kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/security/PAM/patches/patch-ak
jlam 3530f6ba5c Update security/PAM to 0.77. Changes from version 0.75 include: 
* Numerous bug fixes for most of the PAM modules, including several
  string length checks and fixes (update recommended!).

* fix for legacy behavior of pam_setcred and pam_close_session in
  the case that pam_authenticate and pam_open_session hadn't been
  called

* pam_unix:
	- don't zero out password strings during password changing function
* pam_wheel:
	- feature: can use the module to provide wheel access to non-root
	  accounts.
* pam_limits:
	- added '%' domain for maxlogins limiting, now '*' and @group
	  have the old meaning (every) and '%' the new one (all)
	- handle negative priority limits (which can apply to the
	  superuser too).
* pam_userdb:
	- require that all of typed password matches that in database
* pam_access:
	- added the 'fieldsep=' argument, made a PAM_RHOST of ""
	  equivalent to NULL

Incidentally, cups-1.1.18 will once again do PAM authentication using
pam_unix.so if built against PAM-0.77.
2002-12-23 21:23:56 +00:00

90 lines
3.2 KiB
Text
Raw Blame History

$NetBSD: patch-ak,v 1.3 2002/12/23 21:23:59 jlam Exp $
--- modules/pam_filter/pam_filter.c.orig Sun Nov 11 02:43:54 2001
+++ modules/pam_filter/pam_filter.c
@@ -21,7 +21,17 @@
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#ifdef HAVE_TERMIOS_H
+#include <termios.h>
+#define STRUCT_TERMIO struct termios
+#define TCGETATTR(fd, p_termio) tcgetattr(fd, p_termio)
+#define TCSETATTR(fd, p_termio) tcsetattr(fd, TCSANOW, p_termio)
+#else
#include <termio.h>
+#define STRUCT_TERMIO struct termio
+#define TCGETATTR(fd, p_termio) ioctl(fd, TCGETA, (char *) p_termio)
+#define TCSETATTR(fd, p_termio) ioctl(fd, TCSETA, (char *) p_termio)
+#endif
#include <signal.h>
@@ -278,7 +288,7 @@ static int set_filter(pam_handle_t *pamh
{
int status=-1;
char terminal[TERMINAL_LEN];
- struct termio stored_mode; /* initial terminal mode settings */
+ STRUCT_TERMIO stored_mode; /* initial terminal mode settings */
int fd[2], child=0, child2=0, aterminal;
if (filtername == NULL || *filtername != '/') {
@@ -307,17 +317,20 @@ static int set_filter(pam_handle_t *pamh
/* this is termio terminal handling... */
- if (ioctl(STDIN_FILENO, TCGETA, (char *) &stored_mode ) < 0) {
+ if (TCGETATTR(STDIN_FILENO, &stored_mode ) < 0) {
/* in trouble, so close down */
close(fd[0]);
_pam_log(LOG_CRIT, "couldn't copy terminal mode");
return PAM_ABORT;
} else {
- struct termio t_mode = stored_mode;
+ STRUCT_TERMIO t_mode = stored_mode;
t_mode.c_iflag = 0; /* no input control */
t_mode.c_oflag &= ~OPOST; /* no ouput post processing */
+#ifndef XCASE
+#define XCASE 0
+#endif
/* no signals, canonical input, echoing, upper/lower output */
t_mode.c_lflag &= ~(ISIG|ICANON|ECHO|XCASE);
t_mode.c_cflag &= ~(CSIZE|PARENB); /* no parity */
@@ -326,7 +339,7 @@ static int set_filter(pam_handle_t *pamh
t_mode.c_cc[VMIN] = 1; /* number of chars to satisfy a read */
t_mode.c_cc[VTIME] = 0; /* 0/10th second for chars */
- if (ioctl(STDIN_FILENO, TCSETA, (char *) &t_mode) < 0) {
+ if (TCSETATTR(STDIN_FILENO, &t_mode) < 0) {
close(fd[0]);
_pam_log(LOG_WARNING, "couldn't put terminal in RAW mode");
return PAM_ABORT;
@@ -356,7 +369,7 @@ static int set_filter(pam_handle_t *pamh
_pam_log(LOG_WARNING,"first fork failed");
if (aterminal) {
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
+ (void) TCSETATTR(STDIN_FILENO, &stored_mode);
}
return PAM_AUTH_ERR;
@@ -398,7 +411,7 @@ static int set_filter(pam_handle_t *pamh
/* initialize the child's terminal to be the way the
parent's was before we set it into RAW mode */
- if (ioctl(fd[1], TCSETA, (char *) &stored_mode) < 0) {
+ if (TCSETATTR(fd[1], &stored_mode) < 0) {
_pam_log(LOG_WARNING,"cannot set slave terminal mode; %s"
,terminal);
close(fd[1]);
@@ -572,7 +585,7 @@ static int set_filter(pam_handle_t *pamh
if (aterminal) {
/* reset to initial terminal mode */
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
+ (void) TCSETATTR(STDIN_FILENO, &stored_mode);
}
if (ctrl & FILTER_DEBUG) {
Reference in a new issue View git blame Copy permalink