pam: Fix password torching const-ness

In some code branches, the PAM code "torches" a password by zeroing it. However, it does this through a const pointer which we otherwise know is not actually const. Make sure we get better type checking by doing this through a non-const pointer. Reviewed-on: http://gerrit.openafs.org/4554 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> (cherry picked from commit 5cd4282758317b24d2f63408ab4c62551bbebc03) Change-Id: I94b22a31884dc9b184ec094e5cca4b6b0098cb15 Reviewed-on: http://gerrit.openafs.org/6295 Tested-by: Derrick Brashear <shadow@dementix.org> Reviewed-by: Derrick Brashear <shadow@dementix.org>
2025-01-31 13:38:01 +00:00 · 2011-04-25 13:58:34 -05:00 · 2011-04-25 13:58:34 -05:00 · ef65c2e082
commit ef65c2e082
parent fe2d1b6615
3 changed files with 12 additions and 23 deletions
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@ -61,7 +61,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
    int got_authtok = 0;	/* got PAM_AUTHTOK upon entry */
    PAM_CONST char *user = NULL, *password = NULL;
    afs_int32 password_expires = -1;
-    int torch_password = 1;
+    char *torch_password = NULL;
    int i;
    PAM_CONST struct pam_conv *pam_convp = NULL;
    int auth_ok;
@ -209,13 +209,11 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
 	    pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user);
    } else if (password[0] == '\0') {
 	/* Actually we *did* get one but it was empty. */
-	torch_password = 0;
 	pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
 	RET(PAM_NEW_AUTHTOK_REQD);
    } else {
 	if (logmask && LOG_MASK(LOG_DEBUG))
 	    pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-	torch_password = 0;
 	got_authtok = 1;
    }
    if (!(use_first_pass || try_first_pass)) {
@ -226,8 +224,6 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
    if (password == NULL) {
 	char *prompt_password;

-	torch_password = 1;
-
 	if (use_first_pass)
 	    RET(PAM_AUTH_ERR);	/* shouldn't happen */
 	if (try_first_pass)
@ -260,7 +256,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
 	my_password_buf[sizeof(my_password_buf) - 1] = '\0';
 	memset(prompt_password, 0, strlen(prompt_password));
 	free(prompt_password);
-	password = my_password_buf;
+	password = torch_password = my_password_buf;

    }

@ -402,7 +398,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     * after pam_afs
     */
    if (!got_authtok) {
-	torch_password = 0;
+	torch_password = NULL;
 	(void)pam_set_item(pamh, PAM_AUTHTOK, password);
    }

@ -418,7 +414,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
 	char *tmp = strdup(password);
 	(void)pam_set_data(pamh, pam_afs_lh, tmp, lc_cleanup);
 	if (torch_password)
-	    memset((char *)password, 0, strlen(password));
+	    memset(torch_password, 0, strlen(torch_password));
    }
    (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV
--- a/src/pam/afs_password.c
+++ b/src/pam/afs_password.c
@ -43,7 +43,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
    int try_first_pass = 0;
    int ignore_root = 0;
    int got_authtok = 0;	/* got PAM_AUTHTOK upon entry */
-    int torch_password = 1;
+    char *torch_password = NULL;
    int i;
    char my_password_buf[256];
    char instance[256];
@ -154,13 +154,11 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	    pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user);
    } else if (password[0] == '\0') {
 	/* Actually we *did* get one but it was empty. */
-	torch_password = 0;
 	pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
 	RET(PAM_NEW_AUTHTOK_REQD);
    } else {
 	if (logmask && LOG_MASK(LOG_DEBUG))
 	    pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-	torch_password = 0;
 	got_authtok = 1;
    }
    if (!(use_first_pass || try_first_pass)) {
@ -169,7 +167,6 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)

    if (password == NULL) {
 	char *prompt_password;
-	torch_password = 1;
 	if (use_first_pass)
 	    RET(PAM_AUTH_ERR);	/* shouldn't happen */
 	if (try_first_pass)
@ -200,7 +197,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	my_password_buf[sizeof(my_password_buf) - 1] = '\0';
 	memset(prompt_password, 0, strlen(password));
 	free(prompt_password);
-	password = my_password_buf;
+	password = torch_password = my_password_buf;
    }

    if ((code = ka_VerifyUserPassword(KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, (char *)user,	/* kerberos name */
@ -212,7 +209,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	pam_afs_syslog(LOG_ERR, PAMAFS_LOGIN_FAILED, user, reason);
 	RET(PAM_AUTH_ERR);
    }
-    torch_password = 0;
+    torch_password = NULL;
    pam_set_item(pamh, PAM_AUTHTOK, password);
    pam_set_item(pamh, PAM_OLDAUTHTOK, password);
    if (flags & PAM_PRELIM_CHECK) {
@ -305,7 +302,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)

  out:
    if (password && torch_password) {
-	memset((char *)password, 0, strlen(password));
+	memset(torch_password, 0, strlen(torch_password));
    }
    (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@ -55,7 +55,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
    char my_password_buf[256];
    char *cell_ptr = NULL;
    char sbuffer[100];
-    int torch_password = 1;
+    char *torch_password = NULL;
    int auth_ok = 0;
    char *lh;
    PAM_CONST char *user = NULL;
@ -207,7 +207,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	} else if (password[0] == '\0') {
 	    /* Actually we *did* get one but it was empty. */
 	    got_authtok = 1;
-	    torch_password = 0;
 	    /* So don't use it. */
 	    password = NULL;
 	    if (use_first_pass) {
@ -219,7 +218,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	} else {
 	    if (logmask && LOG_MASK(LOG_DEBUG))
 		pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-	    torch_password = 0;
 	    got_authtok = 1;
 	}
 	if (!(use_first_pass || try_first_pass)) {
@ -230,8 +228,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	if (password == NULL) {
 	    char *prompt_password;

-	    torch_password = 1;
-
 	    if (use_first_pass)
 		RET(PAM_AUTH_ERR);	/* shouldn't happen */
 	    if (try_first_pass)
@ -265,7 +261,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 	    my_password_buf[sizeof(my_password_buf) - 1] = '\0';
 	    memset(prompt_password, 0, strlen(prompt_password));
 	    free(prompt_password);
-	    password = my_password_buf;
+	    password = torch_password = my_password_buf;
 	}
 	/*
 	 * We only set a PAG here, if we haven't got one before in
@ -327,7 +323,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)

 	/* pam_sm_authenticate should have set this
 	 * if (auth_ok && !got_authtok) {
-	 *     torch_password = 0;
+	 *     torch_password = NULL;
 	 *     (void) pam_set_item(pamh, PAM_AUTHTOK, password);
 	 * }
 	 */
@ -359,7 +355,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)

  out:
    if (password && torch_password)
-	memset((char*)password, 0, strlen(password));
+	memset(torch_password, 0, strlen(torch_password));
    (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV
    closelog();