[SCM] pam wrapper repository - branch master updated
Andreas Schneider
asn at samba.org
Thu Mar 19 11:06:47 UTC 2020
The branch, master has been updated
via e6574f6 pwrap: Add support for pam_start_confdir()
via 8ba6072 cmake: Add a check for pam_start_confdir()
via f007f04 cmake: Add link to compile database
from cb99388 gitlab-ci: Setup CI for pam_wrapper
https://git.samba.org/?p=pam_wrapper.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e6574f666cb92947b136ac0c951112b65360be7c
Author: Andreas Schneider <asn at samba.org>
Date: Fri Mar 6 17:35:28 2020 +0100
pwrap: Add support for pam_start_confdir()
This allows us to not do some ugly binary editing hacks to libpam.so.
https://github.com/linux-pam/linux-pam/commit/7a84910896d5579bd9c016696224d7d69a307bd9
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 8ba6072b7581f0b0d9ca380b0b48059d0ad1344a
Author: Andreas Schneider <asn at samba.org>
Date: Fri Mar 6 17:18:06 2020 +0100
cmake: Add a check for pam_start_confdir()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit f007f04f674f1c978d0e325c9c7ce899cefb92c1
Author: Andreas Schneider <asn at samba.org>
Date: Fri Mar 6 17:35:16 2020 +0100
cmake: Add link to compile database
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
CMakeLists.txt | 4 ++++
ConfigureChecks.cmake | 1 +
config.h.cmake | 1 +
src/pam_wrapper.c | 48 +++++++++++++++++++++++++++++++++++++++++++++++-
4 files changed, 53 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7d646da..94d7146 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -54,6 +54,10 @@ if (UNIT_TESTING)
add_subdirectory(tests)
endif (UNIT_TESTING)
+# Link compile database for clangd
+execute_process(COMMAND cmake -E create_symlink
+ "${CMAKE_BINARY_DIR}/compile_commands.json"
+ "${CMAKE_SOURCE_DIR}/compile_commands.json")
# pkg-config file
get_filename_component(PAM_WRAPPER_LIB ${PAM_WRAPPER_LOCATION} NAME)
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index ce4a7e5..1d5ca9a 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -76,6 +76,7 @@ check_library_exists(${PAM_LIBRARY} openpam_set_option "" HAVE_OPENPAM)
set(CMAKE_REQUIRED_LIBRARIES ${PAM_LIBRARY})
check_function_exists(pam_syslog HAVE_PAM_SYSLOG)
check_function_exists(pam_vsyslog HAVE_PAM_VSYSLOG)
+check_function_exists(pam_start_confdir HAVE_PAM_START_CONFDIR)
unset(CMAKE_REQUIRED_LIBRARIES)
# OPTIONS
diff --git a/config.h.cmake b/config.h.cmake
index 7e4451d..4e74315 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -20,6 +20,7 @@
#cmakedefine HAVE_PAM_VSYSLOG 1
#cmakedefine HAVE_PAM_SYSLOG 1
+#cmakedefine HAVE_PAM_START_CONFDIR 1
#cmakedefine HAVE_PAM_VPROMPT_CONST 1
#cmakedefine HAVE_PAM_PROMPT_CONST 1
diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c
index 043c00e..2a3a1d8 100644
--- a/src/pam_wrapper.c
+++ b/src/pam_wrapper.c
@@ -199,6 +199,12 @@ typedef int (*__libpam_pam_start)(const char *service_name,
const struct pam_conv *pam_conversation,
pam_handle_t **pamh);
+typedef int (*__libpam_pam_start_confdir)(const char *service_name,
+ const char *user,
+ const struct pam_conv *pam_conversation,
+ const char *confdir,
+ pam_handle_t **pamh);
+
typedef int (*__libpam_pam_end)(pam_handle_t *pamh, int pam_status);
typedef int (*__libpam_pam_authenticate)(pam_handle_t *pamh, int flags);
@@ -262,6 +268,7 @@ typedef void (*__libpam_pam_vsyslog)(const pam_handle_t *pamh,
struct pwrap_libpam_symbols {
PWRAP_SYMBOL_ENTRY(pam_start);
+ PWRAP_SYMBOL_ENTRY(pam_start_confdir);
PWRAP_SYMBOL_ENTRY(pam_end);
PWRAP_SYMBOL_ENTRY(pam_authenticate);
PWRAP_SYMBOL_ENTRY(pam_chauthtok);
@@ -397,6 +404,22 @@ static void *_pwrap_bind_symbol(enum pwrap_lib lib, const char *fn_name)
* valgrind and has probably something todo with with the linker.
