summaryrefslogtreecommitdiffstats
path: root/redhat/applications/smartcardauth
diff options
context:
space:
mode:
Diffstat (limited to 'redhat/applications/smartcardauth')
-rw-r--r--redhat/applications/smartcardauth/smartcardauth-14.0.0.patch380
1 files changed, 0 insertions, 380 deletions
diff --git a/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch b/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch
deleted file mode 100644
index f6a7a2595..000000000
--- a/redhat/applications/smartcardauth/smartcardauth-14.0.0.patch
+++ /dev/null
@@ -1,380 +0,0 @@
-diff --git a/src/ckpass.c b/src/ckpass.c
-index 1da83c6..f3a14d0 100644
---- a/src/ckpass.c
-+++ b/src/ckpass.c
-@@ -8,6 +8,8 @@
- ** or PAM.
- */
-
-+extern x_malloc(size_t size, const char *file, int line);
-+
- /* Used for unused parameters to silence gcc warnings. */
- #define UNUSED __attribute__((__unused__))
-
-@@ -46,7 +48,7 @@
- number information for debugging error messages without the user having to
- pass those in every time. */
- #define xcalloc(n, size) x_calloc((n), (size), __FILE__, __LINE__)
--#define xmalloc(size) x_malloc((size), __FILE__, __LINE__)
-+#define smartcardauth_xmalloc(size) x_malloc((size), __FILE__, __LINE__)
- #define xrealloc(p, size) x_realloc((p), (size), __FILE__, __LINE__)
- #define xstrdup(p) x_strdup((p), __FILE__, __LINE__)
- #define xstrndup(p, size) x_strndup((p), (size), __FILE__, __LINE__)
-@@ -71,7 +73,7 @@ struct auth_info {
- ** This function allocates an array of struct pam_response to return to the
- ** PAM libraries that's never freed. For this program, this isn't much of an
- ** issue, since it will likely only be called once and then the program will
--** exit. This function uses malloc and strdup instead of xmalloc and xstrdup
-+** exit. This function uses malloc and strdup instead of smartcardauth_xmalloc and xstrdup
- ** intentionally so that the PAM conversation will be closed cleanly if we
- ** run out of memory rather than simply terminated.
- **
-@@ -82,8 +84,9 @@ static int pass_conv(int num_msg, const struct pam_message **msgm UNUSED, struct
- int i;
-
- *response = malloc(num_msg * sizeof(struct pam_response));
-- if (*response == NULL)
-+ if (*response == NULL) {
- return PAM_CONV_ERR;
-+ }
- for (i = 0; i < num_msg; i++) {
- (*response)[i].resp = strdup((char *)appdata_ptr);
- (*response)[i].resp_retcode = 0;
-@@ -115,17 +118,21 @@ static bool auth_pam(const char *username, char *password)
- conv.conv = pass_conv;
- conv.appdata_ptr = password;
- status = pam_start("nnrpd", username, &conv, &pamh);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_start failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_authenticate(pamh, PAM_SILENT);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_authenticate failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_acct_mgmt(pamh, PAM_SILENT);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_acct_mgmt failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_end(pamh, status);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_end failed: %s", pam_strerror(pamh, status));
-+ }
-
- /* If we get to here, the user successfully authenticated. */
- return true;
-@@ -153,8 +160,9 @@ password_dbm(char *name, const char *file)
- char *password;
-
- database = dbm_open(file, O_RDONLY, 0600);
-- if (database == NULL)
-+ if (database == NULL) {
- return NULL;
-+ }
- key.dptr = name;
- key.dsize = strlen(name);
- value = dbm_fetch(database, key);
-@@ -162,7 +170,7 @@ password_dbm(char *name, const char *file)
- dbm_close(database);
- return NULL;
- }
-- password = xmalloc(value.dsize + 1);
-+ password = smartcardauth_xmalloc(value.dsize + 1);
- strlcpy(password, value.dptr, value.dsize + 1);
- dbm_close(database);
