diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2017-06-27 13:56:16 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2017-06-27 13:56:16 +0200 |
commit | 749384a154025e268b53cf3cc79eaeddde2b3ceb (patch) | |
tree | 27baa9e6aec76635d750405d90cd461440a656d1 /src/plugins/auth-pam | |
parent | db4f04c584f7d4e828b5d317cf40962b9d854ac5 (diff) |
initial stretch branch release 2.4.0-6
Diffstat (limited to 'src/plugins/auth-pam')
-rw-r--r-- | src/plugins/auth-pam/Makefile.in | 34 | ||||
-rw-r--r-- | src/plugins/auth-pam/auth-pam.c | 40 | ||||
-rw-r--r-- | src/plugins/auth-pam/auth-pam.exports | 2 | ||||
-rw-r--r-- | src/plugins/auth-pam/utils.c | 12 | ||||
-rw-r--r-- | src/plugins/auth-pam/utils.h | 7 |
5 files changed, 28 insertions, 67 deletions
diff --git a/src/plugins/auth-pam/Makefile.in b/src/plugins/auth-pam/Makefile.in index 50b7523..90d5058 100644 --- a/src/plugins/auth-pam/Makefile.in +++ b/src/plugins/auth-pam/Makefile.in @@ -1,7 +1,7 @@ -# Makefile.in generated by automake 1.15 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ -# Copyright (C) 1994-2014 Free Software Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -22,17 +22,7 @@ VPATH = @srcdir@ -am__is_gnu_make = { \ - if test -z '$(MAKELEVEL)'; then \ - false; \ - elif test -n '$(MAKE_HOST)'; then \ - true; \ - elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ - true; \ - else \ - false; \ - fi; \ -} +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ @@ -96,6 +86,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = src/plugins/auth-pam +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp $(am__dist_doc_DATA_DIST) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ $(top_srcdir)/m4/ax_socklen_t.m4 \ @@ -106,8 +98,6 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) -DIST_COMMON = $(srcdir)/Makefile.am $(am__dist_doc_DATA_DIST) \ - $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h \ $(top_builddir)/include/openvpn-plugin.h @@ -219,7 +209,6 @@ am__define_uniq_tagged_files = \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags -am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -268,7 +257,6 @@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ LZ4_CFLAGS = @LZ4_CFLAGS@ LZ4_LIBS = @LZ4_LIBS@ LZO_CFLAGS = @LZO_CFLAGS@ @@ -317,7 +305,6 @@ PKCS11_HELPER_LIBS = @PKCS11_HELPER_LIBS@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ -PLUGINDIR = @PLUGINDIR@ PLUGIN_AUTH_PAM_CFLAGS = @PLUGIN_AUTH_PAM_CFLAGS@ PLUGIN_AUTH_PAM_LIBS = @PLUGIN_AUTH_PAM_LIBS@ RANLIB = @RANLIB@ @@ -330,14 +317,12 @@ SHELL = @SHELL@ SOCKETS_LIBS = @SOCKETS_LIBS@ STRIP = @STRIP@ SYSTEMD_ASK_PASSWORD = @SYSTEMD_ASK_PASSWORD@ -SYSTEMD_UNIT_DIR = @SYSTEMD_UNIT_DIR@ TAP_CFLAGS = @TAP_CFLAGS@ TAP_WIN_COMPONENT_ID = @TAP_WIN_COMPONENT_ID@ TAP_WIN_MIN_MAJOR = @TAP_WIN_MIN_MAJOR@ TAP_WIN_MIN_MINOR = @TAP_WIN_MIN_MINOR@ TEST_CFLAGS = @TEST_CFLAGS@ TEST_LDFLAGS = @TEST_LDFLAGS@ -TMPFILES_DIR = @TMPFILES_DIR@ VENDOR_BUILD_ROOT = @VENDOR_BUILD_ROOT@ VENDOR_DIST_ROOT = @VENDOR_DIST_ROOT@ VENDOR_SRC_ROOT = @VENDOR_SRC_ROOT@ @@ -394,9 +379,7 @@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ -systemdunitdir = @systemdunitdir@ target_alias = @target_alias@ -tmpfilesdir = @tmpfilesdir@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ @@ -439,6 +422,7 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile +.PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ @@ -510,14 +494,14 @@ distclean-compile: @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -762,8 +746,6 @@ uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES tags tags-am uninstall uninstall-am uninstall-dist_docDATA \ uninstall-pluginLTLIBRARIES -.PRECIOUS: Makefile - # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index ae514d7..1767d1e 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -16,9 +16,10 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* @@ -62,9 +63,6 @@ #define RESPONSE_VERIFY_SUCCEEDED 12 #define RESPONSE_VERIFY_FAILED 13 -/* Pointers to functions