summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libc/gen/auth_subr.323
-rw-r--r--lib/libc/gen/auth_subr.c14
-rw-r--r--lib/libc/gen/authenticate.334
-rw-r--r--lib/libc/gen/authenticate.c35
-rw-r--r--lib/libc/gen/getgrent.c4
-rw-r--r--lib/libc/gen/getpwent.c4
-rw-r--r--lib/libc/gen/glob.c14
-rw-r--r--lib/libc/gen/pwcache.c18
-rw-r--r--lib/libc/hidden/grp.h6
-rw-r--r--lib/libc/hidden/pwd.h6
-rw-r--r--lib/libc/net/rcmdsh.c9
-rw-r--r--lib/libc/net/ruserok.c8
12 files changed, 72 insertions, 103 deletions
diff --git a/lib/libc/gen/auth_subr.3 b/lib/libc/gen/auth_subr.3
index 5af21eb4b97..000386679e3 100644
--- a/lib/libc/gen/auth_subr.3
+++ b/lib/libc/gen/auth_subr.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: auth_subr.3,v 1.22 2015/11/10 23:48:18 jmc Exp $
+.\" $OpenBSD: auth_subr.3,v 1.23 2015/11/24 22:03:33 millert Exp $
.\"
.\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
.\"
@@ -31,7 +31,7 @@
.\" SUCH DAMAGE.
.\"
.\" BSDI $From: auth_subr.3,v 2.5 2000/03/30 19:11:27 polk Exp $
-.Dd $Mdocdate: November 10 2015 $
+.Dd $Mdocdate: November 24 2015 $
.Dt AUTH_OPEN 3
.Os
.Sh NAME
@@ -540,22 +540,3 @@ or 0.
.Xr login_cap 3 ,
.Xr pw_dup 3 ,
.Xr login.conf 5
-.Sh CAVEATS
-The
-.Fn auth_check_change
-and
-.Fn auth_check_expire
-functions call
-.Fn getpwnam
-or
-.Fn getpwuid ,
-overwriting the static storage used by the
-.Xr getpwent 3
-family of routines.
-The calling program must either make a local copy of the passwd struct
-pointer via the
-.Xr pw_dup 3
-function or use the
-.Xr auth_setpwd 3
-function to copy the passwd struct into
-.Fa as .
diff --git a/lib/libc/gen/auth_subr.c b/lib/libc/gen/auth_subr.c
index 4f133d5c46b..9fd6d442121 100644
--- a/lib/libc/gen/auth_subr.c
+++ b/lib/libc/gen/auth_subr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth_subr.c,v 1.48 2015/11/02 17:03:29 mmcc Exp $ */
+/* $OpenBSD: auth_subr.c,v 1.49 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 2000-2002,2004 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -616,7 +616,8 @@ DEF_WEAK(auth_setdata);
int
auth_setpwd(auth_session_t *as, struct passwd *pwd)
{
- char *instance;
+ struct passwd pwstore;
+ char *instance, pwbuf[_PW_BUF_LEN];
if (pwd == NULL && as->pwd == NULL && as->name == NULL)
return (-1); /* true failure */
@@ -633,12 +634,15 @@ auth_setpwd(auth_session_t *as, struct passwd *pwd)
*/
if (as->name == NULL)
return (0);
- if ((pwd = getpwnam(as->name)) == NULL) {
+ getpwnam_r(as->name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
+ if (pwd == NULL) {
instance = strchr(as->name, '/');
if (instance == NULL)
return (as->pwd ? 0 : 1);
- if (strcmp(instance, "/root") == 0)
- pwd = getpwnam(instance + 1);
+ if (strcmp(instance, "/root") == 0) {
+ getpwnam_r(instance + 1, &pwstore, pwbuf,
+ sizeof(pwbuf), &pwd);
+ }
if (pwd == NULL)
return (as->pwd ? 0 : 1);
}
diff --git a/lib/libc/gen/authenticate.3 b/lib/libc/gen/authenticate.3
index d07b32f7b52..85064f38497 100644
--- a/lib/libc/gen/authenticate.3
+++ b/lib/libc/gen/authenticate.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: authenticate.3,v 1.16 2015/11/10 23:48:18 jmc Exp $
+.\" $OpenBSD: authenticate.3,v 1.17 2015/11/24 22:03:33 millert Exp $
.\"
.\" Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
.\"
@@ -31,7 +31,7 @@
.\" SUCH DAMAGE.
