diff options
author | Joep Vesseur <Joep.Vesseur@Sun.COM> | 2009-06-05 09:44:41 +0200 |
---|---|---|
committer | Joep Vesseur <Joep.Vesseur@Sun.COM> | 2009-06-05 09:44:41 +0200 |
commit | c7402f0767d7a0360fabd0bd449c6baf9b282074 (patch) | |
tree | 47adc5a7da4356851240c4fac11d83322d7f86fb | |
parent | 489b7c4ab76ae8df137fbfcc2214f7baa52883a0 (diff) | |
download | illumos-joyent-c7402f0767d7a0360fabd0bd449c6baf9b282074.tar.gz |
6843081 pam_authtok_check cannot be used simultaneously by 32-bit and 64-bit applications
-rw-r--r-- | usr/src/lib/pam_modules/authtok_check/dict.c | 14 | ||||
-rw-r--r-- | usr/src/lib/pam_modules/authtok_check/fascist.c | 18 | ||||
-rw-r--r-- | usr/src/lib/pam_modules/authtok_check/packer.h | 28 | ||||
-rw-r--r-- | usr/src/lib/pam_modules/authtok_check/packlib.c | 34 |
4 files changed, 46 insertions, 48 deletions
diff --git a/usr/src/lib/pam_modules/authtok_check/dict.c b/usr/src/lib/pam_modules/authtok_check/dict.c index fe1d6d24b5..39a370526b 100644 --- a/usr/src/lib/pam_modules/authtok_check/dict.c +++ b/usr/src/lib/pam_modules/authtok_check/dict.c @@ -19,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <sys/stat.h> #include <stdio.h> #include <syslog.h> @@ -117,7 +115,7 @@ unlock_db(void) * database_present() * * returns 0 if the database files are found, and the database size is - * greater than 0 + * greater than 0 and the database version matches the current version. */ int database_present(char *path) @@ -126,6 +124,7 @@ database_present(char *path) char dict_hwm[PATH_MAX]; char dict_pwd[PATH_MAX]; char dict_pwi[PATH_MAX]; + PWDICT *dict; (void) snprintf(dict_hwm, sizeof (dict_hwm), "%s/%s", path, DICT_DATABASE_HWM); @@ -139,6 +138,13 @@ database_present(char *path) stat(dict_pwi, &st) == -1) return (NO_DICTDATABASE); + /* verify database version number by trying to open it */ + if ((dict = PWOpen(path, "r")) == NULL) { + /* the files are there, but an outdated version */ + PWRemove(path); + return (NO_DICTDATABASE); + } + (void) PWClose(dict); return (0); } diff --git a/usr/src/lib/pam_modules/authtok_check/fascist.c b/usr/src/lib/pam_modules/authtok_check/fascist.c index 5e8a6d1637..87b56f881f 100644 --- a/usr/src/lib/pam_modules/authtok_check/fascist.c +++ b/usr/src/lib/pam_modules/authtok_check/fascist.c @@ -1,10 +1,8 @@ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * This program is copyright Alec Muffett 1993. The author disclaims all * responsibility or liability with respect to it's usage or its effect @@ -388,9 +386,9 @@ static char *r_destructors[] = { int FascistLook(PWDICT *pwp, char *instring) { -int i; + int i; char *password; - int32 notfound; + uint32_t notfound; char rpassword[PATH_MAX]; notfound = PW_WORDS(pwp); @@ -408,27 +406,27 @@ int i; */ for (i = 0; r_destructors[i]; i++) { - char *a; + char *a; if (!(a = Mangle(password, r_destructors[i]))) { - continue; + continue; } if (FindPW(pwp, a) != notfound) { - return (DICTIONARY_WORD); + return (DICTIONARY_WORD); } } (void) strlcpy(password, Reverse(password), PATH_MAX); for (i = 0; r_destructors[i]; i++) { - char *a; + char *a; if (!(a = Mangle(password, r_destructors[i]))) { continue; } if (FindPW(pwp, a) != notfound) { - return (REVERSE_DICTIONARY_WORD); + return (REVERSE_DICTIONARY_WORD); } } diff --git a/usr/src/lib/pam_modules/authtok_check/packer.h b/usr/src/lib/pam_modules/authtok_check/packer.h index 74b69d95cf..ef046feb31 100644 --- a/usr/src/lib/pam_modules/authtok_check/packer.h +++ b/usr/src/lib/pam_modules/authtok_check/packer.h @@ -1,13 +1,10 @@ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ - #ifndef _PACKER_H #define _PACKER_H -#pragma ident "%Z%%M% %I% %E% SMI" - #ifdef __cplusplus extern "C" { #endif @@ -38,9 +35,6 @@ extern "C" { #define