| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
sign_extend_unsigned_to_ll()
Import these handy macros from strace project.
|
| |
|
|
|
|
|
|
|
| |
Add a helper function to compare two strings for equality, that performs
the same amount of operations based on the first argument, regardless of
the length of the second argument, or the position of the first
difference.
This can be used as defense-in-depth mitigation against timing attacks
of password comparisons.
|
| |
|
|
|
|
|
|
|
|
|
| |
That function is being added to C23 with the same prototype
as memset(3):
void* memset_explicit(void*, int, size_t);
Unlike bzero, it accepts the fill byte as an argument.
Fixes: 19a292681789 ("libpam: introduce secure memory erasure helpers")
|
| |
|
|
|
|
| |
Non trivial changes:
- erase responses in pam_get_authtok_internal() on error branch
|
| |
|
|
|
|
|
|
|
|
| |
Avoid compiler optimizations to elide the memory erasure by using a
secure method: either memset_explicit() [C23], bzero_explicit() [glibc
2.25] or a manual memory barrier.
Since the current helpers _pam_overwrite*() and _pam_drop_reply() are
publicly exported, create new ones in "pam_inline.h" and deprecate the
old ones.
|
| |
|
|
|
|
|
| |
* libpam/include/pam_inline.h (pam_read_passwords): Increment pptr once
instead of using pptr+1 several times. This change is not expected
to affect the code generated by the compiler as the latter is likely
to perform the optimization itself.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
[ldv: rewrote commit message]
* modules/pam_unix/passverify.h (read_passwords): Remove prototype.
* modules/pam_unix/passverify.c (read_passwords): Move ...
* libpam/include/pam_inline.h: ... here, rename to pam_read_passwords,
add static inline qualifiers.
Include <unistd.h> and <errno.h>.
* modules/pam_unix/unix_chkpwd.c: Include "pam_inline.h".
(main): Replace read_passwords with pam_read_passwords.
* modules/pam_unix/unix_update.c: Include "pam_inline.h".
(set_password): Replace read_passwords with pam_read_passwords.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every time I see a code like
if (strncasecmp(argv, "remember=", 9) == 0)
options->remember = strtol(&argv[9], NULL, 10);
my eyes are bleeding.
Similar to pam_str_skip_prefix_len() and pam_str_skip_prefix(),
introduce a new helper inline function pam_str_skip_icase_prefix_len()
and a new macro pam_str_skip_icase_prefix() on top of it, to be used
in subsequent commits to cleanup the ugliness.
* libpam/include/pam_inline.h (pam_str_skip_icase_prefix_len): New
function.
(pam_str_skip_icase_prefix): New macro.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Every time I see a code like
if (!strncmp(*argv,"user_readenv=",13))
*user_readenv = atoi(13+*argv);
my eyes are bleeding.
Introduce a new helper inline function pam_str_skip_prefix_len() and
a new macro pam_str_skip_prefix() on top of it, to be used in subsequent
commits to cleanup the ugliness.
* libpam/include/pam_inline.h: Include <string.h>.
(pam_str_skip_prefix_len): New function.
(pam_str_skip_prefix): New macro.
|
|
|
Introduce a new internal header file for definitions of handly inline
functions and macros providing some convenient functionality to libpam
and its modules.
* libpam/include/pam_cc_compat.h (PAM_SAME_TYPE): New macro.
* libpam/include/pam_inline.h: New file.
* libpam/Makefile.am (noinst_HEADERS): Add include/pam_inline.h.
|
