From nobody Sat Aug 09 06:17:00 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bzVzd0pHZz6505X; Sat, 09 Aug 2025 06:17:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bzVzc6qwQz3mn7; Sat, 09 Aug 2025 06:17:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1754720221; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cJdVdP0AWYJLarBWSr6ONAjR+AaBdTBVrwF9r3Gb4/s=; b=AH2lMXMGV+KMpZ/iXqiIisUEHeo4JXKrVwngKDgFbPxN6HDoXrBW1p6mislYOztJFVy9s8 tMDqDUV795UTu3j7GIxu/jhkKzaHajGljh2gPATcJFQu3gYYiFSulNa0j+Clw01gfWVCci c4YjF+5B7XsZtKRoLUTqq7Nh/+GbIF3xnwdOjy9PpUotpZFyQGZoQJPPR/KoXYOA+tHQ8T rVZA19HC2cKu5ZXwsiZhjI7Z5IxlltSlUGZioWELIcuAqPttdIOZB2wpoNnrcmr6J0PIHJ oUh7oZvvYWJBlGbjt/Uug/7zOq5qKwYMD6YfzHtm3TikxXkV9Q6dYiy67nhhCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1754720221; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cJdVdP0AWYJLarBWSr6ONAjR+AaBdTBVrwF9r3Gb4/s=; b=pxCtTppCN3a5gUSUe/W08RNmX0CtPAu+RJBhHV+SZeEQzkEOI79Kr4dIH2hug9dYRdC4pz vAPLKK1rkHgkjz7+1Z/gxfmouNOPetzYBFdfqQd0/27P5dVeYD2wCrjr0rhcTSCFquhoy3 HFofLjDyJBLi9+BHiFe9gFSLaPfYZjzLrTFgCZ+vOuHOJjAZKaATFEntJqYQshsDlkQXMz FM9AO+47m4pQapr84cUz0JPBHcKUyZL/VhUj9Dt+9HEKOWBqh9qq6RFvarRUoB2GVy0Pqv 75+LdT1E4Ys23S/JEvfwB/0SfRJywrtbRNr8ldfMvfWjI8OHjPLZ5iJA9dOd0w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1754720221; a=rsa-sha256; cv=none; b=jC5A7xy1inOb9oAj/iPBx4wbd1JrUNCG/Ircp+hl/GeTrddhRTUxs85J8Wts887ebnotwd xEK+ZpFU/7TDV+YgF/27Nt6ZSXTWnIFQInqLO2C+QVjctvqR/c/uqDveThhi6XBvYi6Gc3 WgmfJLgklKdQZeZm6ylzg2UorD9Mp3Zjpjp993BJFzoKRikmUktaC6sWZlnV2hK/IVQOJU adKy1UQ18fWoAp4/7hb2S7rOIZ79IQPkCMgQo/+b6sFOKzkUy3aySnlWiMCY9xhArWC+MQ sa9UsTks/HVsDB/0XxPwIFrVyV9A9jW5tQD7F9a4pYZKk0qfDL23ylQca5eLsw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bzVzc600Qz18TT; Sat, 09 Aug 2025 06:17:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5796H0nY007043; Sat, 9 Aug 2025 06:17:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5796H004007040; Sat, 9 Aug 2025 06:17:00 GMT (envelope-from git) Date: Sat, 9 Aug 2025 06:17:00 GMT Message-Id: <202508090617.5796H004007040@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Lexi Winter Subject: git: 9503ed0dfdbd - main - pam_ksu: Fix crash when no ticket is present List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ivy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9503ed0dfdbd61399ecd298c7693d570f8a7538e Auto-Submitted: auto-generated The branch main has been updated by ivy: URL: https://cgit.FreeBSD.org/src/commit/?id=9503ed0dfdbd61399ecd298c7693d570f8a7538e commit 9503ed0dfdbd61399ecd298c7693d570f8a7538e Author: Lexi Winter AuthorDate: 2025-08-09 06:16:15 +0000 Commit: Lexi Winter CommitDate: 2025-08-09 06:16:45 +0000 pam_ksu: Fix crash when no ticket is present When building with MIT Kerberos, pam_ksu crashes if the user doesn't have a ticket because default_principal is never populated in get_su_principal(). Change the compatibility function to use krb5_build_principal_alloc_va instead, and make its interface compatible with the equivalent Heimdal function. Despite what the comment says, we do free the default principal later in get_su_principal() so this shouldn't cause any leaks. Reviewed by: des, philip, cy, jhb Differential Revision: https://reviews.freebsd.org/D51829 --- lib/libpam/modules/pam_ksu/pam_ksu.c | 31 ++++--------------------------- 1 file changed, 4 insertions(+), 27 deletions(-) diff --git a/lib/libpam/modules/pam_ksu/pam_ksu.c b/lib/libpam/modules/pam_ksu/pam_ksu.c index 002613188d8c..04c276a423d3 100644 --- a/lib/libpam/modules/pam_ksu/pam_ksu.c +++ b/lib/libpam/modules/pam_ksu/pam_ksu.c @@ -58,24 +58,13 @@ static int auth_krb5(pam_handle_t *, krb5_context, const char *, #define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT -/* - * XXX We will replace krb5_build_principal_va() with - * XXX krb5_build_principal_alloc_va() when Heimdal is finally - * XXX removed. - */ -krb5_error_code KRB5_CALLCONV -krb5_build_principal_va(krb5_context context, - krb5_principal princ, - unsigned int rlen, - const char *realm, - va_list ap); typedef char *heim_general_string; typedef heim_general_string Realm; typedef Realm krb5_realm; typedef const char *krb5_const_realm; static krb5_error_code -krb5_make_principal(krb5_context context, krb5_principal principal, +krb5_make_principal(krb5_context context, krb5_principal *principal, krb5_const_realm realm, ...) { krb5_realm temp_realm = NULL; @@ -88,15 +77,9 @@ krb5_make_principal(krb5_context context, krb5_principal principal, realm=temp_realm; } va_start(ap, realm); - /* - * XXX Ideally we should be using krb5_build_principal_alloc_va() - * XXX here because krb5_build_principal_va() is deprecated. But, - * XXX this would require changes elsewhere in the calling code - * XXX to call krb5_free_principal() elsewhere to free the - * XXX principal. We can do that after Heimdal is removed from - * XXX our tree. - */ - rc = krb5_build_principal_va(context, principal, strlen(realm), realm, ap); + + rc = krb5_build_principal_alloc_va(context, principal, strlen(realm), + realm, ap); va_end(ap); if (temp_realm) free(temp_realm); @@ -273,13 +256,7 @@ get_su_principal(krb5_context context, const char *target_user, const char *curr if (rv != 0) return (errno); if (default_principal == NULL) { -#ifdef MK_MITKRB5 - /* For MIT KRB5. */ - rv = krb5_make_principal(context, default_principal, NULL, current_user, NULL); -#else - /* For Heimdal. */ rv = krb5_make_principal(context, &default_principal, NULL, current_user, NULL); -#endif if (rv != 0) { PAM_LOG("Could not determine default principal name."); return (rv);