Browse Source
libpam: update to 1.5.0
Fixes CVE-2020-27780 Removed upstreamed patches. Signed-off-by: Rosen Penev <rosenp@gmail.com>lilik-openwrt-22.03
Rosen Penev
4 years ago
No known key found for this signature in database
GPG Key ID: 36D31CFA845F0E3B
3 changed files with 2 additions and 147 deletions
Unified View
Diff Options
-
+2 -2libs/libpam/Makefile
-
+0 -35libs/libpam/patches/010-crypt.patch
-
+0 -110libs/libpam/patches/020-fgetpwent_r.patch
+ 2
- 2
libs/libpam/Makefile
View File
+ 0
- 35
libs/libpam/patches/010-crypt.patch
View File
| @ -1,35 +0,0 @@ | |||||
| From aef363c7e8e942224e6cffc4398366c6e5d31749 Mon Sep 17 00:00:00 2001 | |||||
| From: Fabrice Fontaine <fontaine.fabrice@gmail.com> | |||||
| Date: Thu, 11 Jun 2020 00:04:32 +0200 | |||||
| Subject: [PATCH] configure.ac: fix build failure when crypt() does not require | |||||
| libcrypt | |||||
| Since commit 522246d20e4cd92fadc2d760228cb7e78cbeb4c5, the build fails | |||||
| if "none required" is returned by AC_SEARCH_LIBS for libcrypt. | |||||
| Resolves: https://github.com/linux-pam/linux-pam/pull/235 | |||||
| Fixes: http://autobuild.buildroot.org/results/92b3dd7c984d2b843ac9aacacd69eec99f28743e | |||||
| Fixes: v1.4.0~228 ("Use cached 'crypt' library result correctly") | |||||
| Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> | |||||
| --- | |||||
| configure.ac | 6 +++++- | |||||
| 1 file changed, 5 insertions(+), 1 deletion(-) | |||||
| diff --git a/configure.ac b/configure.ac | |||||
| index ea08a7a3..c1862ea7 100644 | |||||
| --- a/configure.ac | |||||
| +++ b/configure.ac | |||||
| @@ -428,7 +428,11 @@ AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], | |||||
| [crypt_libs="crypt"]) | |||||
| BACKUP_LIBS=$LIBS | |||||
| -AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="${ac_cv_search_crypt}", LIBCRYPT="") | |||||
| +AC_SEARCH_LIBS([crypt],[$crypt_libs]) | |||||
| +case "$ac_cv_search_crypt" in | |||||
| + -l*) LIBCRYPT="$ac_cv_search_crypt" ;; | |||||
| + *) LIBCRYPT="" ;; | |||||
| +esac | |||||
| AC_CHECK_FUNCS(crypt_r crypt_gensalt_r) | |||||
| LIBS=$BACKUP_LIBS | |||||
| AC_SUBST(LIBCRYPT) | |||||
+ 0
- 110
libs/libpam/patches/020-fgetpwent_r.patch
View File
| @ -1,110 +0,0 @@ | |||||
| --- a/modules/pam_faillock/pam_faillock.c | |||||
| +++ b/modules/pam_faillock/pam_faillock.c | |||||
| @@ -348,42 +348,81 @@ set_conf_opt(pam_handle_t *pamh, struct options *opts, const char *name, const c | |||||
| static int | |||||
| check_local_user (pam_handle_t *pamh, const char *user) | |||||
| { | |||||
| - struct passwd pw, *pwp; | |||||
| - char buf[16384]; | |||||
| - int found = 0; | |||||
| + int rc; | |||||
| + size_t user_len; | |||||
| FILE *fp; | |||||
| - int errn; | |||||
| + char line[BUFSIZ]; | |||||
| - fp = fopen(PATH_PASSWD, "r"); | |||||
| - if (fp == NULL) { | |||||
| - pam_syslog(pamh, LOG_ERR, "unable to open %s: %m", | |||||
| - PATH_PASSWD); | |||||
| - return -1; | |||||
| + /* Validate the user name. */ | |||||
