Date: Sat, 29 Nov 2003 02:23:07 +0300 (MSK) From: Nick Leuta <skynick@mail.sc.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/59776: ftpd(8)/FreeBSD 5: PAM "session" code is unreachable Message-ID: <20031128232307.E850949A29@chuck2.lstu> Resent-Message-ID: <200311282330.hASNUQ78048315@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 59776 >Category: bin >Synopsis: ftpd(8)/FreeBSD 5: PAM "session" code is unreachable >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Nov 28 15:30:23 PST 2003 >Closed-Date: >Last-Modified: >Originator: Nick Leuta >Release: FreeBSD 4.9-RC i386 >Organization: Lipetsk State Technical University >Environment: System: FreeBSD skynick.stu.lipetsk.ru 4.9-RC FreeBSD 4.9-RC #0: Sun Nov 23 19:53:55 MSK 2003 root@skynick.stu.lipetsk.ru:/usr/src/sys/compile/CORSAIR i386 >Description: The global "pam_handle_t *pamh" variable is redeclared in the auth_pam() function, so the global "*pamh" will always be NULL and so the pam_open_session() call will always be unreachable. >How-To-Repeat: Put the pam_deny.so module into the "session" group as a required module and see the logs... >Fix: diff -urN ftpd.ORI/ftpd.c ftpd/ftpd.c --- ftpd.ORI/ftpd.c Sat Nov 15 14:08:26 2003 +++ ftpd/ftpd.c Wed Nov 26 01:49:26 2003 @@ -1162,13 +1162,15 @@ LOGIN_SETMAC); #endif #ifdef USE_PAM - if ((e = pam_setcred(pamh, PAM_DELETE_CRED)) != PAM_SUCCESS) - syslog(LOG_ERR, "pam_setcred: %s", pam_strerror(pamh, e)); - if ((e = pam_close_session(pamh,0)) != PAM_SUCCESS) - syslog(LOG_ERR, "pam_close_session: %s", pam_strerror(pamh, e)); - if ((e = pam_end(pamh, e)) != PAM_SUCCESS) - syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e)); - pamh = NULL; + if (pamh) { + if ((e = pam_setcred(pamh, PAM_DELETE_CRED)) != PAM_SUCCESS) + syslog(LOG_ERR, "pam_setcred: %s", pam_strerror(pamh, e)); + if ((e = pam_close_session(pamh,0)) != PAM_SUCCESS) + syslog(LOG_ERR, "pam_close_session: %s", pam_strerror(pamh, e)); + if ((e = pam_end(pamh, e)) != PAM_SUCCESS) + syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e)); + pamh = NULL; + } #endif logged_in = 0; guest = 0; @@ -1238,7 +1240,6 @@ static int auth_pam(struct passwd **ppw, const char *pass) { - pam_handle_t *pamh = NULL; const char *tmpl_user; const void *item; int rval; @@ -1249,6 +1250,7 @@ e = pam_start("ftpd", (*ppw)->pw_name, &conv, &pamh); if (e != PAM_SUCCESS) { syslog(LOG_ERR, "pam_start: %s", pam_strerror(pamh, e)); + /* pamh is NULL */ return -1; } @@ -1256,6 +1258,10 @@ if (e != PAM_SUCCESS) { syslog(LOG_ERR, "pam_set_item(PAM_RHOST): %s", pam_strerror(pamh, e)); + if ((e = pam_end(pamh, e)) != PAM_SUCCESS) { + syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e)); + } + pamh = NULL; return -1; } >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031128232307.E850949A29>