exported from openvpn */ -static plugin_secure_memzero_t plugin_secure_memzero = NULL; - /* * Plugin state, used by foreground */ @@ -276,10 +274,8 @@ name_value_match(const char *query, const char *match) return strncasecmp(match, query, strlen(match)) == 0; } -OPENVPN_EXPORT int -openvpn_plugin_open_v3(const int v3structver, - struct openvpn_plugin_args_open_in const *args, - struct openvpn_plugin_args_open_return *ret) +OPENVPN_EXPORT openvpn_plugin_handle_t +openvpn_plugin_open_v1(unsigned int *type_mask, const char *argv[], const char *envp[]) { pid_t pid; int fd[2]; @@ -289,16 +285,6 @@ openvpn_plugin_open_v3(const int v3structver, const int base_parms = 2; - const char **argv = args->argv; - const char **envp = args->envp; - - /* Check API compatibility -- struct version 4 or higher needed */ - if (v3structver < 4) - { - fprintf(stderr, "AUTH-PAM: This plugin is incompatible with the running version of OpenVPN\n"); - return OPENVPN_PLUGIN_FUNC_ERROR; - } - /* * Allocate our context */ @@ -312,10 +298,7 @@ openvpn_plugin_open_v3(const int v3structver, /* * Intercept the --auth-user-pass-verify callback. */ - ret->type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY); - - /* Save global pointers to functions exported from openvpn */ - plugin_secure_memzero = args->callbacks->plugin_secure_memzero; + *type_mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY); /* * Make sure we have two string arguments: the first is the .so name, @@ -403,8 +386,7 @@ openvpn_plugin_open_v3(const int v3structver, if (status == RESPONSE_INIT_SUCCEEDED) { context->foreground_fd = fd[0]; - ret->handle = (openvpn_plugin_handle_t *) context; - return OPENVPN_PLUGIN_FUNC_SUCCESS; + return (openvpn_plugin_handle_t) context; } } else @@ -438,7 +420,7 @@ error: { free(context); } - return OPENVPN_PLUGIN_FUNC_ERROR; + return NULL; } OPENVPN_EXPORT int @@ -716,7 +698,7 @@ pam_server(int fd, const char *service, int verb, const struct name_value_list * struct user_pass up; int command; #ifdef USE_PAM_DLOPEN - static const char pam_so[] = "libpam.so"; + static const char pam_so[] = "libpam.so.0"; #endif /* @@ -803,7 +785,6 @@ pam_server(int fd, const char *service, int verb, const struct name_value_list * goto done; } } - plugin_secure_memzero(up.password, sizeof(up.password)); break; case COMMAND_EXIT: @@ -821,7 +802,6 @@ pam_server(int fd, const char *service, int verb, const struct name_value_list * } done: - plugin_secure_memzero(up.password, sizeof(up.password)); #ifdef USE_PAM_DLOPEN dlclose_pam(); #endif diff --git a/src/plugins/auth-pam/auth-pam.exports b/src/plugins/auth-pam/auth-pam.exports index 597e33f..b07937c 100644 --- a/src/plugins/auth-pam/auth-pam.exports +++ b/src/plugins/auth-pam/auth-pam.exports @@ -1,4 +1,4 @@ -openvpn_plugin_open_v3 +openvpn_plugin_open_v1 openvpn_plugin_func_v1 openvpn_plugin_close_v1 openvpn_plugin_abort_v1 diff --git a/src/plugins/auth-pam/utils.c b/src/plugins/auth-pam/utils.c index 4b900c7..4f8fb0a 100644 --- a/src/plugins/auth-pam/utils.c +++ b/src/plugins/auth-pam/utils.c @@ -16,9 +16,10 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* @@ -77,8 +78,7 @@ searchandreplace(const char *tosearch, const char *searchfor, const char *replac return strdup(tosearch); } - while (scratch) - { + while (scratch) { strncat(temp,searching,scratch-searching); strcat(temp,replacewith); @@ -117,9 +117,7 @@ string_array_len(const char *array[]) if (array) { while (array[i]) - { ++i; - } } return i; } diff --git a/src/plugins/auth-pam/utils.h b/src/plugins/auth-pam/utils.h index c0b4b10..fbc9705 100644 --- a/src/plugins/auth-pam/utils.h +++ b/src/plugins/auth-pam/utils.h @@ -16,9 +16,10 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * You should have received a copy of the GNU General Public License + * along with this program (see the file COPYING included with this + * distribution); if not, write to the Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #ifndef _PLUGIN_AUTH_PAM_UTILS__H |