Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-12-02  Olivier Fourdan <ofourdan@redhat.com>

        * modules/pam_filter/pam_filter.c (master): Use /dev/ptmx
        instead of the old BSD pseudoterminal API.
        (set_filter): Call grantpt(), unlockpt() and ptsname(). Do not
        close pseudoterminal handle in filter child.
        * modules/pam_filter/upperLOWER/upperLOWER.c (main): Use
        regular read() instead of pam_modutil_read() to allow for
        short reads.

2 files changed, 34 insertions, 46 deletions

diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c
index 86bc172b..6b821efc 100644
--- a/modules/pam_filter/pam_filter.c
+++ b/modules/pam_filter/pam_filter.c
@@ -48,41 +48,18 @@
 
 #include <stdarg.h>
 
-#define TERMINAL_LEN 12
+#define DEV_PTMX "/dev/ptmx"
 
 static int
-master (const pam_handle_t *pamh, char *terminal)
-/*
- * try to open all of the terminals in sequence return first free one,
- * or -1
- */
+master (void)
 {
-     const char ptys[] = "pqrs", *pty = ptys;
-     const char hexs[] = "0123456789abcdef", *hex;
-     struct stat tstat;
-     int fd;
-
-     strcpy(terminal, "/dev/pty??");
-
-     while (*pty) {                   /* step through four types */
-	  terminal[8] = *pty++;
-	  terminal[9] = '0';
-	  if (stat(terminal,&tstat) < 0) {
-	       pam_syslog(pamh, LOG_WARNING,
-			  "unknown pseudo terminal: %s", terminal);
-	       break;
-	  }
-	  for (hex = hexs; *hex; ) {  /* step through 16 of these */
-	       terminal[9] = *hex++;
-	       if ((fd = open(terminal, O_RDWR)) >= 0) {
-		    return fd;
-	       }
-	  }
-     }
-
-     /* no terminal found */
-
-     return -1;
+    int fd;
+
+    if ((fd = open(DEV_PTMX, O_RDWR)) >= 0) {
+	return fd;
+    }
+
+    return -1;
 }
 
 static int process_args(pam_handle_t *pamh
@@ -279,7 +256,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
 	    const char **evp, const char *filtername)
 {
     int status=-1;
-    char terminal[TERMINAL_LEN];
+    char* terminal = NULL;
     struct termios stored_mode;           /* initial terminal mode settings */
     int fd[2], child=0, child2=0, aterminal;
 
@@ -299,7 +276,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
 
 	/* open the master pseudo terminal */
 
-	fd[0] = master(pamh,terminal);
+	fd[0] = master();
 	if (fd[0] < 0) {
 	    pam_syslog(pamh, LOG_CRIT, "no master terminal");
 	    return PAM_AUTH_ERR;
@@ -392,8 +369,27 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
 		return PAM_ABORT;
 	    }
 
+	    /* grant slave terminal */
+	    if (grantpt (fd[0]) < 0) {
+		pam_syslog(pamh, LOG_WARNING, "Cannot grant acccess to slave terminal");
+		return PAM_ABORT;
+	    }
+
+	    /* unlock slave terminal */
+	    if (unlockpt (fd[0]) < 0) {
+		pam_syslog(pamh, LOG_WARNING, "Cannot unlock slave terminal");
+		return PAM_ABORT;
+	    }
+
 	    /* find slave's name */
-	    terminal[5] = 't';             /* want to open slave terminal */
+	    terminal = ptsname(fd[0]); /* returned value should not be freed */
+
+	    if (terminal == NULL) {
+		pam_syslog(pamh, LOG_WARNING,
+			   "Cannot get the name of the slave terminal: %m");
+		return PAM_ABORT;
+	    }
+
 	    fd[1] = open(terminal, O_RDWR);
 	    close(fd[0]);      /* process is the child -- uses line fd[1] */
 
@@ -412,7 +408,6 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
 		close(fd[1]);
 		return PAM_ABORT;
 	    }
-
 	} else {
 
 	    /* nothing to do for a simple stream socket */
@@ -450,13 +445,6 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl,
 	return PAM_SUCCESS;
     }
 
-    /*
-     * process is the parent here. So we can close the application's
-     * input/output
-     */
-
-    close(fd[1]);
-
     /* Clear out passwords... there is a security problem here in
      * that this process never executes pam_end.  Consequently, any
      * other sensitive data in this process is *not* explicitly
diff --git a/modules/pam_filter/upperLOWER/upperLOWER.c b/modules/pam_filter/upperLOWER/upperLOWER.c
index 0ede4a0d..25e70a5a 100644
--- a/modules/pam_filter/upperLOWER/upperLOWER.c
+++ b/modules/pam_filter/upperLOWER/upperLOWER.c
@@ -89,7 +89,7 @@ int main(int argc, char **argv UNUSED)
 	  /* application errors */
 
 	  if ( FD_ISSET(APPERR_FILENO,&readers) ) {
-	       int got = pam_modutil_read(APPERR_FILENO, buffer, BUFSIZ);
+	       int got = read(APPERR_FILENO, buffer, BUFSIZ);
 	       if (got <= 0) {
 		    break;
 	       } else {
@@ -102,7 +102,7 @@ int main(int argc, char **argv UNUSED)
 		    }
 	       }
 	  } else if ( FD_ISSET(APPOUT_FILENO,&readers) ) {    /* app output */
-	       int got = pam_modutil_read(APPOUT_FILENO, buffer, BUFSIZ);
+	       int got = read(APPOUT_FILENO, buffer, BUFSIZ);
 	       if (got <= 0) {
 		    break;
 	       } else {
@@ -117,7 +117,7 @@ int main(int argc, char **argv UNUSED)
 	  }
 
 	  if ( FD_ISSET(STDIN_FILENO, &readers) ) {  /* user input */
-	       int got = pam_modutil_read(STDIN_FILENO, buffer, BUFSIZ);
+	       int got = read(STDIN_FILENO, buffer, BUFSIZ);
 	       if (got < 0) {
 		    syslog(LOG_WARNING,"user input junked");
 		    break;