- return password;
-@@ -188,8 +196,10 @@ password_shadow(const char *user)
- struct spwd *spwd;
-
- spwd = getspnam(user);
-- if (spwd != NULL)
-- return xstrdup(spwd->sp_pwdp);
-+ if (spwd != NULL) {
-+ char* ret = xstrdup(spwd->sp_pwdp);
-+ return ret;
-+ }
- return NULL;
- }
- #endif /* HAVE_GETSPNAM */
-@@ -206,8 +216,10 @@ password_system(const char *username)
- struct passwd *pwd;
-
- pwd = getpwnam(username);
-- if (pwd != NULL)
-- return xstrdup(pwd->pw_passwd);
-+ if (pwd != NULL) {
-+ char* ret = xstrdup(pwd->pw_passwd);
-+ return ret;
-+ }
- return NULL;
- }
-
-@@ -225,12 +237,15 @@ group_system(const char *username)
- struct group *gr;
-
- pwd = getpwnam(username);
-- if (pwd == NULL)
-+ if (pwd == NULL) {
- return NULL;
-+ }
- gr = getgrgid(pwd->pw_gid);
-- if (gr == NULL)
-+ if (gr == NULL) {
- return NULL;
-- return xstrdup(gr->gr_name);
-+ }
-+ char* ret = xstrdup(gr->gr_name);
-+ return ret;
- }
-
-
-@@ -242,12 +257,13 @@ output_user(const char *username, bool wantgroup)
- {
- if (wantgroup) {
- char *group = group_system(username);
-- if (group == NULL)
-+ if (group == NULL) {
- die("group info for user %s not available", username);
-+ }
- printf("User:%s@%s\n", username, group);
-- }
-- else
-+ } else {
- printf("User:%s\n", username);
-+ }
- }
-
-
-@@ -264,7 +280,7 @@ check_password(const char* username, const char* password)
- bool wantgroup = false;
- struct auth_info *authinfo = NULL;
-
-- authinfo = xmalloc(sizeof(struct auth_info));
-+ authinfo = smartcardauth_xmalloc(sizeof(struct auth_info));
- authinfo->username = username;
- authinfo->password = password;
-
-@@ -273,12 +289,14 @@ check_password(const char* username, const char* password)
- return 0;
- }
- password = password_system(authinfo->username);
-- if (password == NULL)
-+ if (password == NULL) {
- return 1;
-- if (strcmp(password, crypt(authinfo->password, password)) != 0)
-+ }
-+ if (strcmp(password, crypt(authinfo->password, password)) != 0) {
- return 1;
-+ }
-
- /* The password matched. */
- output_user(authinfo->username, wantgroup);
- return 0;
--}
-\ No newline at end of file
-+}
-diff --git a/src/ckpasswd.c b/src/ckpasswd.c
-index 9dbdbcf..a0faa15 100644
---- a/src/ckpasswd.c
-+++ b/src/ckpasswd.c
-@@ -83,8 +83,9 @@ static int pass_conv(int num_msg, const struct pam_message **msgm UNUSED, struct
- int i;
-
- *response = malloc(num_msg * sizeof(struct pam_response));
-- if (*response == NULL)
-+ if (*response == NULL) {
- return PAM_CONV_ERR;
-+ }
- for (i = 0; i < num_msg; i++) {
- (*response)[i].resp = strdup((char *)appdata_ptr);
- (*response)[i].resp_retcode = 0;
-@@ -116,17 +117,21 @@ static bool auth_pam(const char *username, char *password)
- conv.conv = pass_conv;
- conv.appdata_ptr = password;
- status = pam_start("nnrpd", username, &conv, &pamh);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_start failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_authenticate(pamh, PAM_SILENT);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_authenticate failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_acct_mgmt(pamh, PAM_SILENT);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_acct_mgmt failed: %s", pam_strerror(pamh, status));
-+ }
- status = pam_end(pamh, status);
-- if (status != PAM_SUCCESS)
-+ if (status != PAM_SUCCESS) {
- die("pam_end failed: %s", pam_strerror(pamh, status));
-+ }
-
- /* If we get to here, the user successfully authenticated. */
- return true;
-@@ -154,8 +159,9 @@ password_dbm(char *name, const char *file)
- char *password;
-
- database = dbm_open(file, O_RDONLY, 0600);
-- if (database == NULL)
-+ if (database == NULL) {
- return NULL;
-+ }
- key.dptr = name;
- key.dsize = strlen(name);
- value = dbm_fetch(database, key);
