mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
third_party: Update pam_wrapper to version 1.1.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9705 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andreas Schneider
Stefan Metzmacher
parent
6481fab912
commit
92ea6b00e7
@ -44,5 +44,5 @@ Build.BuildContext.CHECK_UID_WRAPPER = CHECK_UID_WRAPPER
|
||||
|
||||
@conf
|
||||
def CHECK_PAM_WRAPPER(conf):
|
||||
return conf.CHECK_BUNDLED_SYSTEM_PKG('pam_wrapper', minversion='1.1.4')
|
||||
return conf.CHECK_BUNDLED_SYSTEM_PKG('pam_wrapper', minversion='1.1.7')
|
||||
Build.BuildContext.CHECK_PAM_WRAPPER = CHECK_PAM_WRAPPER
|
||||
|
||||
79
third_party/pam_wrapper/pam_wrapper.c
vendored
79
third_party/pam_wrapper/pam_wrapper.c
vendored
@ -336,7 +336,7 @@ static void *pwrap_load_lib_handle(enum pwrap_lib lib)
|
||||
|
||||
#ifdef RTLD_DEEPBIND
|
||||
const char *env_preload = getenv("LD_PRELOAD");
|
||||
const char *env_deepbind = getenv("UID_WRAPPER_DISABLE_DEEPBIND");
|
||||
const char *env_deepbind = getenv("PAM_WRAPPER_DISABLE_DEEPBIND");
|
||||
bool enable_deepbind = true;
|
||||
|
||||
/* Don't do a deepbind if we run with libasan */
|
||||
@ -749,6 +749,7 @@ static int copy_confdir(const char *src)
|
||||
|
||||
static int p_rmdirs(const char *path);
|
||||
|
||||
#ifndef HAVE_PAM_START_CONFDIR
|
||||
static void pwrap_clean_stale_dirs(const char *dir)
|
||||
{
|
||||
size_t len = strlen(dir);
|
||||
@ -816,20 +817,18 @@ static void pwrap_clean_stale_dirs(const char *dir)
|
||||
|
||||
return;
|
||||
}
|
||||
#endif /* HAVE_PAM_START_CONFDIR */
|
||||
|
||||
#ifdef HAVE_PAM_START_CONFDIR
|
||||
static void pwrap_init(void)
|
||||
{
|
||||
char tmp_config_dir[] = "/tmp/pam.X";
|
||||
size_t len = strlen(tmp_config_dir);
|
||||
const char *tmpdir = getenv("TMPDIR");
|
||||
char *tmp_config_dir = NULL;
|
||||
const char *env;
|
||||
struct stat sb;
|
||||
int rc;
|
||||
unsigned i;
|
||||
ssize_t ret;
|
||||
FILE *pidfile;
|
||||
char pidfile_path[1024] = { 0 };
|
||||
char letter;
|
||||
|
||||
if (!pam_wrapper_enabled()) {
|
||||
return;
|
||||
@ -839,62 +838,33 @@ static void pwrap_init(void)
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* The name is selected to match/replace /etc/pam.d
|
||||
* We start from a random alphanum trying letters until
|
||||
* an available directory is found.
|
||||
*/
|
||||
letter = 48 + (getpid() % 70);
|
||||
for (i = 0; i < 127; i++) {
|
||||
if (isalpha(letter) || isdigit(letter)) {
|
||||
tmp_config_dir[len - 1] = letter;
|
||||
|
||||
rc = lstat(tmp_config_dir, &sb);
|
||||
if (rc == 0) {
|
||||
PWRAP_LOG(PWRAP_LOG_TRACE,
|
||||
"Check if pam_wrapper dir %s is a "
|
||||
"stale directory",
|
||||
tmp_config_dir);
|
||||
pwrap_clean_stale_dirs(tmp_config_dir);
|
||||
} else if (rc < 0) {
|
||||
if (errno != ENOENT) {
|
||||
continue;
|
||||
}
|
||||
break; /* found */
|
||||
}
|
||||
}
|
||||
|
||||
letter++;
|
||||
letter %= 127;
|
||||
}
|
||||
|
||||
if (i == 127) {
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR,
|
||||
"Failed to find a possible path to create "
|
||||
"pam_wrapper config dir: %s",
|
||||
tmp_config_dir);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
PWRAP_LOG(PWRAP_LOG_DEBUG, "Initialize pam_wrapper");
|
||||
|
||||
pwrap.config_dir = strdup(tmp_config_dir);
|
||||
if (pwrap.config_dir == NULL) {
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR,
|
||||
"No memory");
|
||||
if (tmpdir == NULL || strlen(tmpdir) == 0 ||
|
||||
strlen(tmpdir) >= PATH_MAX - 12)
|
||||
{
|
||||
tmpdir = "/tmp";
|
||||
}
|
||||
|
||||
rc = asprintf(&pwrap.config_dir, "%s/pam.XXXXXX", tmpdir);
|
||||
if (rc <= 0) {
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR, "Failed to create path");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
tmp_config_dir = mkdtemp(pwrap.config_dir);
|
||||
if (tmp_config_dir == NULL) {
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR,
|
||||
"Failed to create temporary directory based "
|
||||
"on template: %s",
|
||||
pwrap.config_dir);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
PWRAP_LOG(PWRAP_LOG_TRACE,
|
||||
"pam_wrapper config dir: %s",
|
||||
tmp_config_dir);
|
||||
|
||||
rc = mkdir(pwrap.config_dir, 0755);
|
||||
if (rc != 0) {
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR,
|
||||
"Failed to create pam_wrapper config dir: %s - %s",
|
||||
tmp_config_dir, strerror(errno));
|
||||
}
|
||||
|
||||
/* Create file with the PID of the the process */
|
||||
ret = snprintf(pidfile_path, sizeof(pidfile_path),
|
||||
"%s/pid", pwrap.config_dir);
|
||||
@ -1121,6 +1091,7 @@ static void pwrap_init(void)
|
||||
PWRAP_LOG(PWRAP_LOG_ERROR,
|
||||
"Failed to create pam_wrapper config dir: %s - %s",
|
||||
tmp_config_dir, strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/* Create file with the PID of the the process */
|
||||
|
||||
3
third_party/pam_wrapper/wscript
vendored
3
third_party/pam_wrapper/wscript
vendored
@ -2,7 +2,7 @@
|
||||
|
||||
import os
|
||||
|
||||
VERSION="1.1.4"
|
||||
VERSION="1.1.7"
|
||||
|
||||
def find_library(library_names, lookup_paths):
|
||||
for directory in lookup_paths:
|
||||
@ -22,6 +22,7 @@ def configure(conf):
|
||||
pam_matrix_so_path = find_library(['pam_matrix.so'],
|
||||
['/usr/lib64/pam_wrapper', '/usr/lib/pam_wrapper'])
|
||||
else:
|
||||
conf.CHECK_HEADERS('gnu/lib-names.h')
|
||||
|
||||
if conf.CONFIG_SET("HAVE___THREAD"):
|
||||
conf.DEFINE("HAVE_GCC_THREAD_LOCAL_STORAGE", 1)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user