git: 9503ed0dfdbd - main - pam_ksu: Fix crash when no ticket is present
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 09 Aug 2025 06:17:00 UTC
The branch main has been updated by ivy:
URL: https://cgit.FreeBSD.org/src/commit/?id=9503ed0dfdbd61399ecd298c7693d570f8a7538e
commit 9503ed0dfdbd61399ecd298c7693d570f8a7538e
Author: Lexi Winter <ivy@FreeBSD.org>
AuthorDate: 2025-08-09 06:16:15 +0000
Commit: Lexi Winter <ivy@FreeBSD.org>
CommitDate: 2025-08-09 06:16:45 +0000
pam_ksu: Fix crash when no ticket is present
When building with MIT Kerberos, pam_ksu crashes if the user doesn't
have a ticket because default_principal is never populated in
get_su_principal().
Change the compatibility function to use krb5_build_principal_alloc_va
instead, and make its interface compatible with the equivalent Heimdal
function.
Despite what the comment says, we do free the default principal later
in get_su_principal() so this shouldn't cause any leaks.
Reviewed by: des, philip, cy, jhb
Differential Revision: https://reviews.freebsd.org/D51829
---
lib/libpam/modules/pam_ksu/pam_ksu.c | 31 ++++---------------------------
1 file changed, 4 insertions(+), 27 deletions(-)
diff --git a/lib/libpam/modules/pam_ksu/pam_ksu.c b/lib/libpam/modules/pam_ksu/pam_ksu.c
index 002613188d8c..04c276a423d3 100644
--- a/lib/libpam/modules/pam_ksu/pam_ksu.c
+++ b/lib/libpam/modules/pam_ksu/pam_ksu.c
@@ -58,24 +58,13 @@ static int auth_krb5(pam_handle_t *, krb5_context, const char *,
#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT
-/*
- * XXX We will replace krb5_build_principal_va() with
- * XXX krb5_build_principal_alloc_va() when Heimdal is finally
- * XXX removed.
- */
-krb5_error_code KRB5_CALLCONV
-krb5_build_principal_va(krb5_context context,
- krb5_principal princ,
- unsigned int rlen,
- const char *realm,
- va_list ap);
typedef char *heim_general_string;
typedef heim_general_string Realm;
typedef Realm krb5_realm;
typedef const char *krb5_const_realm;
static krb5_error_code
-krb5_make_principal(krb5_context context, krb5_principal principal,
+krb5_make_principal(krb5_context context, krb5_principal *principal,
krb5_const_realm realm, ...)
{
krb5_realm temp_realm = NULL;
@@ -88,15 +77,9 @@ krb5_make_principal(krb5_context context, krb5_principal principal,
realm=temp_realm;
}
va_start(ap, realm);
- /*
- * XXX Ideally we should be using krb5_build_principal_alloc_va()
- * XXX here because krb5_build_principal_va() is deprecated. But,
- * XXX this would require changes elsewhere in the calling code
- * XXX to call krb5_free_principal() elsewhere to free the
- * XXX principal. We can do that after Heimdal is removed from
- * XXX our tree.
- */
- rc = krb5_build_principal_va(context, principal, strlen(realm), realm, ap);
+
+ rc = krb5_build_principal_alloc_va(context, principal, strlen(realm),
+ realm, ap);
va_end(ap);
if (temp_realm)
free(temp_realm);
@@ -273,13 +256,7 @@ get_su_principal(krb5_context context, const char *target_user, const char *curr
if (rv != 0)
return (errno);
if (default_principal == NULL) {
-#ifdef MK_MITKRB5
- /* For MIT KRB5. */
- rv = krb5_make_principal(context, default_principal, NULL, current_user, NULL);
-#else
- /* For Heimdal. */
rv = krb5_make_principal(context, &default_principal, NULL, current_user, NULL);
-#endif
if (rv != 0) {
PAM_LOG("Could not determine default principal name.");
return (rv);