6843081 pam_authtok_check cannot be used simultaneously by 32-bit and 64-bit applications

4 files changed, 46 insertions, 48 deletions

diff --git a/usr/src/lib/pam_modules/authtok_check/dict.c b/usr/src/lib/pam_modules/authtok_check/dict.c
index fe1d6d24b5..39a370526b 100644
--- a/usr/src/lib/pam_modules/authtok_check/dict.c
+++ b/usr/src/lib/pam_modules/authtok_check/dict.c
@@ -19,12 +19,10 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/stat.h>
 #include <stdio.h>
 #include <syslog.h>
@@ -117,7 +115,7 @@ unlock_db(void)
  * database_present()
  *
  * returns 0 if the database files are found, and the database size is
- * greater than 0
+ * greater than 0 and the database version matches the current version.
  */
 int
 database_present(char *path)
@@ -126,6 +124,7 @@ database_present(char *path)
 	char dict_hwm[PATH_MAX];
 	char dict_pwd[PATH_MAX];
 	char dict_pwi[PATH_MAX];
+	PWDICT *dict;
 
 	(void) snprintf(dict_hwm, sizeof (dict_hwm), "%s/%s", path,
 	    DICT_DATABASE_HWM);
@@ -139,6 +138,13 @@ database_present(char *path)
 	    stat(dict_pwi, &st) == -1)
 		return (NO_DICTDATABASE);
 
+	/* verify database version number by trying to open it */
+	if ((dict = PWOpen(path, "r")) == NULL) {
+		/* the files are there, but an outdated version */
+		PWRemove(path);
+		return (NO_DICTDATABASE);
+	}
+	(void) PWClose(dict);
 	return (0);
 }
 
diff --git a/usr/src/lib/pam_modules/authtok_check/fascist.c b/usr/src/lib/pam_modules/authtok_check/fascist.c
index 5e8a6d1637..87b56f881f 100644
--- a/usr/src/lib/pam_modules/authtok_check/fascist.c
+++ b/usr/src/lib/pam_modules/authtok_check/fascist.c
@@ -1,10 +1,8 @@
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 /*
  * This program is copyright Alec Muffett 1993. The author disclaims all
  * responsibility or liability with respect to it's usage or its effect
@@ -388,9 +386,9 @@ static char *r_destructors[] = {
 int
 FascistLook(PWDICT *pwp, char *instring)
 {
-int i;
+	int i;
 	char *password;
-	int32 notfound;
+	uint32_t notfound;
 	char rpassword[PATH_MAX];
 
 	notfound = PW_WORDS(pwp);
@@ -408,27 +406,27 @@ int i;
 	 */
 
 	for (i = 0; r_destructors[i]; i++) {
-	char *a;
+		char *a;
 
 		if (!(a = Mangle(password, r_destructors[i]))) {
-		    continue;
+			continue;
 		}
 
 		if (FindPW(pwp, a) != notfound) {
-		    return (DICTIONARY_WORD);
+			return (DICTIONARY_WORD);
 		}
 	}
 
 	(void) strlcpy(password, Reverse(password), PATH_MAX);
 
 	for (i = 0; r_destructors[i]; i++) {
-	char *a;
+		char *a;
 
 		if (!(a = Mangle(password, r_destructors[i]))) {
 			continue;
 		}
 		if (FindPW(pwp, a) != notfound) {
-		    return (REVERSE_DICTIONARY_WORD);
+			return (REVERSE_DICTIONARY_WORD);
 		}
 	}
 
diff --git a/usr/src/lib/pam_modules/authtok_check/packer.h b/usr/src/lib/pam_modules/authtok_check/packer.h
index 74b69d95cf..ef046feb31 100644
--- a/usr/src/lib/pam_modules/authtok_check/packer.h
+++ b/usr/src/lib/pam_modules/authtok_check/packer.h
@@ -1,13 +1,10 @@
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
-
 #ifndef _PACKER_H
 #define	_PACKER_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -38,9 +35,6 @@ extern "C" {
 #define	TRUNCSTRINGSIZE	(PATH_MAX/4)
 #define	STRINGSIZE	PATH_MAX
 
-typedef unsigned char int8;
-typedef unsigned short int int16;
-typedef unsigned long int int32;
 #ifndef NUMWORDS
 #define	NUMWORDS 	16
 #endif
@@ -49,10 +43,10 @@ typedef unsigned long int int32;
 
 struct pi_header
 {
-	int32 pih_magic;
-	int32 pih_numwords;
-	int16 pih_blocklen;
-	int16 pih_pad;
+	uint32_t pih_magic;
+	uint32_t pih_numwords;
+	uint16_t pih_blocklen;
+	uint16_t pih_pad;
 };
 
 typedef struct
@@ -61,21 +55,21 @@ typedef struct
 	FILE *dfp;
 	FILE *wfp;
 
-	int32 flags;
+	uint32_t flags;
 #define	PFOR_WRITE	0x0001
 #define	PFOR_FLUSH	0x0002
 #define	PFOR_USEHWMS	0x0004
 
