[SCM] pam wrapper repository - branch master updated
Andreas Schneider
asn at samba.org
Fri Nov 10 14:31:09 UTC 2023
The branch, master has been updated
via 164d598 tests: Define PATH_MAX for Hurd.
via 9023c89 doc/pam_matrix.8: Fix typo 'allows to'.
via 7bd24b0 die quickly upon mkdir failure
from b223df9 Bump version to 1.1.5
https://git.samba.org/?p=pam_wrapper.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 164d598f34da901cb9eb4fd164475ed38715341a
Author: Simon Josefsson <simon at josefsson.org>
Date: Tue Aug 22 08:53:30 2023 +0200
tests: Define PATH_MAX for Hurd.
Signed-off-by: Simon Josefsson <simon at josefsson.org>
Reviewed-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Pavel Filipenský <pfilipensky at samba.org>
commit 9023c89459d3ad1fe28d211a0da6b69e6f3f7d64
Author: Simon Josefsson <simon at josefsson.org>
Date: Fri Aug 18 11:25:54 2023 +0200
doc/pam_matrix.8: Fix typo 'allows to'.
Signed-off-by: Simon Josefsson <simon at josefsson.org>
Reviewed-by: Andreas Schneider <asn at cryptomilk.org>
Reviewed-by: Pavel Filipenský <pfilipensky at samba.org>
commit 7bd24b0e54995da5f333575f97c9f1fa796fe0f1
Author: Jan Kundrát <jan.kundrat at cesnet.cz>
Date: Mon Nov 6 18:34:58 2023 +0100
die quickly upon mkdir failure
We just had this failure in our CI system that's currently running just
three PAM-wrapped tests in parallel. Since this is a classic TOCTOU race
(albeit in a test code, and therefore with little to no security
implications), the `mkdir` can fail, and when that happens it's much
better to just die quickly rather than continuing as if nothing
happened.
Signed-off-by: Jan Kundrát <jan.kundrat at cesnet.cz>
Reviewed-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Andreas Schneider <asn at cryptomilk.org>
-----------------------------------------------------------------------
Summary of changes:
doc/pam_matrix.8 | 2 +-
doc/pam_matrix.8.txt | 2 +-
src/modules/pam_matrix.c | 4 ++++
src/pam_wrapper.c | 2 ++
4 files changed, 8 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/doc/pam_matrix.8 b/doc/pam_matrix.8
index 80d5190..23ba1fa 100644
--- a/doc/pam_matrix.8
+++ b/doc/pam_matrix.8
@@ -34,7 +34,7 @@ pam_matrix \- A PAM test module to retrieve module\-specific PAM items
pam_matrix\&.so [\&...]
.SH "DESCRIPTION"
.sp
-Testing PAM application often requires to set up an authentication backend with as little effort as possible\&. The \fBpam_matrix\fR module allows to authenticate against a key\-value text file, provided by an option or with an environment variable\&.
+Testing PAM application often requires to set up an authentication backend with as little effort as possible\&. The \fBpam_matrix\fR module allows one to authenticate against a key\-value text file, provided by an option or with an environment variable\&.
.SH "IMPORTANT"
.sp
pam_matrix is a \fBtest tool\fR\&. It should be considered completely insecure and never used outside test environments! As you\(cqll see when reading description of the options and actions, many of them don\(cqt make any sense in the real world and were added just to make tests possible\&.
diff --git a/doc/pam_matrix.8.txt b/doc/pam_matrix.8.txt
index fb54f05..b15b11a 100644
--- a/doc/pam_matrix.8.txt
+++ b/doc/pam_matrix.8.txt
@@ -14,7 +14,7 @@ pam_matrix.so [...]
DESCRIPTION
-----------
Testing PAM application often requires to set up an authentication backend with
-as little effort as possible. The *pam_matrix* module allows to authenticate
+as little effort as possible. The *pam_matrix* module allows one to authenticate
against a key-value text file, provided by an option or with an environment
variable.
diff --git a/src/modules/pam_matrix.c b/src/modules/pam_matrix.c
index 6fb6a2f..cc6fbf3 100644
--- a/src/modules/pam_matrix.c
+++ b/src/modules/pam_matrix.c
@@ -33,6 +33,10 @@
#include <time.h>
#include <stdint.h>
+#ifndef PATH_MAX
+#define PATH_MAX 4096
+#endif
+
#ifndef discard_const
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
#endif
diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c
index da2c738..66673f0 100644
--- a/src/pam_wrapper.c
+++ b/src/pam_wrapper.c
@@ -893,6 +893,7 @@ static void pwrap_init(void)
PWRAP_LOG(PWRAP_LOG_ERROR,
"Failed to create pam_wrapper config dir: %s - %s",
tmp_config_dir, strerror(errno));
+ exit(1);
}
/* Create file with the PID of the the process */
@@ -1121,6 +1122,7 @@ static void pwrap_init(void)
PWRAP_LOG(PWRAP_LOG_ERROR,
"Failed to create pam_wrapper config dir: %s - %s",
tmp_config_dir, strerror(errno));
+ exit(1);
}
/* Create file with the PID of the the process */
--
pam wrapper repository
More information about the samba-cvs
mailing list