diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-12-04 09:51:10 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2019-12-04 09:51:10 +0000 |
| commit | c42e2ddc5f86ed98cb3db51afbdb8e65a14954cb (patch) | |
| tree | 355331c25f2479f86d8d219659040a5d220424fe /lib | |
| parent | 6ee6370dee8034e683958cc53531e348e14fc8ab (diff) | |
libc's authentication privsep layer performed insufficient username
validation. Repair work mostly by markus and millert, first of all
solving the primary problem, then adding some additional validation
points. And then futher validation in login and su.
This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig
Reported by Qualys
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/hidden/bsd_auth.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libc/hidden/bsd_auth.h b/lib/libc/hidden/bsd_auth.h index 1a6cd7d66f3..2923495e8a1 100644 --- a/lib/libc/hidden/bsd_auth.h +++ b/lib/libc/hidden/bsd_auth.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bsd_auth.h,v 1.1 2015/09/12 15:20:14 guenther Exp $ */ +/* $OpenBSD: bsd_auth.h,v 1.2 2019/12/04 09:50:47 deraadt Exp $ */ /* * Copyright (c) 2015 Philip Guenther <guenther@openbsd.org> * @@ -20,6 +20,10 @@ #include_next <bsd_auth.h> +__BEGIN_HIDDEN_DECLS +int _auth_validuser(const char *name); +__END_HIDDEN_DECLS + PROTO_NORMAL(auth_approval); PROTO_NORMAL(auth_call); PROTO_NORMAL(auth_cat); |