1
diff -urN Linux-PAM-0.72.orig/modules/pam_filter/pam_filter.c Linux-PAM-0.72/modules/pam_filter/pam_filter.c
2
--- Linux-PAM-0.72.orig/modules/pam_filter/pam_filter.c Sun Dec 31 05:06:58 2000
3
+++ Linux-PAM-0.72/modules/pam_filter/pam_filter.c Sun Dec 31 05:11:05 2000
6
#include <sys/socket.h>
16
char terminal[TERMINAL_LEN];
17
- struct termio stored_mode; /* initial terminal mode settings */
18
+ struct termios stored_mode; /* initial terminal mode settings */
19
int fd[2], child=0, child2=0, aterminal;
21
if (filtername == NULL || *filtername != '/') {
24
/* this is termio terminal handling... */
26
- if (ioctl(STDIN_FILENO, TCGETA, (char *) &stored_mode ) < 0) {
27
+ if (tcgetattr(STDIN_FILENO, &stored_mode) < 0) {
28
/* in trouble, so close down */
30
_pam_log(LOG_CRIT, "couldn't copy terminal mode");
33
- struct termio t_mode = stored_mode;
34
+ struct termios t_mode = stored_mode;
36
t_mode.c_iflag = 0; /* no input control */
37
t_mode.c_oflag &= ~OPOST; /* no ouput post processing */
39
t_mode.c_cc[VMIN] = 1; /* number of chars to satisfy a read */
40
t_mode.c_cc[VTIME] = 0; /* 0/10th second for chars */
42
- if (ioctl(STDIN_FILENO, TCSETA, (char *) &t_mode) < 0) {
43
+ if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_mode) < 0) {
45
_pam_log(LOG_WARNING, "couldn't put terminal in RAW mode");
49
_pam_log(LOG_WARNING,"first fork failed");
51
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
52
+ (void) tcsetattr(STDIN_FILENO, TCSAFLUSH, &stored_mode);
57
/* initialize the child's terminal to be the way the
58
parent's was before we set it into RAW mode */
60
- if (ioctl(fd[1], TCSETA, (char *) &stored_mode) < 0) {
61
+ if (tcsetattr(fd[1], TCSANOW, &stored_mode) < 0) {
62
_pam_log(LOG_WARNING,"cannot set slave terminal mode; %s"
68
/* reset to initial terminal mode */
69
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
70
+ (void) tcsetattr(STDIN_FILENO, TCSANOW, &stored_mode);
73
if (ctrl & FILTER_DEBUG) {
74
diff -urN Linux-PAM-0.72.orig/modules/pam_limits/pam_limits.c Linux-PAM-0.72/modules/pam_limits/pam_limits.c
75
--- Linux-PAM-0.72.orig/modules/pam_limits/pam_limits.c Sun Dec 31 05:06:58 2000
76
+++ Linux-PAM-0.72/modules/pam_limits/pam_limits.c Sun Dec 31 05:12:25 2000
78
limit_item = RLIMIT_NOFILE;
79
else if (strcmp(lim_item, "memlock") == 0)
80
limit_item = RLIMIT_MEMLOCK;
82
else if (strcmp(lim_item, "as") == 0)
83
limit_item = RLIMIT_AS;
85
else if (strcmp(lim_item, "maxlogins") == 0) {
86
limit_item = LIMIT_LOGIN;
87
flag_numsyslogins = 0;
98
diff -urN Linux-PAM-0.72.orig/modules/pam_rhosts/Makefile Linux-PAM-0.72/modules/pam_rhosts/Makefile
99
--- Linux-PAM-0.72.orig/modules/pam_rhosts/Makefile Sun Dec 31 05:06:59 2000
100
+++ Linux-PAM-0.72/modules/pam_rhosts/Makefile Sun Dec 31 05:09:14 2000
102
ifeq ($(shell if [ -f /usr/include/fsuid.h ]; then echo yes ; fi),yes)
103
CFLAGS += -DHAVE_FSUID_H
105
-ifeq ($(shell if [ -f /usr/include/sys/fsuid.h ]; then echo yes ; fi),yes)
106
- CFLAGS += -DHAVE_SYS_FSUID_H -D_GNU_SOURCE
108
+#ifeq ($(shell if [ -f /usr/include/sys/fsuid.h ]; then echo yes ; fi),yes)
109
+ #CFLAGS += -DHAVE_SYS_FSUID_H -D_GNU_SOURCE
111
ifeq ($(shell if [ -f /usr/include/endian.h ]; then echo yes ; fi),yes)
112
CFLAGS += -DHAVE_ENDIAN_H
114
+ifeq ($(shell if [ -f /usr/include/net/if.h ]; then echo yes ; fi),yes)
115
+ CFLAGS += -DHAVE_NET_IF_H
118
####################### don't edit below #######################
119
