Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2007-12-06  Eamon Walsh <ewalsh@tycho.nsa.gov>

        * libpam/include/security/_pam_macros.h: Add _pam_overwrite_n()
        macro.
        * libpam/include/security/_pam_types.h: Add PAM_XDISPLAY,
        PAM_XAUTHDATA items, pam_xauth_data struct.
        * libpam/pam_item.c (pam_set_item, pam_get_item): Handle
        PAM_XDISPLAY and PAM_XAUTHDATA items.
        * libpam/pam_end.c (pam_end): Destroy the new items.
        * libpam/pam_private.h (pam_handle): Add data members for new
        items. Add prototype for _pam_memdup.
        * libpam/pam_misc.c: Add _pam_memdup.
        * doc/man/Makefile.am: Add pam_xauth_data.3. Replace
        pam_item_types.inc.xml with pam_item_types_std.inc.xml and
        pam_item_types_ext.inc.xml.
        * doc/man/pam_get_item.3.xml: Replace pam_item_types.inc.xml
        with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml.
        * doc/man/pam_set_item.3.xml: Likewise.
        * doc/man/pam_item_types.inc.xml: Removed file.
        * doc/man/pam_item_types_ext.inc.xml: New file.
        * doc/man/pam_item_types_std.inc.xml: New file.

13 files changed, 179 insertions, 22 deletions

diff --git a/ChangeLog b/ChangeLog
index 32135cdd..452001e7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+2007-12-06  Eamon Walsh <ewalsh@tycho.nsa.gov>
+
+	* libpam/include/security/_pam_macros.h: Add _pam_overwrite_n()
+	macro.
+	* libpam/include/security/_pam_types.h: Add PAM_XDISPLAY,
+	PAM_XAUTHDATA items, pam_xauth_data struct.
+	* libpam/pam_item.c (pam_set_item, pam_get_item): Handle
+	PAM_XDISPLAY and PAM_XAUTHDATA items.
+	* libpam/pam_end.c (pam_end): Destroy the new items.
+	* libpam/pam_private.h (pam_handle): Add data members for new
+	items. Add prototype for _pam_memdup.
+	* libpam/pam_misc.c: Add _pam_memdup.
+	* doc/man/Makefile.am: Add pam_xauth_data.3. Replace
+	pam_item_types.inc.xml with pam_item_types_std.inc.xml and
+	pam_item_types_ext.inc.xml.
+	* doc/man/pam_get_item.3.xml: Replace pam_item_types.inc.xml
+	with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml.
+	* doc/man/pam_set_item.3.xml: Likewise.
+	* doc/man/pam_item_types.inc.xml: Removed file.
+	* doc/man/pam_item_types_ext.inc.xml: New file.
+	* doc/man/pam_item_types_std.inc.xml: New file.
+
 2007-12-06  Tomas Mraz  <t8m@centrum.cz>
 
 	* modules/pam_tty_audit/pam_tty_audit.8.xml: Fix example.
diff --git a/NEWS b/NEWS
index 87aaa6c7..e794525e 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,7 @@ Linux-PAM NEWS -- history of user-visible changes.
 * New substack directive in config file syntax.
 * New module pam_tty_audit.so for enabling and disabling tty
   auditing.
+* New PAM items PAM_XDISPLAY and PAM_XAUTHDATA.
 
