PERFORCE change 43812 for review
Dag-Erling Smorgrav
des at FreeBSD.org
Thu Dec 11 08:41:56 PST 2003
http://perforce.freebsd.org/chv.cgi?CH=43812
Change 43812 by des at des.at.des.thinksec.com on 2003/12/11 08:41:17
I originally thought the XSSO was wrong to declare pam_get_data()'s
final argument as void ** rather than const void **, but having seen
the strict aliasing warnings gcc generates at higher -O levels, it
makes a lot more sense. Change the prototype and definition back to
what the XSSO specifies, and make the necessary changes to avoid
warnings in code that calls pam_get_data().
Affected files ...
.. //depot/projects/openpam/include/security/pam_appl.h#14 edit
.. //depot/projects/openpam/lib/openpam_borrow_cred.c#11 edit
.. //depot/projects/openpam/lib/openpam_restore_cred.c#10 edit
.. //depot/projects/openpam/lib/pam_get_authtok.c#27 edit
.. //depot/projects/openpam/lib/pam_get_data.c#13 edit
.. //depot/projects/openpam/lib/pam_get_user.c#19 edit
.. //depot/projects/openpam/lib/pam_vprompt.c#13 edit
Differences ...
==== //depot/projects/openpam/include/security/pam_appl.h#14 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/include/security/pam_appl.h#13 $
+ * $P4: //depot/projects/openpam/include/security/pam_appl.h#14 $
*/
#ifndef _PAM_APPL_H_INCLUDED
@@ -71,7 +71,7 @@
int
pam_get_data(pam_handle_t *_pamh,
const char *_module_data_name,
- const void **_data);
+ void **_data);
int
pam_get_item(pam_handle_t *_pamh,
==== //depot/projects/openpam/lib/openpam_borrow_cred.c#11 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#10 $
+ * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#11 $
*/
#include <sys/param.h>
@@ -57,11 +57,12 @@
const struct passwd *pwd)
{
struct pam_saved_cred *scred;
+ void *scredp;
int r;
ENTERI(pwd->pw_uid);
- r = pam_get_data(pamh, PAM_SAVED_CRED, (const void **)&scred);
- if (r == PAM_SUCCESS && scred != NULL) {
+ r = pam_get_data(pamh, PAM_SAVED_CRED, &scredp);
+ if (r == PAM_SUCCESS && scredp != NULL) {
openpam_log(PAM_LOG_DEBUG,
"already operating under borrowed credentials");
RETURNC(PAM_SYSTEM_ERR);
==== //depot/projects/openpam/lib/openpam_restore_cred.c#10 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#9 $
+ * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#10 $
*/
#include <sys/param.h>
@@ -56,14 +56,16 @@
openpam_restore_cred(pam_handle_t *pamh)
{
struct pam_saved_cred *scred;
+ void *scredp;
int r;
ENTER();
- r = pam_get_data(pamh, PAM_SAVED_CRED, (const void **)&scred);
+ r = pam_get_data(pamh, PAM_SAVED_CRED, &scredp);
if (r != PAM_SUCCESS)
RETURNC(r);
- if (scred == NULL)
+ if (scredp == NULL)
RETURNC(PAM_SYSTEM_ERR);
+ scred = scredp;
if (scred->euid != geteuid()) {
if (seteuid(scred->euid) < 0 ||
setgroups(scred->ngroups, scred->groups) < 0 ||
==== //depot/projects/openpam/lib/pam_get_authtok.c#27 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#26 $
+ * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#27 $
*/
#include <sys/param.h>
@@ -60,7 +60,7 @@
const char **authtok,
const char *prompt)
{
- const void *oldauthtok;
+ const void *oldauthtok, *prevauthtok, *promptp;
const char *default_prompt;
char *resp, *resp2;
int pitem, r, style, twice;
@@ -90,16 +90,20 @@
}
if (openpam_get_option(pamh, "try_first_pass") ||
openpam_get_option(pamh, "use_first_pass")) {
- r = pam_get_item(pamh, item, (const void **)authtok);
- if (r == PAM_SUCCESS && *authtok != NULL)
+ r = pam_get_item(pamh, item, &prevauthtok);
+ if (r == PAM_SUCCESS && prevauthtok != NULL) {
+ *authtok = prevauthtok;
RETURNC(PAM_SUCCESS);
+ }
else if (openpam_get_option(pamh, "use_first_pass"))
RETURNC(r == PAM_SUCCESS ? PAM_AUTH_ERR : r);
}
if (prompt == NULL) {
- r = pam_get_item(pamh, pitem, (const void **)&prompt);
- if (r != PAM_SUCCESS || prompt == NULL)
+ r = pam_get_item(pamh, pitem, &promptp);
+ if (r != PAM_SUCCESS || promptp == NULL)
prompt = default_prompt;
+ else
+ prompt = promptp;
}
style = openpam_get_option(pamh, "echo_pass") ?