diff -urN Linux-PAM-0.72.orig/modules/pam_rhosts/pam_rhosts_auth.c Linux-PAM-0.72/modules/pam_rhosts/pam_rhosts_auth.c
120
--- Linux-PAM-0.72.orig/modules/pam_rhosts/pam_rhosts_auth.c Sun Dec 31 05:06:59 2000
121
+++ Linux-PAM-0.72/modules/pam_rhosts/pam_rhosts_auth.c Sun Dec 31 05:09:14 2000
123
#include <sys/fsuid.h>
126
+#ifdef HAVE_NET_IF_H
130
#include <sys/types.h>
134
#include <sys/time.h>
135
#include <arpa/inet.h>
138
-#define MAXDNAME 256
145
-#ifdef HAVE_SYS_FSUID_H
146
-#include <sys/fsuid.h>
151
#include <sys/file.h>
153
#include <security/pam_modules.h>
154
#include <security/_pam_macros.h>
156
+#ifdef _ISOC9X_SOURCE
157
+#include <inttypes.h>
158
+#define U32 uint32_t
160
/* to the best of my knowledge, all modern UNIX boxes have 32 bit integers */
161
#define U32 unsigned int
162
+#endif /* _ISOC9X_SOURCE */
166
@@ -359,11 +359,27 @@
167
register const char *user;
170
+#ifdef MAXHOSTNAMELEN
171
char buf[MAXHOSTNAMELEN + 128]; /* host + login */
173
+ char *buf = NULL, *old_buf = 0;
174
+ size_t buf_len = 0;
177
+#ifdef MAXHOSTNAMELEN
178
buf[sizeof (buf)-1] = '\0'; /* terminate line */
180
- while (fgets(buf, sizeof(buf), hostf) != NULL) { /* hostf file line */
181
+ while (fgets(buf, sizeof(buf), hostf) != NULL) /* hostf file line */
183
+ while (getline(&buf, &buf_len, hostf) > 0)
186
+#ifndef MAXHOSTNAMELEN
192
p = buf; /* from beginning of file.. */
194
/* Skip empty or comment lines */
199
+#ifdef MAXHOSTNAMELEN
200
/* Skip lines that are too long. */
201
if (strchr(p, '\n') == NULL) {
202
int ch = getc(hostf);
210
* If there is a hostname at the start of the line. Set it to
212
/* Neither, go on looking for match */
215
+#ifndef MAXHOSTNAMELEN
227
char pbuf[MAXPATHLEN]; /* potential buffer overrun */
232
if ((!superuser||opts->opt_hosts_equiv_rootok) && !opts->opt_no_hosts_equiv ) {
239
/* check for buffer overrun */
240
if (strlen(pwd->pw_dir) + sizeof(USER_RHOSTS_FILE) + 2 >= MAXPATHLEN) {
244
(void) strcpy(pbuf, pwd->pw_dir);
245
(void) strcat(pbuf, USER_RHOSTS_FILE);
248
+ long int pbuf_len = strlen(pwd->pw_dir) + sizeof(USER_RHOSTS_FILE);
250
+ pbuf = (char *)malloc(pbuf_len + 1);
252
+ if (opts->opt_debug)
253
+ _pam_log(LOG_DEBUG,
254
+ "not enough memory to store home directory for `%s'", luser);
257
+ snprintf(pbuf, pbuf_len, "%s%s", pwd->pw_dir, USER_RHOSTS_FILE);
258
+ path_max = pathconf(pbuf, _PC_PATH_MAX);
259
+ if(!(path_max == -1 && !errno) && pbuf_len >= path_max) {
260
+ if (opts->opt_debug)
261
+ _pam_log(LOG_DEBUG,"home directory for `%s' is too long",luser);
262
+ return 1; /* to dangerous to try */
268
* Change effective uid while _reading_ .rhosts. (not just
272
(void) fclose(hostf);
279
diff -urN Linux-PAM-0.72.orig/modules/pam_unix/unix_chkpwd.c Linux-PAM-0.72/modules/pam_unix/unix_chkpwd.c
280
--- Linux-PAM-0.72.orig/modules/pam_unix/unix_chkpwd.c Sun Dec 31 05:06:59 2000
281
+++ Linux-PAM-0.72/modules/pam_unix/unix_chkpwd.c Sun Dec 31 05:09:14 2000
284
static void su_sighandler(int sig)
286
+#ifndef SA_RESETHAND
287
+ /* emulate the behavior of the SA_RESETHAND flag */
288
+ if (sig == SIGILL || sig == SIGTRAP || sig == SIGBUS || sig == SIGSEGV)
289
+ signal(sig, SIG_DFL);
292
_log_err(LOG_NOTICE, "caught signal %d.", sig);
296
(void) memset((void *) &action, 0, sizeof(action));
297
action.sa_handler = su_sighandler;
299
action.sa_flags = SA_RESETHAND;
301
(void) sigaction(SIGILL, &action, NULL);
302
(void) sigaction(SIGTRAP, &action, NULL);
303
(void) sigaction(SIGBUS, &action, NULL);