 Release 0.99.9.0
 * misc_conv no longer blocks SIGINT; applications that don't want
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
index 7d17a439..926f1ae5 100644
--- a/doc/man/Makefile.am
+++ b/doc/man/Makefile.am
@@ -10,7 +10,7 @@ man_MANS = pam.3 PAM.8 pam.8 pam.conf.5 pam.d.5 \
 	pam_acct_mgmt.3 pam_authenticate.3 \
 	pam_chauthtok.3 pam_close_session.3 pam_conv.3 \
 	pam_end.3 pam_error.3 \
-	pam_fail_delay.3 \
+	pam_fail_delay.3 pam_xauth_data.3 \
 	pam_get_data.3 pam_get_item.3 pam_get_user.3 pam_getenv.3 \
 	pam_getenvlist.3 \
 	pam_info.3 \
@@ -27,7 +27,7 @@ XMLS = pam.3.xml pam.8.xml \
 	pam_acct_mgmt.3.xml pam_authenticate.3.xml \
 	pam_chauthtok.3.xml pam_close_session.3.xml pam_conv.3.xml \
 	pam_end.3.xml pam_error.3.xml \
-	pam_fail_delay.3.xml \
+	pam_fail_delay.3.xml pam_xauth_data.3 \
 	pam_get_data.3.xml pam_get_item.3.xml pam_get_user.3.xml \
 	pam_getenv.3.xml pam_getenvlist.3.xml \
         pam_info.3.xml \
@@ -38,14 +38,14 @@ XMLS = pam.3.xml pam.8.xml \
 	pam_sm_close_session.3.xml pam_sm_open_session.3.xml \
 	pam_sm_setcred.3.xml pam_start.3.xml pam_strerror.3.xml \
 	pam_sm_chauthtok.3.xml \
-	pam_item_types.inc.xml \
+	pam_item_types_std.inc.xml pam_item_types_ext.inc.xml \
 	pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml \
 	misc_conv.3.xml pam_misc_paste_env.3.xml pam_misc_drop_env.3.xml \
 	pam_misc_setenv.3.xml
 
 if ENABLE_REGENERATE_MAN
-pam_get_item.3: pam_item_types.inc.xml
-pam_set_data.3: pam_item_types.inc.xml
+pam_get_item.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml
+pam_set_data.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml
 pam.conf.5: pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml
 -include $(top_srcdir)/Make.xml.rules
 endif
diff --git a/doc/man/pam_get_item.3.xml b/doc/man/pam_get_item.3.xml
index e5806d11..d07862e0 100644
--- a/doc/man/pam_get_item.3.xml
+++ b/doc/man/pam_get_item.3.xml
@@ -3,7 +3,8 @@
                    "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
 [
 <!--
-<!ENTITY accessconf SYSTEM "pam_item_types.inc.xml">
+<!ENTITY accessconf SYSTEM "pam_item_types_std.inc.xml">
+<!ENTITY accessconf SYSTEM "pam_item_types_ext.inc.xml">
 -->
 ]>
 
@@ -55,7 +56,15 @@
    </para>
 
    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-      href="pam_item_types.inc.xml"/>
+      href="pam_item_types_std.inc.xml"/>
+
+   <para>
+     The following additional items are specific to Linux-PAM and should not be used in
+     portable applications:
+   </para>
+
+   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+      href="pam_item_types_ext.inc.xml"/>
 
     <para>
       If a service module wishes to obtain the name of the user,
diff --git a/doc/man/pam_item_types_ext.inc.xml b/doc/man/pam_item_types_ext.inc.xml
new file mode 100644
index 00000000..0c72f699
--- /dev/null
+++ b/doc/man/pam_item_types_ext.inc.xml
@@ -0,0 +1,45 @@
+<!-- this file is included by pam_set_item and pam_get_item -->
+
+    <variablelist>
+      <varlistentry>
+        <term>PAM_FAIL_DELAY</term>
+        <listitem>
+          <para>
+            A function pointer to redirect centrally managed
+            failure delays. See
+            <citerefentry>
+              <refentrytitle>pam_fail_delay</refentrytitle><manvolnum>3</manvolnum>
+            </citerefentry>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>PAM_XDISPLAY</term>
+        <listitem>
+          <para>
+            The name of the X display.  For graphical, X-based applications the
+	    value for this item should be the <emphasis>$DISPLAY</emphasis>
+	    variable.  This value should be used instead of
+	    <emphasis>PAM_TTY</emphasis> for passing the
+	    name of the display where possible.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>PAM_XAUTHDATA</term>
+        <listitem>
+          <para>
+            A pointer to a structure containing the X authentication data
+	    required to make a connection to the display specified by
+	    <emphasis>PAM_XDISPLAY</emphasis>, if such information is
+	    necessary.  See
+            <citerefentry>
+              <refentrytitle>pam_xauth_data</refentrytitle><manvolnum>3</manvolnum>
+            </citerefentry>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
diff --git a/doc/man/pam_item_types.inc.xml b/doc/man/pam_item_types_std.inc.xml
index 9d70087b..81f240b0 100644
--- a/doc/man/pam_item_types.inc.xml
+++ b/doc/man/pam_item_types_std.inc.xml
@@ -135,17 +135,4 @@
         </listitem>
       </varlistentry>
 
