Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/external/bsd/heimdal Use getpwuid_r instead of getpwu...



details:   https://anonhg.NetBSD.org/src/rev/c2317c6d2a48
branches:  trunk
changeset: 356199:c2317c6d2a48
user:      christos <christos%NetBSD.org@localhost>
date:      Fri Sep 08 15:29:43 2017 +0000

description:
Use getpwuid_r instead of getpwuid, so that we don't trash getpw*() internal
buffers.

kde does (kdm/client/backend.c):
    p = getpwnam();
    pam_setcred() (which calls getpwuid in pam_afslog);
    setusercontext(...,p,p->pw_uid,...) (now with trashed p data...)

XXX: pullups.

diffstat:

 crypto/external/bsd/heimdal/dist/cf/check-getpwuid_r-posix.m4     |  40 ++++
 crypto/external/bsd/heimdal/dist/configure.ac                     |   3 +-
 crypto/external/bsd/heimdal/dist/kcm/client.c                     |   8 +-
 crypto/external/bsd/heimdal/dist/kcm/config.c                     |  21 +-
 crypto/external/bsd/heimdal/dist/lib/hx509/softp11.c              |  10 +-
 crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c           |  10 +-
 crypto/external/bsd/heimdal/dist/lib/krb5/get_default_principal.c |  10 +-
 crypto/external/bsd/heimdal/dist/lib/roken/getxxyyy.c             |  89 +++++++--
 crypto/external/bsd/heimdal/dist/lib/roken/roken.h.in             |   7 +
 crypto/external/bsd/heimdal/include/config.h                      |   6 +
 crypto/external/bsd/heimdal/include/roken.h                       |   1 +
 11 files changed, 160 insertions(+), 45 deletions(-)

diffs (truncated from 379 to 300 lines):

diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/cf/check-getpwuid_r-posix.m4
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto/external/bsd/heimdal/dist/cf/check-getpwuid_r-posix.m4     Fri Sep 08 15:29:43 2017 +0000
@@ -0,0 +1,40 @@
+dnl Id
+dnl
+dnl check for getpwuid_r, and if it's posix or not
+
+AC_DEFUN([AC_CHECK_GETPWUID_R_POSIX],[
+AC_FIND_FUNC_NO_LIBS(getpwuid_r,c_r)
+if test "$ac_cv_func_getpwuid_r" = yes; then
+       AC_CACHE_CHECK(if getpwuid_r is posix,ac_cv_func_getpwuid_r_posix,
+       ac_libs="$LIBS"
+       LIBS="$LIBS $LIB_getpwuid_r"
+       AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#define _POSIX_PTHREAD_SEMANTICS
+#include <pwd.h>
+int main(int argc, char **argv)
+{
+       struct passwd pw, *pwd;
+       return getpwuid_r(0, &pw, 0, 0, &pwd) < 0;
+}
+]])],[ac_cv_func_getpwuid_r_posix=yes],[ac_cv_func_getpwuid_r_posix=no],[:])
+LIBS="$ac_libs")
+       AC_CACHE_CHECK(if _POSIX_PTHREAD_SEMANTICS is needed,ac_cv_func_getpwuid_r_posix_def,
+       ac_libs="$LIBS"
+       LIBS="$LIBS $LIB_getpwuid_r"
+       AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#include <pwd.h>
+int main(int argc, char **argv)
+{
+       struct passwd pw, *pwd;
+       return getpwuid_r(0, &pw, 0, 0, &pwd) < 0;
+}
+]])],[ac_cv_func_getpwuid_r_posix_def=no],[ac_cv_func_getpwuid_r_posix_def=yes],[:])
+LIBS="$ac_libs")
+if test "$ac_cv_func_getpwuid_r_posix" = yes; then
+       AC_DEFINE(POSIX_GETPWUID_R, 1, [Define if getpwuid_r has POSIX flavour.])
+fi
+if test "$ac_cv_func_getpwuid_r_posix" = yes -a "$ac_cv_func_getpwuid_r_posix_def" = yes; then
+       AC_DEFINE(_POSIX_PTHREAD_SEMANTICS, 1, [Define to get POSIX getpwuid_r in some systems.])
+fi
+fi
+])
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/configure.ac
--- a/crypto/external/bsd/heimdal/dist/configure.ac     Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/configure.ac     Fri Sep 08 15:29:43 2017 +0000
@@ -1,5 +1,5 @@
 dnl Process this file with autoconf to produce a configure script.
-AC_REVISION($Revision: 1.2 $)
+AC_REVISION($Revision: 1.3 $)
 AC_PREREQ(2.62)
 test -z "$CFLAGS" && CFLAGS="-g"
 AC_INIT([Heimdal],[7.99.1],[https://github.com/heimdal/heimdal/issues])
@@ -514,6 +514,7 @@
 rk_DLADDR
 
