diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2020-07-15 08:00:00 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-07-15 08:00:00 +0000 |
| commit | b36351dd0137034e79194023c8d687b495e785c4 (patch) | |
| tree | 66e8f8b8f5d2de2872dc18e7cb6ae8588e074905 | |
| parent | 2231e9de36a80924112b09393967e0600b0cdb83 (diff) | |
| download | pam-b36351dd0137034e79194023c8d687b495e785c4.tar.gz pam-b36351dd0137034e79194023c8d687b495e785c4.tar.bz2 pam-b36351dd0137034e79194023c8d687b495e785c4.zip | |
pam_unix: use PAM_MAX_RESP_SIZE instead of its alias MAXPASS
* modules/pam_unix/passverify.h (MAXPASS): Remove.
* modules/pam_unix/passverify.c (read_passwords): Replace MAXPASS
with PAM_MAX_RESP_SIZE.
* modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass): Likewise.
* modules/pam_unix/support.c (_unix_verify_password): Likewise.
* modules/pam_unix/unix_chkpwd.c (main): Likewise.
* modules/pam_unix/unix_update.c (set_password): Likewise.
| -rw-r--r-- | modules/pam_unix/pam_unix_passwd.c | 2 | ||||
| -rw-r--r-- | modules/pam_unix/passverify.c | 4 | ||||
| -rw-r--r-- | modules/pam_unix/passverify.h | 2 | ||||
| -rw-r--r-- | modules/pam_unix/support.c | 4 | ||||
| -rw-r--r-- | modules/pam_unix/unix_chkpwd.c | 4 | ||||
| -rw-r--r-- | modules/pam_unix/unix_update.c | 10 |
6 files changed, 12 insertions, 14 deletions
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index e988b2e3..a20e919e 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -577,7 +577,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh } } - if (strlen(pass_new) > MAXPASS) { + if (strlen(pass_new) > PAM_MAX_RESP_SIZE) { remark = _("You must choose a shorter password."); D(("length exceeded [%s]", remark)); } else if (off(UNIX__IAMROOT, ctrl)) { diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index 7455eae6..d5cfd269 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -1190,14 +1190,14 @@ int read_passwords(int fd, int npass, char **passwords) { /* The passwords array must contain npass preallocated - * buffers of length MAXPASS + 1 + * buffers of length PAM_MAX_RESP_SIZE + 1 */ int rbytes = 0; int offset = 0; int i = 0; char *pptr; while (npass > 0) { - rbytes = read(fd, passwords[i]+offset, MAXPASS+1-offset); + rbytes = read(fd, passwords[i]+offset, PAM_MAX_RESP_SIZE+1-offset); if (rbytes < 0) { if (errno == EINTR) continue; diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h index e9a88fbf..47d9d4db 100644 --- a/modules/pam_unix/passverify.h +++ b/modules/pam_unix/passverify.h @@ -8,8 +8,6 @@ #define PAM_UNIX_RUN_HELPER PAM_CRED_INSUFFICIENT -#define MAXPASS PAM_MAX_RESP_SIZE /* the maximum length of a password */ - #define OLD_PASSWORDS_FILE "/etc/security/opasswd" int diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index dc67238c..d669e951 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -677,7 +677,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name struct passwd *pwd = NULL; char *salt = NULL; char *data_name; - char pw[MAXPASS + 1]; + char pw[PAM_MAX_RESP_SIZE + 1]; int retval; @@ -704,7 +704,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name strcpy(data_name + sizeof(FAIL_PREFIX) - 1, name); } - if (p != NULL && strlen(p) > MAXPASS) { + if (p != NULL && strlen(p) > PAM_MAX_RESP_SIZE) { memset(pw, 0, sizeof(pw)); p = strncpy(pw, p, sizeof(pw) - 1); } diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c index 88647e58..c61759a6 100644 --- a/modules/pam_unix/unix_chkpwd.c +++ b/modules/pam_unix/unix_chkpwd.c @@ -89,7 +89,7 @@ static int _audit_log(int type, const char *uname, int rc) int main(int argc, char *argv[]) { - char pass[MAXPASS + 1]; + char pass[PAM_MAX_RESP_SIZE + 1]; char *option; int npass, nullok; int blankpass = 0; @@ -175,7 +175,7 @@ int main(int argc, char *argv[]) retval = helper_verify_password(user, pass, nullok); - memset(pass, '\0', MAXPASS); /* clear memory of the password */ + memset(pass, '\0', PAM_MAX_RESP_SIZE); /* clear memory of the password */ /* return pass or fail */ diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c index 6ea7ea51..ae77fe2e 100644 --- a/modules/pam_unix/unix_update.c +++ b/modules/pam_unix/unix_update.c @@ -38,8 +38,8 @@ set_password(const char *forwho, const char *shadow, const char *remember) { struct passwd *pwd = NULL; int retval; - char pass[MAXPASS + 1]; - char towhat[MAXPASS + 1]; + char pass[PAM_MAX_RESP_SIZE + 1]; + char towhat[PAM_MAX_RESP_SIZE + 1]; int npass = 0; /* we don't care about number format errors because the helper should be called internally only */ @@ -54,7 +54,7 @@ set_password(const char *forwho, const char *shadow, const char *remember) if (npass != 2) { /* is it a valid password? */ if (npass == 1) { helper_log_err(LOG_DEBUG, "no new password supplied"); - memset(pass, '\0', MAXPASS); + memset(pass, '\0', PAM_MAX_RESP_SIZE); } else { helper_log_err(LOG_DEBUG, "no valid passwords supplied"); } @@ -97,8 +97,8 @@ set_password(const char *forwho, const char *shadow, const char *remember) } done: - memset(pass, '\0', MAXPASS); - memset(towhat, '\0', MAXPASS); + memset(pass, '\0', PAM_MAX_RESP_SIZE); + memset(towhat, '\0', PAM_MAX_RESP_SIZE); unlock_pwdf(); |