* So we need load each function at the point it is called the first time.
*/
+#ifdef HAVE_PAM_START_CONFDIR
+static int libpam_pam_start_confdir(const char *service_name,
+ const char *user,
+ const struct pam_conv *pam_conversation,
+ const char *confdir,
+ pam_handle_t **pamh)
+{
+ pwrap_bind_symbol_libpam(pam_start_confdir);
+
+ return pwrap.libpam.symbols._libpam_pam_start_confdir.f(service_name,
+ user,
+ pam_conversation,
+ confdir,
+ pamh);
+}
+#else
static int libpam_pam_start(const char *service_name,
const char *user,
const struct pam_conv *pam_conversation,
@@ -410,6 +433,8 @@ static int libpam_pam_start(const char *service_name,
pamh);
}
+#endif
+
static int libpam_pam_end(pam_handle_t *pamh, int pam_status)
{
pwrap_bind_symbol_libpam(pam_end);
@@ -777,6 +802,7 @@ static void pwrap_clean_stale_dirs(const char *dir)
return;
}
+#ifndef HAVE_PAM_START_CONFDIR
static int pso_copy(const char *src, const char *dst, const char *pdir, mode_t mode)
{
#define PSO_COPY_READ_SIZE 16
@@ -895,6 +921,7 @@ out:
return rc;
#undef PSO_COPY_READ_SIZE
}
+#endif /* HAVE_PAM_START_CONFDIR */
static void pwrap_init(void)
{
@@ -904,8 +931,10 @@ static void pwrap_init(void)
struct stat sb;
int rc;
unsigned i;
+#ifndef HAVE_PAM_START_CONFDIR
char pam_library[128] = { 0 };
char libpam_path[1024] = { 0 };
+#endif
ssize_t ret;
FILE *pidfile;
char pidfile_path[1024] = { 0 };
@@ -996,6 +1025,14 @@ static void pwrap_init(void)
exit(1);
}
+#ifdef HAVE_PAM_START_CONFDIR
+ pwrap.libpam_so = strdup(PAM_LIBRARY);
+ if (pwrap.libpam_so == NULL) {
+ PWRAP_LOG(PWRAP_LOG_ERROR, "No memory");
+ p_rmdirs(pwrap.config_dir);
+ exit(1);
+ }
+#else /* HAVE_PAM_START_CONFDIR */
/* create lib subdirectory */
snprintf(libpam_path,
sizeof(libpam_path),
@@ -1080,6 +1117,9 @@ static void pwrap_init(void)
p_rmdirs(pwrap.config_dir);
exit(1);
}
+#endif /* HAVE_PAM_START_CONFDIR */
+
+ PWRAP_LOG(PWRAP_LOG_TRACE, "Using libpam path: %s", pwrap.libpam_so);
pwrap.initialised = true;
@@ -1198,11 +1238,17 @@ static int pwrap_pam_start(const char *service_name,
service_name,
user);
-#ifdef HAVE_OPENPAM
+#if defined(HAVE_OPENPAM)
return pwrap_openpam_start(service_name,
user,
pam_conversation,
pamh);
+#elif defined (HAVE_PAM_START_CONFDIR)
+ return libpam_pam_start_confdir(service_name,
+ user,
+ pam_conversation,
+ pwrap.config_dir,
+ pamh);
#else
return libpam_pam_start(service_name,
user,
--
pam wrapper repository
More information about the samba-cvs
mailing list