-      <varlistentry>
-        <term>PAM_FAIL_DELAY</term>
-        <listitem>
-          <para>
-            A function pointer to redirect centrally managed
-            failure delays. See
-            <citerefentry>
-              <refentrytitle>pam_fail_delay</refentrytitle><manvolnum>3</manvolnum>
-            </citerefentry>.
-          </para>
-        </listitem>
-      </varlistentry>
-
     </variablelist>
diff --git a/doc/man/pam_set_item.3.xml b/doc/man/pam_set_item.3.xml
index cbac8413..39758313 100644
--- a/doc/man/pam_set_item.3.xml
+++ b/doc/man/pam_set_item.3.xml
@@ -3,7 +3,8 @@
                    "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
 [
 <!--
-<!ENTITY accessconf SYSTEM "pam_item_types.inc.xml">
+<!ENTITY accessconf SYSTEM "pam_item_types_std.inc.xml">
+<!ENTITY accessconf SYSTEM "pam_item_types_ext.inc.xml">
 -->
 ]>
 
@@ -52,7 +53,15 @@
    </para>
 
    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-      href="pam_item_types.inc.xml"/>
+      href="pam_item_types_std.inc.xml"/>
+
+   <para>
+     The following additional items are specific to Linux-PAM and should not be used in
+     portable applications:
+   </para>
+
+   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+      href="pam_item_types_ext.inc.xml"/>
 
     <para>
       For all <emphasis>item_type</emphasis>s, other than PAM_CONV and
diff --git a/libpam/include/security/_pam_macros.h b/libpam/include/security/_pam_macros.h
index f7da10a7..72aaf468 100644
--- a/libpam/include/security/_pam_macros.h
+++ b/libpam/include/security/_pam_macros.h
@@ -25,6 +25,15 @@ do {                             \
                *__xx__++ = '\0'; \
 } while (0)
 
+#define _pam_overwrite_n(x,n)   \
+do {                             \
+     register char *__xx__;      \
+     register int __i__ = 0;    \
+     if ((__xx__=(x)))           \
+        for (;__i__<n; __i__++) \
+            __xx__[__i__] = 0; \
+} while (0)
+
 /*
  * Don't just free it, forget it too.
  */
diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h
index 45bae97b..2f7e807f 100644
--- a/libpam/include/security/_pam_types.h
+++ b/libpam/include/security/_pam_types.h
@@ -138,8 +138,11 @@ typedef struct pam_handle pam_handle_t;
 #define PAM_OLDAUTHTOK     7	/* The old authentication token */
 #define PAM_RUSER          8	/* The remote user name */
 #define PAM_USER_PROMPT    9    /* the prompt for getting a username */
+/* Linux-PAM extensions */
 #define PAM_FAIL_DELAY     10   /* app supplied function to override failure
 				   delays */
+#define PAM_XDISPLAY       11   /* X display name */
+#define PAM_XAUTHDATA      12   /* X server authentication data */
 
 /* -------------- Special defines used by Linux-PAM -------------- */
 
@@ -279,6 +282,17 @@ struct pam_conv {
     void *appdata_ptr;
 };
 
+/* Used by the PAM_XAUTHDATA pam item.  Contains X authentication
+   data used by modules to connect to the user's X display.  Note:
+   this structure is intentionally compatible with xcb_auth_info_t. */
+
+struct pam_xauth_data {
+    int namelen;
+    char *name;
+    int datalen;
+    char *data;
+};
+
 /* ... adapted from the pam_appl.h file created by Theodore Ts'o and
  *
  * Copyright Theodore Ts'o, 1996.  All rights reserved.
diff --git a/libpam/pam_end.c b/libpam/pam_end.c
index de1c26ed..f400c325 100644
--- a/libpam/pam_end.c
+++ b/libpam/pam_end.c
@@ -73,6 +73,15 @@ int pam_end(pam_handle_t *pamh, int pam_status)
 