.\"
.\" BSDI $From: authenticate.3,v 2.7 1998/09/03 20:27:20 prb Exp $
-.Dd $Mdocdate: November 10 2015 $
+.Dd $Mdocdate: November 24 2015 $
.Dt AUTH_APPROVAL 3
.Os
.Sh NAME
@@ -306,33 +306,3 @@ is returned if no memory was available for the new copy of the string.
.Xr auth_subr 3 ,
.Xr getpwent 3 ,
.Xr pw_dup 3
-.Sh CAVEATS
-The
-.Fn auth_approval ,
-.Fn auth_usercheck ,
-.Fn auth_userokay ,
-and
-.Fn auth_userchallenge
-functions call
-.Xr getpwnam 3
-or
-.Xr getpwuid 3 ,
-overwriting the static storage used by the
-.Xr getpwent 3
-family of routines.
-The calling program must either make a local copy of the passwd struct
-pointer via the
-.Xr pw_dup 3
-function or, for
-.Fn auth_approval
-and
-.Fn auth_usercheck
-only, use the
-.Xr auth_setpwd 3
-function to copy the passwd struct into a
-.Bx
-Authentication session structure
-which can then be passed to
-.Fn auth_approval
-or
-.Fn auth_usercheck .
diff --git a/lib/libc/gen/authenticate.c b/lib/libc/gen/authenticate.c
index 80ff4ebab1a..d62ef5a4975 100644
--- a/lib/libc/gen/authenticate.c
+++ b/lib/libc/gen/authenticate.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authenticate.c,v 1.24 2015/09/14 16:09:13 tedu Exp $ */
+/* $OpenBSD: authenticate.c,v 1.25 2015/11/24 22:03:33 millert Exp $ */
/*-
* Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
@@ -177,8 +177,8 @@ int
auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type)
{
int close_on_exit, close_lc_on_exit, len;
- struct passwd *pwd;
- char *approve, *s, path[PATH_MAX];
+ struct passwd pwstore, *pwd;
+ char *approve, *s, path[PATH_MAX], pwbuf[_PW_BUF_LEN];
pwd = NULL;
close_on_exit = as == NULL;
@@ -191,10 +191,12 @@ auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type)
pwd = auth_getpwd(as);
if (pwd == NULL) {
- if (name != NULL)
- pwd = getpwnam(name);
- else {
- if ((pwd = getpwuid(getuid())) == NULL) {
+ if (name != NULL) {
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
+ } else {
+ getpwuid_r(getuid(), &pwstore, pwbuf, sizeof(pwbuf),
+ &pwd);
+ if (pwd == NULL) {
syslog(LOG_ERR, "no such user id %u", getuid());
warnx("cannot approve who we don't recognize");
return (0);
@@ -216,7 +218,7 @@ auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type)
if (pwd == NULL && (approve = strchr(name, '.')) != NULL) {
strlcpy(path, name, sizeof path);
path[approve-name] = '\0';
- pwd = getpwnam(name);
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
}
lc = login_getclass(pwd ? pwd->pw_class : NULL);
if (lc == NULL) {
@@ -307,9 +309,10 @@ auth_session_t *
auth_usercheck(char *name, char *style, char *type, char *password)
{
char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1];
+ char pwbuf[_PW_BUF_LEN];
auth_session_t *as;
login_cap_t *lc;
- struct passwd *pwd;
+ struct passwd pwstore, *pwd = NULL;
char *slash;
if (strlcpy(namebuf, name, sizeof(namebuf)) >= sizeof(namebuf))
@@ -327,10 +330,11 @@ auth_usercheck(char *name, char *style, char *type, char *password)
* the class so it is okay if we strip a /root instance
* The actual login script will pay attention to the instance.