| + if ((user_len = strlen(user)) == 0) { | |||||
| + pam_syslog(pamh, LOG_NOTICE, "user name is not valid"); | |||||
| + return PAM_SERVICE_ERR; | |||||
| + } | |||||
| + | |||||
| + if (user_len > sizeof(line) - sizeof(":")) { | |||||
| + pam_syslog(pamh, LOG_NOTICE, "user name is too long"); | |||||
| + return PAM_SERVICE_ERR; | |||||
| + } | |||||
| + | |||||
| + if (strchr(user, ':') != NULL) { | |||||
| + /* | |||||
| + * "root:x" is not a local user name even if the passwd file | |||||
| + * contains a line starting with "root:x:". | |||||
| + */ | |||||
| + return PAM_PERM_DENIED; | |||||
| } | |||||
| - for (;;) { | |||||
| - errn = fgetpwent_r(fp, &pw, buf, sizeof (buf), &pwp); | |||||
| - if (errn == ERANGE) { | |||||
| - pam_syslog(pamh, LOG_WARNING, "%s contains very long lines; corrupted?", | |||||
| - PATH_PASSWD); | |||||
| + /* Open the passwd file. */ | |||||
| + FILE *file_name = "/etc/passwd"; | |||||
| + if ((fp = fopen(file_name, "r")) == NULL) { | |||||
| + pam_syslog(pamh, LOG_ERR, "error opening %s: %m", file_name); | |||||
| + return PAM_SERVICE_ERR; | |||||
| + } | |||||
| + | |||||
| + /* | |||||
| + * Scan the file using fgets() instead of fgetpwent_r() because | |||||
| + * the latter is not flexible enough in handling long lines | |||||
| + * in passwd files. | |||||
| + */ | |||||
| + rc = PAM_PERM_DENIED; | |||||
| + while (fgets(line, sizeof(line), fp) != NULL) { | |||||
| + size_t line_len; | |||||
| + const char *str; | |||||
| + | |||||
| + /* | |||||
| + * Does this line start with the user name | |||||
| + * followed by a colon? | |||||
| + */ | |||||
| + if (strncmp(user, line, user_len) == 0 && | |||||
| + line[user_len] == ':') { | |||||
| + rc = PAM_SUCCESS; | |||||
| break; | |||||
| } | |||||
| - if (errn != 0) | |||||
| - break; | |||||
| - if (strcmp(pwp->pw_name, user) == 0) { | |||||
| - found = 1; | |||||
| + /* Has a newline been read? */ | |||||
| + line_len = strlen(line); | |||||
| + if (line_len < sizeof(line) - 1 || | |||||
| + line[line_len - 1] == '\n') { | |||||
| + /* Yes, continue with the next line. */ | |||||
| + continue; | |||||
| + } | |||||
| + | |||||
| + /* No, read till the end of this line first. */ | |||||
| + while ((str = fgets(line, sizeof(line), fp)) != NULL) { | |||||
| + line_len = strlen(line); | |||||
| + if (line_len == 0 || | |||||
| + line[line_len - 1] == '\n') { | |||||
| + break; | |||||
| + } | |||||
| + } | |||||
| + if (str == NULL) { | |||||
| + /* fgets returned NULL, we are done. */ | |||||
| break; | |||||
| } | |||||
| + /* Continue with the next line. */ | |||||
| } | |||||
| - fclose (fp); | |||||
| - | |||||
| - if (errn != 0 && errn != ENOENT) { | |||||
| - pam_syslog(pamh, LOG_ERR, "unable to enumerate local accounts: %m"); | |||||
| - return -1; | |||||
| - } else { | |||||
| - return found; | |||||
| - } | |||||
| + fclose(fp); | |||||
| + return rc; | |||||
| } | |||||
| static int | |||||