diff options
Diffstat (limited to 'redhat/applications/smartcardauth')
-rw-r--r-- | redhat/applications/smartcardauth/smartcardauth-14.0.0.patch | 380 |
1 files changed, 0 insertions, 380 deletions
diff --git a/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch b/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch deleted file mode 100644 index f6a7a2595..000000000 --- a/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch +++ /dev/null @@ -1,380 +0,0 @@ -diff --git a/src/ckpass.c b/src/ckpass.c -index 1da83c6..f3a14d0 100644 ---- a/src/ckpass.c -+++ b/src/ckpass.c -@@ -8,6 +8,8 @@ - ** or PAM. - */ - -+extern x_malloc(size_t size, const char *file, int line); -+ - /* Used for unused parameters to silence gcc warnings. */ - #define UNUSED __attribute__((__unused__)) - -@@ -46,7 +48,7 @@ - number information for debugging error messages without the user having to - pass those in every time. */ - #define xcalloc(n, size) x_calloc((n), (size), __FILE__, __LINE__) --#define xmalloc(size) x_malloc((size), __FILE__, __LINE__) -+#define smartcardauth_xmalloc(size) x_malloc((size), __FILE__, __LINE__) - #define xrealloc(p, size) x_realloc((p), (size), __FILE__, __LINE__) - #define xstrdup(p) x_strdup((p), __FILE__, __LINE__) - #define xstrndup(p, size) x_strndup((p), (size), __FILE__, __LINE__) -@@ -71,7 +73,7 @@ struct auth_info { - ** This function allocates an array of struct pam_response to return to the - ** PAM libraries that's never freed. For this program, this isn't much of an - ** issue, since it will likely only be called once and then the program will --** exit. This function uses malloc and strdup instead of xmalloc and xstrdup -+** exit. This function uses malloc and strdup instead of smartcardauth_xmalloc and xstrdup - ** intentionally so that the PAM conversation will be closed cleanly if we - ** run out of memory rather than simply terminated. - ** -@@ -82,8 +84,9 @@ static int pass_conv(int num_msg, const struct pam_message **msgm UNUSED, struct - int i; - - *response = malloc(num_msg * sizeof(struct pam_response)); -- if (*response == NULL) -+ if (*response == NULL) { - return PAM_CONV_ERR; -+ } - for (i = 0; i < num_msg; i++) { - (*response)[i].resp = strdup((char *)appdata_ptr); - (*response)[i].resp_retcode = 0; -@@ -115,17 +118,21 @@ static bool auth_pam(const char *username, char *password) - conv.conv = pass_conv; - conv.appdata_ptr = password; - status = pam_start("nnrpd", username, &conv, &pamh); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_start failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_authenticate(pamh, PAM_SILENT); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_authenticate failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_acct_mgmt(pamh, PAM_SILENT); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_acct_mgmt failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_end(pamh, status); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_end failed: %s", pam_strerror(pamh, status)); -+ } - - /* If we get to here, the user successfully authenticated. */ - return true; -@@ -153,8 +160,9 @@ password_dbm(char *name, const char *file) - char *password; - - database = dbm_open(file, O_RDONLY, 0600); -- if (database == NULL) -+ if (database == NULL) { - return NULL; -+ } - key.dptr = name; - key.dsize = strlen(name); - value = dbm_fetch(database, key); -@@ -162,7 +170,7 @@ password_dbm(char *name, const char *file) - dbm_close(database); - return NULL; - } -- password = xmalloc(value.dsize + 1); -+ password = smartcardauth_xmalloc(value.dsize + 1); - strlcpy(password, value.dptr, value.dsize + 1); - dbm_close(database); - return password; -@@ -188,8 +196,10 @@ password_shadow(const char *user) - struct spwd *spwd; - - spwd = getspnam(user); -- if (spwd != NULL) -- return xstrdup(spwd->sp_pwdp); -+ if (spwd != NULL) { -+ char* ret = xstrdup(spwd->sp_pwdp); -+ return ret; -+ } - return NULL; - } - #endif /* HAVE_GETSPNAM */ -@@ -206,8 +216,10 @@ password_system(const char *username) - struct passwd *pwd; - - pwd = getpwnam(username); -- if (pwd != NULL) -- return xstrdup(pwd->pw_passwd); -+ if (pwd != NULL) { -+ char* ret = xstrdup(pwd->pw_passwd); -+ return ret; -+ } - return NULL; - } - -@@ -225,12 +237,15 @@ group_system(const char *username) - struct group *gr; - - pwd = getpwnam(username); -- if (pwd == NULL) -+ if (pwd == NULL) { - return NULL; -+ } - gr = getgrgid(pwd->pw_gid); -- if (gr == NULL) -+ if (gr == NULL) { - return NULL; -- return xstrdup(gr->gr_name); -+ } -+ char* ret = xstrdup(gr->gr_name); -+ return ret; - } - - -@@ -242,12 +257,13 @@ output_user(const char *username, bool wantgroup) - { - if (wantgroup) { - char *group = group_system(username); -- if (group == NULL) -+ if (group == NULL) { - die("group info for user %s not available", username); -+ } - printf("User:%s@%s\n", username, group); -- } -- else -+ } else { - printf("User:%s\n", username); -+ } - } - - -@@ -264,7 +280,7 @@ check_password(const char* username, const char* password) - bool wantgroup = false; - struct auth_info *authinfo = NULL; - -- authinfo = xmalloc(sizeof(struct auth_info)); -+ authinfo = smartcardauth_xmalloc(sizeof(struct auth_info)); - authinfo->username = username; - authinfo->password = password; - -@@ -273,12 +289,14 @@ check_password(const char* username, const char* password) - return 0; - } - password = password_system(authinfo->username); -- if (password == NULL) -+ if (password == NULL) { - return 1; -- if (strcmp(password, crypt(authinfo->password, password)) != 0) -+ } -+ if (strcmp(password, crypt(authinfo->password, password)) != 0) { - return 1; -+ } - - /* The password matched. */ - output_user(authinfo->username, wantgroup); - return 0; --} -\ No newline at end of file -+} -diff --git a/src/ckpasswd.c b/src/ckpasswd.c -index 9dbdbcf..a0faa15 100644 ---- a/src/ckpasswd.c -+++ b/src/ckpasswd.c -@@ -83,8 +83,9 @@ static int pass_conv(int num_msg, const struct pam_message **msgm UNUSED, struct - int i; - - *response = malloc(num_msg * sizeof(struct pam_response)); -- if (*response == NULL) -+ if (*response == NULL) { - return PAM_CONV_ERR; -+ } - for (i = 0; i < num_msg; i++) { - (*response)[i].resp = strdup((char *)appdata_ptr); - (*response)[i].resp_retcode = 0; -@@ -116,17 +117,21 @@ static bool auth_pam(const char *username, char *password) - conv.conv = pass_conv; - conv.appdata_ptr = password; - status = pam_start("nnrpd", username, &conv, &pamh); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_start failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_authenticate(pamh, PAM_SILENT); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_authenticate failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_acct_mgmt(pamh, PAM_SILENT); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_acct_mgmt failed: %s", pam_strerror(pamh, status)); -+ } - status = pam_end(pamh, status); -- if (status != PAM_SUCCESS) -+ if (status != PAM_SUCCESS) { - die("pam_end failed: %s", pam_strerror(pamh, status)); -+ } - - /* If we get to here, the user successfully authenticated. */ - return true; -@@ -154,8 +159,9 @@ password_dbm(char *name, const char *file) - char *password; - - database = dbm_open(file, O_RDONLY, 0600); -- if (database == NULL) -+ if (database == NULL) { - return NULL; -+ } - key.dptr = name; - key.dsize = strlen(name); - value = dbm_fetch(database, key); -@@ -189,8 +195,10 @@ password_shadow(const char *user) - struct spwd *spwd; - - spwd = getspnam(user); -- if (spwd != NULL) -- return xstrdup(spwd->sp_pwdp); -+ if (spwd != NULL) { -+ char* ret = xstrdup(spwd->sp_pwdp); -+ return ret; -+ } - return NULL; - } - #endif /* HAVE_GETSPNAM */ -@@ -207,8 +215,10 @@ password_system(const char *username) - struct passwd *pwd; - - pwd = getpwnam(username); -- if (pwd != NULL) -- return xstrdup(pwd->pw_passwd); -+ if (pwd != NULL) { -+ char* ret = xstrdup(pwd->pw_passwd); -+ return ret; -+ } - return NULL; - } - -@@ -226,12 +236,15 @@ group_system(const char *username) - struct group *gr; - - pwd = getpwnam(username); -- if (pwd == NULL) -+ if (pwd == NULL) { - return NULL; -+ } - gr = getgrgid(pwd->pw_gid); -- if (gr == NULL) -+ if (gr == NULL) { - return NULL; -- return xstrdup(gr->gr_name); -+ } -+ char* ret = xstrdup(gr->gr_name); -+ return ret; - } - - -@@ -243,12 +256,13 @@ output_user(const char *username, bool wantgroup) - { - if (wantgroup) { - char *group = group_system(username); -- if (group == NULL) -+ if (group == NULL) { - die("group info for user %s not available", username); -+ } - printf("User:%s@%s\n", username, group); -- } -- else -+ } else { - printf("User:%s\n", username); -+ } - } - - -@@ -276,29 +290,35 @@ main(int argc, char *argv[]) - while ((opt = getopt(argc, argv, "gf:u:p:" OPT_DBM OPT_SHADOW)) != -1) { - switch (opt) { - case 'g': -- if (type == AUTH_DBM || type == AUTH_FILE) -+ if (type == AUTH_DBM || type == AUTH_FILE) { - die("-g option is incompatible with -d or -f"); -+ } - wantgroup = true; - break; - case 'd': -- if (type != AUTH_NONE) -+ if (type != AUTH_NONE) { - die("only one of -s, -f, or -d allowed"); -- if (wantgroup) -+ } -+ if (wantgroup) { - die("-g option is incompatible with -d or -f"); -+ } - type = AUTH_DBM; - filename = optarg; - break; - case 'f': -- if (type != AUTH_NONE) -+ if (type != AUTH_NONE) { - die("only one of -s, -f, or -d allowed"); -- if (wantgroup) -+ } -+ if (wantgroup) { - die("-g option is incompatible with -d or -f"); -+ } - type = AUTH_FILE; - filename = optarg; - break; - case 's': -- if (type != AUTH_NONE) -+ if (type != AUTH_NONE) { - die("only one of -s, -f, or -d allowed"); -+ } - type = AUTH_SHADOW; - break; - case 'u': -@@ -319,12 +339,15 @@ main(int argc, char *argv[]) - exit(1); - } - } -- if (argc != optind) -- die("extra arguments given"); -- if (authinfo != NULL && authinfo->username == NULL) -+ if (argc != optind) { -+ die("extra arguments given"); -+ } -+ if (authinfo != NULL && authinfo->username == NULL) { - die("-u option is required if -p option is given"); -- if (authinfo != NULL && authinfo->password == NULL) -+ } -+ if (authinfo != NULL && authinfo->password == NULL) { - die("-p option is required if -u option is given"); -+ } - - // /* Unless a username or password was given on the command line, assume - // we're being run by nnrpd. */ -@@ -339,8 +362,9 @@ main(int argc, char *argv[]) - switch (type) { - case AUTH_SHADOW: - password = password_shadow(authinfo->username); -- if (password == NULL) -+ if (password == NULL) { - password = password_system(authinfo->username); -+ } - break; - // case AUTH_FILE: - // password = password_file(authinfo->username, filename); -@@ -357,10 +381,12 @@ main(int argc, char *argv[]) - break; - } - -- if (password == NULL) -+ if (password == NULL) { - die("user %s unknown", authinfo->username); -- if (strcmp(password, crypt(authinfo->password, password)) != 0) -+ } -+ if (strcmp(password, crypt(authinfo->password, password)) != 0) { - die("invalid password for user %s", authinfo->username); -+ } - - /* The password matched. */ - output_user(authinfo->username, wantgroup); |