*/
- if ((pwd = getpwnam(name)) == NULL) {
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
+ if (pwd == NULL) {
if ((slash = strchr(name, '/')) != NULL) {
*slash = '\0';
- pwd = getpwnam(name);
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
*slash = '/';
}
}
@@ -376,8 +380,8 @@ auth_userchallenge(char *name, char *style, char *type, char **challengep)
char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1];
auth_session_t *as;
login_cap_t *lc;
- struct passwd *pwd;
- char *slash;
+ struct passwd pwstore, *pwd = NULL;
+ char *slash, pwbuf[_PW_BUF_LEN];
if (strlen(name) >= sizeof(namebuf))
return (NULL);
@@ -395,10 +399,11 @@ auth_userchallenge(char *name, char *style, char *type, char **challengep)
* the class so it is okay if we strip a /root instance
* The actual login script will pay attention to the instance.
*/
- if ((pwd = getpwnam(name)) == NULL) {
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
+ if (pwd == NULL) {
if ((slash = strchr(name, '/')) != NULL) {
*slash = '\0';
- pwd = getpwnam(name);
+ getpwnam_r(name, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
*slash = '/';
}
}
diff --git a/lib/libc/gen/getgrent.c b/lib/libc/gen/getgrent.c
index e42fd57bc7d..624a9c06110 100644
--- a/lib/libc/gen/getgrent.c
+++ b/lib/libc/gen/getgrent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getgrent.c,v 1.44 2015/09/14 16:09:13 tedu Exp $ */
+/* $OpenBSD: getgrent.c,v 1.45 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
@@ -170,7 +170,6 @@ getgrgid(gid_t gid)
return getgrgid_gs(gid, p_gr, gs);
}
-DEF_WEAK(getgrgid);
int
getgrgid_r(gid_t gid, struct group *grp, char *buffer, size_t bufsize,
@@ -191,6 +190,7 @@ getgrgid_r(gid_t gid, struct group *grp, char *buffer, size_t bufsize,
errno = errnosave;
return ret;
}
+DEF_WEAK(getgrgid_r);
static int
start_gr(void)
diff --git a/lib/libc/gen/getpwent.c b/lib/libc/gen/getpwent.c
index 05a9d724712..b09107b15d4 100644
--- a/lib/libc/gen/getpwent.c
+++ b/lib/libc/gen/getpwent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getpwent.c,v 1.57 2015/11/18 16:44:46 tedu Exp $ */
+/* $OpenBSD: getpwent.c,v 1.58 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 2008 Theo de Raadt
* Copyright (c) 1988, 1993
@@ -768,7 +768,6 @@ getpwnam(const char *name)
}
return (pw);
}
-DEF_WEAK(getpwnam);
struct passwd *
getpwnam_shadow(const char *name)
@@ -854,7 +853,6 @@ getpwuid(uid_t uid)
}
return (pw);
}
-DEF_WEAK(getpwuid);
struct passwd *
getpwuid_shadow(uid_t uid)
diff --git a/lib/libc/gen/glob.c b/lib/libc/gen/glob.c
index 5d7037a2357..e098992f4b5 100644
--- a/lib/libc/gen/glob.c
+++ b/lib/libc/gen/glob.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: glob.c,v 1.44 2015/09/14 16:09:13 tedu Exp $ */
+/* $OpenBSD: glob.c,v 1.45 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
@@ -354,8 +354,8 @@ globexp2(const Char *ptr, const Char *pattern, glob_t *pglob,