-@@ -189,8 +195,10 @@ password_shadow(const char *user)
- struct spwd *spwd;
-
- spwd = getspnam(user);
-- if (spwd != NULL)
-- return xstrdup(spwd->sp_pwdp);
-+ if (spwd != NULL) {
-+ char* ret = xstrdup(spwd->sp_pwdp);
-+ return ret;
-+ }
- return NULL;
- }
- #endif /* HAVE_GETSPNAM */
-@@ -207,8 +215,10 @@ password_system(const char *username)
- struct passwd *pwd;
-
- pwd = getpwnam(username);
-- if (pwd != NULL)
-- return xstrdup(pwd->pw_passwd);
-+ if (pwd != NULL) {
-+ char* ret = xstrdup(pwd->pw_passwd);
-+ return ret;
-+ }
- return NULL;
- }
-
-@@ -226,12 +236,15 @@ group_system(const char *username)
- struct group *gr;
-
- pwd = getpwnam(username);
-- if (pwd == NULL)
-+ if (pwd == NULL) {
- return NULL;
-+ }
- gr = getgrgid(pwd->pw_gid);
-- if (gr == NULL)
-+ if (gr == NULL) {
- return NULL;
-- return xstrdup(gr->gr_name);
-+ }
-+ char* ret = xstrdup(gr->gr_name);
-+ return ret;
- }
-
-
-@@ -243,12 +256,13 @@ output_user(const char *username, bool wantgroup)
- {
- if (wantgroup) {
- char *group = group_system(username);
-- if (group == NULL)
-+ if (group == NULL) {
- die("group info for user %s not available", username);
-+ }
- printf("User:%s@%s\n", username, group);
-- }
-- else
-+ } else {
- printf("User:%s\n", username);
-+ }
- }
-
-
-@@ -276,29 +290,35 @@ main(int argc, char *argv[])
- while ((opt = getopt(argc, argv, "gf:u:p:" OPT_DBM OPT_SHADOW)) != -1) {
- switch (opt) {
- case 'g':
-- if (type == AUTH_DBM || type == AUTH_FILE)
-+ if (type == AUTH_DBM || type == AUTH_FILE) {
- die("-g option is incompatible with -d or -f");
-+ }
- wantgroup = true;
- break;
- case 'd':
-- if (type != AUTH_NONE)
-+ if (type != AUTH_NONE) {
- die("only one of -s, -f, or -d allowed");
-- if (wantgroup)
-+ }
-+ if (wantgroup) {
- die("-g option is incompatible with -d or -f");
-+ }
- type = AUTH_DBM;
- filename = optarg;
- break;
- case 'f':
-- if (type != AUTH_NONE)
-+ if (type != AUTH_NONE) {
- die("only one of -s, -f, or -d allowed");
-- if (wantgroup)
-+ }
-+ if (wantgroup) {
- die("-g option is incompatible with -d or -f");
-+ }
- type = AUTH_FILE;
- filename = optarg;
- break;
- case 's':
-- if (type != AUTH_NONE)
-+ if (type != AUTH_NONE) {
- die("only one of -s, -f, or -d allowed");
-+ }
- type = AUTH_SHADOW;
- break;
- case 'u':
-@@ -319,12 +339,15 @@ main(int argc, char *argv[])
- exit(1);
- }
- }
-- if (argc != optind)
-- die("extra arguments given");
-- if (authinfo != NULL && authinfo->username == NULL)
-+ if (argc != optind) {
-+ die("extra arguments given");
-+ }
-+ if (authinfo != NULL && authinfo->username == NULL) {
- die("-u option is required if -p option is given");
-- if (authinfo != NULL && authinfo->password == NULL)
-+ }
-+ if (authinfo != NULL && authinfo->password == NULL) {
- die("-p option is required if -u option is given");
-+ }
-
- // /* Unless a username or password was given on the command line, assume
- // we're being run by nnrpd. */
-@@ -339,8 +362,9 @@ main(int argc, char *argv[])
- switch (type) {
- case AUTH_SHADOW:
- password = password_shadow(authinfo->username);
-- if (password == NULL)
-+ if (password == NULL) {
- password = password_system(authinfo->username);
-+ }
- break;
- // case AUTH_FILE:
- // password = password_file(authinfo->username, filename);
-@@ -357,10 +381,12 @@ main(int argc, char *argv[])
- break;
- }
-
-- if (password == NULL)
-+ if (password == NULL) {
- die("user %s unknown", authinfo->username);
-- if (strcmp(password, crypt(authinfo->password, password)) != 0)
-+ }
-+ if (strcmp(password, crypt(authinfo->password, password)) != 0) {
- die("invalid password for user %s", authinfo->username);
-+ }
-
- /* The password matched. */
- output_user(authinfo->username, wantgroup);
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-16 23:28:35 +0000