 AC_CHECK_GETPWNAM_R_POSIX
+AC_CHECK_GETPWUID_R_POSIX
 
 dnl detect doors on solaris
 if test "$enable_pthread_support" != no; then
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/kcm/client.c
--- a/crypto/external/bsd/heimdal/dist/kcm/client.c     Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/kcm/client.c     Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: client.c,v 1.2 2017/01/28 21:31:44 christos Exp $      */
+/*     $NetBSD: client.c,v 1.3 2017/09/08 15:29:43 christos Exp $      */
 
 /*
  * Copyright (c) 2005, PADL Software Pty Ltd.
@@ -174,8 +174,10 @@
        if (matches == 0)
            matches = sscanf(name,"%ld",&uid);
        if (matches == 1) {
-           struct passwd *pwd = getpwuid(uid);
-           if (pwd != NULL) {
+           struct passwd pw, *pwd = NULL;
+           char pwbuf[2048];
+
+           if (rk_getpwuid_r(getuid(), &pw, pwbuf, sizeof(pwbuf), &pwd) == 0) {
                gid_t gid = pwd->pw_gid;
                kcm_chown(context, client, ccache, uid, gid);
            }
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/kcm/config.c
--- a/crypto/external/bsd/heimdal/dist/kcm/config.c     Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/kcm/config.c     Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: config.c,v 1.2 2017/01/28 21:31:44 christos Exp $      */
+/*     $NetBSD: config.c,v 1.3 2017/09/08 15:29:43 christos Exp $      */
 
 /*
  * Copyright (c) 2005, PADL Software Pty Ltd.
@@ -159,28 +159,33 @@
 {
     uid_t uid = 0;
     gid_t gid = 0;
-    struct passwd *pw;
     struct group *gr;
     int uid_p = 0;
     int gid_p = 0;
+    struct passwd pw, *pwd = NULL;
+    char pwbuf[2048];
 
     if (system_user != NULL) {
        if (isdigit((unsigned char)system_user[0])) {
-           pw = getpwuid(atoi(system_user));
+           if (rk_getpwuid_r(atoi(system_user), &pw, pwbuf, sizeof(pwbuf),
+               &pwd) != 0)
+                   pwd = NULL;
        } else {
-           pw = getpwnam(system_user);
+           if (rk_getpwnam_r(system_user, &pw, pwbuf, sizeof(pwbuf),
+               &pwd) != 0)
+                   pwd = NULL;
        }
-       if (pw == NULL) {
+       if (pwd == NULL) {
            return errno;
        }
 
-       system_user = strdup(pw->pw_name);
+       system_user = strdup(pwd->pw_name);
        if (system_user == NULL) {
            return ENOMEM;
        }
 
-       uid = pw->pw_uid; uid_p = 1;
-       gid = pw->pw_gid; gid_p = 1;
+       uid = pwd->pw_uid; uid_p = 1;
+       gid = pwd->pw_gid; gid_p = 1;
     }
 
     if (system_group != NULL) {
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/lib/hx509/softp11.c
--- a/crypto/external/bsd/heimdal/dist/lib/hx509/softp11.c      Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/lib/hx509/softp11.c      Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: softp11.c,v 1.2 2017/01/28 21:31:48 christos Exp $     */
+/*     $NetBSD: softp11.c,v 1.3 2017/09/08 15:29:43 christos Exp $     */
 
 /*
  * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan
@@ -833,9 +833,11 @@
         home = getenv("HOME");
     }
     if (fn == NULL && home == NULL) {
-        struct passwd *pw = getpwuid(getuid());
-        if(pw != NULL)
-            home = pw->pw_dir;
+       struct passwd pw, *pwd = NULL;
+       char pwbuf[2048];
+
+       if (rk_getpwuid_r(getuid(), &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
+            home = pwd->pw_dir;
     }
     if (fn == NULL) {
         if (home) {
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c
--- a/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c   Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c   Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: config_file.c,v 1.2 2017/01/28 21:31:49 christos Exp $ */
+/*     $NetBSD: config_file.c,v 1.3 2017/09/08 15:29:43 christos Exp $ */
 