-	int32 hwms[256];
+	uint32_t hwms[256];
 
 	struct pi_header header;
 
-	int count;
+	uint32_t count;
 	char data[NUMWORDS][MAXWORDLEN];
 } PWDICT;
 
 #define	PW_WORDS(x) ((x)->header.pih_numwords)
-#define	PIH_MAGIC 0x70775631
+#define	PIH_MAGIC 0x70775632
 
 void PWRemove(char *);
 PWDICT *PWOpen(char *, char *);
@@ -86,12 +80,12 @@ char *Mangle(char *, char *);
 #define	STRCMP(a, b)		strcmp((a), (b))
 
 char	*Trim(register char *);
-int32	FindPW(PWDICT *, char *);
+uint32_t	FindPW(PWDICT *, char *);
 int	PWClose(PWDICT *);
 int	PutPW(PWDICT *, char *);
 char	Chop(register char *);
 char	Chomp(register char *);
-char	*GetPW(PWDICT *, int32);
+char	*GetPW(PWDICT *, uint32_t);
 
 #define	DATABASE_OPEN_FAIL		-1
 #define	DICTIONARY_WORD			2
diff --git a/usr/src/lib/pam_modules/authtok_check/packlib.c b/usr/src/lib/pam_modules/authtok_check/packlib.c
index c5dd32dcae..8f65bb568e 100644
--- a/usr/src/lib/pam_modules/authtok_check/packlib.c
+++ b/usr/src/lib/pam_modules/authtok_check/packlib.c
@@ -1,10 +1,8 @@
 /*
- * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 /*
  * This program is copyright Alec Muffett 1993. The author disclaims all
  * responsibility or liability with respect to it's usage or its effect
@@ -195,10 +193,10 @@ PutPW(PWDICT *pwp, char *string)
 
 	if ((pwp->flags & PFOR_FLUSH) || !(pwp->count % NUMWORDS)) {
 		int i;
-		int32 datum;
+		uint32_t datum;
 		register char *ostr;
 
-		datum = (int32) ftell(pwp->dfp);
+		datum = (uint32_t)ftell(pwp->dfp);
 
 		(void) fwrite((char *)&datum, sizeof (datum), 1, pwp->ifp);
 
@@ -214,10 +212,10 @@ PutPW(PWDICT *pwp, char *string)
 			nstr = pwp->data[i];
 
 			if (nstr[0]) {
-				for (j = 0;
-				    ostr[j] && nstr[j] && (ostr[j] == nstr[j]);
-				    j++);
-					(void) putc(j & 0xff, pwp->dfp);
+				for (j = 0; ostr[j] && nstr[j] &&
+				    (ostr[j] == nstr[j]); j++)
+					;
+				(void) putc(j & 0xff, pwp->dfp);
 				(void) fputs(nstr + j, pwp->dfp);
 			}
 			(void) putc(0, pwp->dfp);
@@ -232,17 +230,17 @@ PutPW(PWDICT *pwp, char *string)
 }
 
 char *
-GetPW(PWDICT *pwp, int32 number)
+GetPW(PWDICT *pwp, uint32_t number)
 {
-	int32 datum;
+	uint32_t datum;
 	register int i;
 	register char *ostr;
 	register char *nstr;
 	register char *bptr;
 	char buffer[NUMWORDS * MAXWORDLEN];
 	static char data[NUMWORDS][MAXWORDLEN];
-	static int32 prevblock = 0xffffffff;
-	int32 thisblock;
+	static uint32_t prevblock = 0xffffffff;
+	uint32_t thisblock;
 
 	thisblock = number / NUMWORDS;
 
@@ -251,7 +249,7 @@ GetPW(PWDICT *pwp, int32 number)
 	}
 
 	if (fseek(pwp->ifp, sizeof (struct pi_header) +
-	    (thisblock * sizeof (int32)), 0)) {
+	    (thisblock * sizeof (uint32_t)), 0)) {
 		return (NULL);
 	}
 
@@ -271,7 +269,8 @@ GetPW(PWDICT *pwp, int32 number)
 
 	bptr = buffer;
 
-	for (ostr = data[0]; *(ostr++) = *(bptr++); /* nothing */);
+	for (ostr = data[0]; *(ostr++) = *(bptr++); /* nothing */)
+		;
 
 	ostr = data[0];
 
@@ -279,7 +278,8 @@ GetPW(PWDICT *pwp, int32 number)
 		nstr = data[i];
 		(void) strcpy(nstr, ostr);
 		ostr = nstr + *(bptr++);
-		while (*(ostr++) = *(bptr++));
+		while (*(ostr++) = *(bptr++))
+			;
 
 		ostr = nstr;
 	}
@@ -287,7 +287,7 @@ GetPW(PWDICT *pwp, int32 number)
 	return (data[number % NUMWORDS]);
 }
 
-int32
+uint32_t
 FindPW(PWDICT *pwp, char *string)
 {
 	int lwm;