_CONV_AGAIN || error == PAM_INCOMPLETE)
+ /* Probably being called for the passwd. */
+ if (0
+# ifdef PAM_CONV_AGAIN
+ || error == PAM_CONV_AGAIN
+# endif
+# ifdef PAM_INCOMPLETE
+ || error == PAM_INCOMPLETE
+# endif
+ )
{
/* Avoid overly terse passwd messages and let the people
upstairs do something sane. */
@@ -173,7 +183,7 @@ pam_doit (struct credentials *pcred)
free (pcred->message);
pcred->message = NULL;
}
- return 0;
+ return PAM_SUCCESS;
}
if (error == PAM_SUCCESS) /* Alright, we got it */
@@ -217,6 +227,9 @@ pam_user (const char *username, struct credentials *pcred)
free (pcred->message);
pcred->message = NULL;
+ /* Arrange our creditive. */
+ PAM_conversation.appdata_ptr = (void *) pcred;
+
error = pam_start ("ftp", pcred->name, &PAM_conversation, &pamh);
if (error == PAM_SUCCESS)
error = pam_set_item (pamh, PAM_RHOST, pcred->remotehost);
@@ -246,4 +259,4 @@ pam_pass (const char *passwd, struct credentials *pcred)
return error != PAM_SUCCESS;
}
-#endif /* WITH_PAM */
+#endif /* WITH_LINUX_PAM */
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 43 ++++++++++++++++++++++++++++++++
configure.ac | 11 ++++++-
ftpd/Makefile.am | 2 +-
ftpd/auth.c | 4 +-
ftpd/extern.h | 3 +-
ftpd/ftpd.c | 12 ++++++--
ftpd/pam.c | 72 +++++++++++++++++++++++++++++++++++++++++------------
src/rexecd.c | 31 +++++++++++++++++------
8 files changed, 144 insertions(+), 34 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-110-gb65e343,
Mats Erik Andersson <=