 /*
  * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
@@ -441,9 +441,11 @@
            home = getenv("HOME");
 
        if (home == NULL) {
-           struct passwd *pw = getpwuid(getuid());
-           if(pw != NULL)
-               home = pw->pw_dir;
+           struct passwd pw, *pwd = NULL;
+           char pwbuf[2048];
+
+           if (rk_getpwuid_r(getuid(), &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
+               home = pwd->pw_dir;
        }
        if (home) {
            int aret;
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/lib/krb5/get_default_principal.c
--- a/crypto/external/bsd/heimdal/dist/lib/krb5/get_default_principal.c Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/lib/krb5/get_default_principal.c Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: get_default_principal.c,v 1.2 2017/01/28 21:31:49 christos Exp $       */
+/*     $NetBSD: get_default_principal.c,v 1.3 2017/09/08 15:29:43 christos Exp $       */
 
 /*
  * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
@@ -78,9 +78,11 @@
        else
            ret = krb5_make_principal(context, princ, NULL, "root", NULL);
     } else {
-       struct passwd *pw = getpwuid(uid);
-       if(pw != NULL)
-           user = pw->pw_name;
+       struct passwd pw, *pwd = NULL;
+       char pwbuf[2048];
+
+       if (rk_getpwuid_r(uid, &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
+           user = pwd->pw_name;
        else {
            user = get_env_user();
            if(user == NULL)
diff -r fbc7dd30c338 -r c2317c6d2a48 crypto/external/bsd/heimdal/dist/lib/roken/getxxyyy.c
--- a/crypto/external/bsd/heimdal/dist/lib/roken/getxxyyy.c     Fri Sep 08 14:57:44 2017 +0000
+++ b/crypto/external/bsd/heimdal/dist/lib/roken/getxxyyy.c     Fri Sep 08 15:29:43 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: getxxyyy.c,v 1.2 2017/01/28 21:31:50 christos Exp $    */
+/*     $NetBSD: getxxyyy.c,v 1.3 2017/09/08 15:29:43 christos Exp $    */
 
 /*
  * Copyright (c) 2011 Kungliga Tekniska Högskolan
@@ -39,11 +39,65 @@
 
 #ifdef TEST_GETXXYYY
 #undef rk_getpwnam_r
+#undef rk_getpwuid_r
 
 ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL
 rk_getpwnam_r(const char *, struct passwd *, char *, size_t, struct passwd **);
+ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL
+rk_getpwuid_r(uid_t, struct passwd *, char *, size_t, struct passwd **);
 #endif
 
+#if !defined(POSIX_GETPWUID_R) || !defined(POSIX_GETPWNAM_R) || defined(TEST_GETXXYYY)
+static void
+copypw(struct passwd *pwd, char *buffer, size_t bufsize, const struct passwd *p)
+{
+     memset(pwd, 0, sizeof(*pwd));
+
+#define APPEND(el)                                     \
+do {                                                   \
+     slen = strlen(p->el) + 1;                         \
+     if (slen > bufsize) return (errno = ENOMEM);      \
+     memcpy(buffer, p->el, slen);                      \
+     pwd->el = buffer;                                 \
+     buffer += slen;                                   \
+     bufsize -= slen;                                  \
+} while(0)
+     
+     APPEND(pw_name);
+     if (p->pw_passwd)
+        APPEND(pw_name);
+     pwd->pw_uid = p->pw_uid;
+     pwd->pw_gid = p->pw_gid;
+     APPEND(pw_gecos);
+     APPEND(pw_dir);
+     APPEND(pw_shell);
+}
+
+#if !defined(POSIX_GETPWUID_R) || defined(TEST_GETXXYYY)
+/*
+ * At least limit the race between threads
+ */
+
+ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL
+rk_getpwnam_r(const char *name, struct passwd *pwd, char *buffer,
+             size_t bufsize, struct passwd **result)
+{
+     struct passwd *p;
+     size_t slen, n = 0;
+     
+     *result = NULL;
+
+     p = getpwnam(name);
+     if(p == NULL)
+        return (errno = ENOENT);
+        
+     copypw(pwd, buffer, bufsize, p);
+
+     *result = pwd;
+
+     return 0;
+}
+
 #if !defined(POSIX_GETPWNAM_R) || defined(TEST_GETXXYYY)
 
 /*
@@ -63,26 +117,7 @@
      if(p == NULL)
         return (errno = ENOENT);
         
-     memset(pwd, 0, sizeof(*pwd));
-
-#define APPEND(el)                                     \
-do {                                                   \
-     slen = strlen(p->el) + 1;                         \
-     if (slen > bufsize) return (errno = ENOMEM);      \
-     memcpy(buffer, p->el, slen);                      \
-     pwd->el = buffer;                                 \
-     buffer += slen;                                   \
-     bufsize -= slen;                                  \
-} while(0)
-     
-     APPEND(pw_name);
-     if (p->pw_passwd)
-        APPEND(pw_name);



Home | Main Index | Thread Index | Old Index