bin/59776: ftpd(8)/FreeBSD 5: PAM "session" code is unreachable
Nick Leuta
skynick at mail.sc.ru
Fri Nov 28 15:30:36 PST 2003
>Number: 59776
>Category: bin
>Synopsis: ftpd(8)/FreeBSD 5: PAM "session" code is unreachable
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Nov 28 15:30:23 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Nick Leuta
>Release: FreeBSD 4.9-RC i386
>Organization:
Lipetsk State Technical University
>Environment:
System: FreeBSD skynick.stu.lipetsk.ru 4.9-RC FreeBSD 4.9-RC #0: Sun Nov 23 19:53:55 MSK 2003 root at skynick.stu.lipetsk.ru:/usr/src/sys/compile/CORSAIR i386
>Description:
The global "pam_handle_t *pamh" variable is redeclared in the auth_pam()
function, so the global "*pamh" will always be NULL and so the
pam_open_session() call will always be unreachable.
>How-To-Repeat:
Put the pam_deny.so module into the "session" group as a required module and
see the logs...
>Fix:
diff -urN ftpd.ORI/ftpd.c ftpd/ftpd.c
--- ftpd.ORI/ftpd.c Sat Nov 15 14:08:26 2003
+++ ftpd/ftpd.c Wed Nov 26 01:49:26 2003
@@ -1162,13 +1162,15 @@
LOGIN_SETMAC);
#endif
#ifdef USE_PAM
- if ((e = pam_setcred(pamh, PAM_DELETE_CRED)) != PAM_SUCCESS)
- syslog(LOG_ERR, "pam_setcred: %s", pam_strerror(pamh, e));
- if ((e = pam_close_session(pamh,0)) != PAM_SUCCESS)
- syslog(LOG_ERR, "pam_close_session: %s", pam_strerror(pamh, e));
- if ((e = pam_end(pamh, e)) != PAM_SUCCESS)
- syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
- pamh = NULL;
+ if (pamh) {
+ if ((e = pam_setcred(pamh, PAM_DELETE_CRED)) != PAM_SUCCESS)
+ syslog(LOG_ERR, "pam_setcred: %s", pam_strerror(pamh, e));
+ if ((e = pam_close_session(pamh,0)) != PAM_SUCCESS)
+ syslog(LOG_ERR, "pam_close_session: %s", pam_strerror(pamh, e));
+ if ((e = pam_end(pamh, e)) != PAM_SUCCESS)
+ syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
+ pamh = NULL;
+ }
#endif
logged_in = 0;
guest = 0;
@@ -1238,7 +1240,6 @@
static int
auth_pam(struct passwd **ppw, const char *pass)
{
- pam_handle_t *pamh = NULL;
const char *tmpl_user;
const void *item;
int rval;
@@ -1249,6 +1250,7 @@
e = pam_start("ftpd", (*ppw)->pw_name, &conv, &pamh);
if (e != PAM_SUCCESS) {
syslog(LOG_ERR, "pam_start: %s", pam_strerror(pamh, e));
+ /* pamh is NULL */
return -1;
}
@@ -1256,6 +1258,10 @@
if (e != PAM_SUCCESS) {
syslog(LOG_ERR, "pam_set_item(PAM_RHOST): %s",
pam_strerror(pamh, e));
+ if ((e = pam_end(pamh, e)) != PAM_SUCCESS) {
+ syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
+ }
+ pamh = NULL;
return -1;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list