summaryrefslogtreecommitdiff
path: root/lib/libc/hidden
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2019-12-04 09:51:10 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2019-12-04 09:51:10 +0000
commitc42e2ddc5f86ed98cb3db51afbdb8e65a14954cb (patch)
tree355331c25f2479f86d8d219659040a5d220424fe /lib/libc/hidden
parent6ee6370dee8034e683958cc53531e348e14fc8ab (diff)
libc's authentication privsep layer performed insufficient username
validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig Reported by Qualys
Diffstat (limited to 'lib/libc/hidden')
-rw-r--r--lib/libc/hidden/bsd_auth.h6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libc/hidden/bsd_auth.h b/lib/libc/hidden/bsd_auth.h
index 1a6cd7d66f3..2923495e8a1 100644
--- a/lib/libc/hidden/bsd_auth.h
+++ b/lib/libc/hidden/bsd_auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bsd_auth.h,v 1.1 2015/09/12 15:20:14 guenther Exp $ */
+/* $OpenBSD: bsd_auth.h,v 1.2 2019/12/04 09:50:47 deraadt Exp $ */
/*
* Copyright (c) 2015 Philip Guenther <guenther@openbsd.org>
*
@@ -20,6 +20,10 @@
#include_next <bsd_auth.h>
+__BEGIN_HIDDEN_DECLS
+int _auth_validuser(const char *name);
+__END_HIDDEN_DECLS
+
PROTO_NORMAL(auth_approval);
PROTO_NORMAL(auth_call);
PROTO_NORMAL(auth_cat);