PAM_PROMPT_ECHO_ON : PAM_PROMPT_ECHO_OFF;
==== //depot/projects/openpam/lib/pam_get_data.c#13 (text+ko) ====
@@ -31,9 +31,10 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_get_data.c#12 $
+ * $P4: //depot/projects/openpam/lib/pam_get_data.c#13 $
*/
+#include <stdint.h>
#include <string.h>
#include <security/pam_appl.h>
@@ -50,18 +51,19 @@
int
pam_get_data(pam_handle_t *pamh,
const char *module_data_name,
- const void **data)
+ void **data)
{
pam_data_t *dp;
ENTERS(module_data_name);
if (pamh == NULL)
RETURNC(PAM_SYSTEM_ERR);
- for (dp = pamh->module_data; dp != NULL; dp = dp->next)
+ for (dp = pamh->module_data; dp != NULL; dp = dp->next) {
if (strcmp(dp->name, module_data_name) == 0) {
- *data = dp->data;
+ *data = (void *)(intptr_t)dp->data;
RETURNC(PAM_SUCCESS);
}
+ }
RETURNC(PAM_NO_MODULE_DATA);
}
==== //depot/projects/openpam/lib/pam_get_user.c#19 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_get_user.c#18 $
+ * $P4: //depot/projects/openpam/lib/pam_get_user.c#19 $
*/
#include <sys/param.h>
@@ -57,6 +57,7 @@
const char **user,
const char *prompt)
{
+ const void *promptp;
char *resp;
int r;
@@ -67,9 +68,11 @@
if (r == PAM_SUCCESS && *user != NULL)
RETURNC(PAM_SUCCESS);
if (prompt == NULL) {
- r = pam_get_item(pamh, PAM_USER_PROMPT, (const void **)&prompt);
- if (r != PAM_SUCCESS || prompt == NULL)
+ r = pam_get_item(pamh, PAM_USER_PROMPT, &promptp);
+ if (r != PAM_SUCCESS || promptp == NULL)
prompt = user_prompt;
+ else
+ prompt = promptp;
}
r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, "%s", prompt);
if (r != PAM_SUCCESS)
==== //depot/projects/openpam/lib/pam_vprompt.c#13 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/lib/pam_vprompt.c#12 $
+ * $P4: //depot/projects/openpam/lib/pam_vprompt.c#13 $
*/
#include <stdarg.h>
@@ -59,13 +59,15 @@
struct pam_message msg;
const struct pam_message *msgp;
struct pam_response *rsp;
- struct pam_conv *conv;
+ const struct pam_conv *conv;
+ const void *convp;
int r;
ENTER();
- r = pam_get_item(pamh, PAM_CONV, (const void **)&conv);
+ r = pam_get_item(pamh, PAM_CONV, &convp);
if (r != PAM_SUCCESS)
RETURNC(r);
+ conv = convp;
if (conv == NULL || conv->conv == NULL) {
openpam_log(PAM_LOG_ERROR, "no conversation function");
RETURNC(PAM_SYSTEM_ERR);
More information about the p4-projects
mailing list