TRUNCSTRINGSIZE (PATH_MAX/4) #define STRINGSIZE PATH_MAX -typedef unsigned char int8; -typedef unsigned short int int16; -typedef unsigned long int int32; #ifndef NUMWORDS #define NUMWORDS 16 #endif @@ -49,10 +43,10 @@ typedef unsigned long int int32; struct pi_header { - int32 pih_magic; - int32 pih_numwords; - int16 pih_blocklen; - int16 pih_pad; + uint32_t pih_magic; + uint32_t pih_numwords; + uint16_t pih_blocklen; + uint16_t pih_pad; }; typedef struct @@ -61,21 +55,21 @@ typedef struct FILE *dfp; FILE *wfp; - int32 flags; + uint32_t flags; #define PFOR_WRITE 0x0001 #define PFOR_FLUSH 0x0002 #define PFOR_USEHWMS 0x0004 - int32 hwms[256]; + uint32_t hwms[256]; struct pi_header header; - int count; + uint32_t count; char data[NUMWORDS][MAXWORDLEN]; } PWDICT; #define PW_WORDS(x) ((x)->header.pih_numwords) -#define PIH_MAGIC 0x70775631 +#define PIH_MAGIC 0x70775632 void PWRemove(char *); PWDICT *PWOpen(char *, char *); @@ -86,12 +80,12 @@ char *Mangle(char *, char *); #define STRCMP(a, b) strcmp((a), (b)) char *Trim(register char *); -int32 FindPW(PWDICT *, char *); +uint32_t FindPW(PWDICT *, char *); int PWClose(PWDICT *); int PutPW(PWDICT *, char *); char Chop(register char *); char Chomp(register char *); -char *GetPW(PWDICT *, int32); +char *GetPW(PWDICT *, uint32_t); #define DATABASE_OPEN_FAIL -1 #define DICTIONARY_WORD 2 diff --git a/usr/src/lib/pam_modules/authtok_check/packlib.c b/usr/src/lib/pam_modules/authtok_check/packlib.c index c5dd32dcae..8f65bb568e 100644 --- a/usr/src/lib/pam_modules/authtok_check/packlib.c +++ b/usr/src/lib/pam_modules/authtok_check/packlib.c @@ -1,10 +1,8 @@ /* - * Copyright 2005 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * This program is copyright Alec Muffett 1993. The author disclaims all * responsibility or liability with respect to it's usage or its effect @@ -195,10 +193,10 @@ PutPW(PWDICT *pwp, char *string) if ((pwp->flags & PFOR_FLUSH) || !(pwp->count % NUMWORDS)) { int i; - int32 datum; + uint32_t datum; register char *ostr; - datum = (int32) ftell(pwp->dfp); + datum = (uint32_t)ftell(pwp->dfp); (void) fwrite((char *)&datum, sizeof (datum), 1, pwp->ifp); @@ -214,10 +212,10 @@ PutPW(PWDICT *pwp, char *string) nstr = pwp->data[i]; if (nstr[0]) { - for (j = 0; - ostr[j] && nstr[j] && (ostr[j] == nstr[j]); - j++); - (void) putc(j & 0xff, pwp->dfp); + for (j = 0; ostr[j] && nstr[j] && + (ostr[j] == nstr[j]); j++) + ; + (void) putc(j & 0xff, pwp->dfp); (void) fputs(nstr + j, pwp->dfp); } (void) putc(0, pwp->dfp); @@ -232,17 +230,17 @@ PutPW(PWDICT *pwp, char *string) } char * -GetPW(PWDICT *pwp, int32 number) +GetPW(PWDICT *pwp, uint32_t number) { - int32 datum; + uint32_t datum; register int i; register char *ostr; register char *nstr; register char *bptr; char buffer[NUMWORDS * MAXWORDLEN]; static char data[NUMWORDS][MAXWORDLEN]; - static int32 prevblock = 0xffffffff; - int32 thisblock; + static uint32_t prevblock = 0xffffffff; + uint32_t thisblock; thisblock = number / NUMWORDS; @@ -251,7 +249,7 @@ GetPW(PWDICT *pwp, int32 number) } if (fseek(pwp->ifp, sizeof (struct pi_header) + - (thisblock * sizeof (int32)), 0)) { + (thisblock * sizeof (uint32_t)), 0)) { return (NULL); } @@ -271,7 +269,8 @@ GetPW(PWDICT *pwp, int32 number) bptr = buffer; - for (ostr = data[0]; *(ostr++) = *(bptr++); /* nothing */); + for (ostr = data[0]; *(ostr++) = *(bptr++); /* nothing */) + ; ostr = data[0]; @@ -279,7 +278,8 @@ GetPW(PWDICT *pwp, int32 number) nstr = data[i]; (void) strcpy(nstr, ostr); ostr = nstr + *(bptr++); - while (*(ostr++) = *(bptr++)); + while (*(ostr++) = *(bptr++)) + ; ostr = nstr; } @@ -287,7 +287,7 @@ GetPW(PWDICT *pwp, int32 number) return (data[number % NUMWORDS]); } -int32 +uint32_t FindPW(PWDICT *pwp, char *string) { int lwm; |