     _pam_drop(pamh->former.substates);
 
+    _pam_overwrite(pamh->xdisplay);
+    _pam_drop(pamh->xdisplay);
+
+    _pam_overwrite(pamh->xauth.name);
+    _pam_drop(pamh->xauth.name);
+    _pam_overwrite_n(pamh->xauth.data, pamh->xauth.datalen);
+    _pam_drop(pamh->xauth.data);
+    _pam_overwrite_n(&pamh->xauth, sizeof(pamh->xauth));
+
     /* and finally liberate the memory for the pam_handle structure */
 
     _pam_drop(pamh);
diff --git a/libpam/pam_item.c b/libpam/pam_item.c
index 52efe80b..41d90087 100644
--- a/libpam/pam_item.c
+++ b/libpam/pam_item.c
@@ -138,6 +138,24 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
 	pamh->fail_delay.delay_fn_ptr = item;
 	break;
 
+    case PAM_XDISPLAY:
+	RESET(pamh->xdisplay, item);
+	break;
+
+    case PAM_XAUTHDATA:
+	if (pamh->xauth.namelen) {
+	    _pam_overwrite(pamh->xauth.name);
+	    free(pamh->xauth.name);
+	}
+	if (pamh->xauth.datalen) {
+	    _pam_overwrite_n(pamh->xauth.data, pamh->xauth.datalen);
+	    free(pamh->xauth.data);
+	}
+	pamh->xauth = *((const struct pam_xauth_data *) item);
+	pamh->xauth.name = _pam_strdup(pamh->xauth.name);
+	pamh->xauth.data = _pam_memdup(pamh->xauth.data, pamh->xauth.datalen);
+	break;
+
     default:
 	retval = PAM_BAD_ITEM;
     }
@@ -220,6 +238,14 @@ int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item)
 	*item = pamh->fail_delay.delay_fn_ptr;
 	break;
 
+    case PAM_XDISPLAY:
+	*item = pamh->xdisplay;
+	break;
+
+    case PAM_XAUTHDATA:
+	*item = &pamh->xauth;
+	break;
+
     default:
 	retval = PAM_BAD_ITEM;
     }
diff --git a/libpam/pam_misc.c b/libpam/pam_misc.c
index 770c9cce..574a570e 100644
--- a/libpam/pam_misc.c
+++ b/libpam/pam_misc.c
@@ -137,6 +137,28 @@ char *_pam_strdup(const char *x)
      return new;                 /* return the duplicate or NULL on error */
 }
 
+/*
+ * Safe duplication of memory buffers. "Paranoid"; don't leave
+ * evidence of old token around for later stack analysis.
+ */
+
+char *_pam_memdup(const char *x, int len)
+{
+     register char *new=NULL;
+
+     if (x != NULL) {
+         if ((new = malloc(len)) == NULL) {
+             len = 0;
+             pam_syslog(NULL, LOG_CRIT, "_pam_memdup: failed to get memory");
+         } else {
+             memcpy (new, x, len);
+         }
+         x = NULL;
+     }
+
+     return new;                 /* return the duplicate or NULL on error */
+}
+
 /* Generate argv, argc from s */
 /* caller must free(argv)     */
 
diff --git a/libpam/pam_private.h b/libpam/pam_private.h
index bf32ad44..333f4d0f 100644
--- a/libpam/pam_private.h
+++ b/libpam/pam_private.h
@@ -152,9 +152,11 @@ struct pam_handle {
     char *rhost;
     char *ruser;
     char *tty;
+    char *xdisplay;
     struct pam_data *data;
     struct pam_environ *env;      /* structure to maintain environment list */
     struct _pam_fail_delay fail_delay;   /* helper function for easy delays */
+    struct pam_xauth_data xauth;        /* auth info for X display */
     struct service handlers;
     struct _pam_former_state former;  /* library state - support for
 					 event driven applications */
@@ -267,6 +269,8 @@ char *_pam_StrTok(char *from, const char *format, char **next);
 
 char *_pam_strdup(const char *s);
 
+char *_pam_memdup(const char *s, int len);
+
 int _pam_mkargv(char *s, char ***argv, int *argc);
 
 void _pam_sanitize(pam_handle_t *pamh);