static const Char *
globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
{
- struct passwd *pwd;
- char *h;
+ struct passwd pwstore, *pwd = NULL;
+ char *h, pwbuf[_PW_BUF_LEN];
const Char *p;
Char *b, *eb;
@@ -381,7 +381,9 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
* first and then trying the password file
*/
if (issetugid() != 0 || (h = getenv("HOME")) == NULL) {
- if ((pwd = getpwuid(getuid())) == NULL)
+ getpwuid_r(getuid(), &pwstore, pwbuf, sizeof(pwbuf),
+ &pwd);
+ if (pwd == NULL)
return pattern;
else
h = pwd->pw_dir;
@@ -390,7 +392,9 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
/*
* Expand a ~user
*/
- if ((pwd = getpwnam((char*) patbuf)) == NULL)
+ getpwnam_r((char *)patbuf, &pwstore, pwbuf, sizeof(pwbuf),
+ &pwd);
+ if (pwd == NULL)
return pattern;
else
h = pwd->pw_dir;
diff --git a/lib/libc/gen/pwcache.c b/lib/libc/gen/pwcache.c
index e65112447ba..f5cfea5c20f 100644
--- a/lib/libc/gen/pwcache.c
+++ b/lib/libc/gen/pwcache.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pwcache.c,v 1.11 2015/11/17 17:49:09 tedu Exp $ */
+/* $OpenBSD: pwcache.c,v 1.12 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
@@ -48,8 +48,8 @@ user_from_uid(uid_t uid, int nouser)
short noname;
char name[_PW_NAME_LEN + 1];
} c_uid[NLINES * NCACHE];
- static char nbuf[15]; /* 32 bits == 10 digits */
- struct passwd *pw;
+ char pwbuf[_PW_BUF_LEN];
+ struct passwd pwstore, *pw;
struct ncache *cp;
unsigned int i;
@@ -58,7 +58,9 @@ user_from_uid(uid_t uid, int nouser)
if (!*cp->name) {
fillit:
cp->uid = uid;
- if ((pw = getpwuid(uid)) == NULL) {
+ pw = NULL;
+ getpwuid_r(uid, &pwstore, pwbuf, sizeof(pwbuf), &pw);
+ if (pw == NULL) {
snprintf(cp->name, sizeof(cp->name), "%u", uid);
cp->noname = 1;
} else {
@@ -91,8 +93,8 @@ group_from_gid(gid_t gid, int nogroup)
short noname;
char name[_PW_NAME_LEN + 1];
} c_gid[NLINES * NCACHE];
- static char nbuf[15]; /* 32 bits == 10 digits */
- struct group *gr;
+ char grbuf[_PW_BUF_LEN];
+ struct group grstore, *gr;
struct ncache *cp;
unsigned int i;
@@ -101,7 +103,9 @@ group_from_gid(gid_t gid, int nogroup)
if (!*cp->name) {
fillit:
cp->gid = gid;
- if ((gr = getgrgid(gid)) == NULL) {
+ gr = NULL;
+ getgrgid_r(gid, &grstore, grbuf, sizeof(grbuf), &gr);
+ if (gr == NULL) {
snprintf(cp->name, sizeof(cp->name), "%u", gid);
cp->noname = 1;
} else {
diff --git a/lib/libc/hidden/grp.h b/lib/libc/hidden/grp.h
index 8c6a3e1e0b3..587ea3e6e51 100644
--- a/lib/libc/hidden/grp.h
+++ b/lib/libc/hidden/grp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: grp.h,v 1.1 2015/09/13 12:20:12 guenther Exp $ */
+/* $OpenBSD: grp.h,v 1.2 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 2015 Philip Guenther <guenther@openbsd.org>
*
@@ -26,8 +26,8 @@ __END_HIDDEN_DECLS
PROTO_NORMAL(endgrent);
PROTO_DEPRECATED(getgrent);
-PROTO_NORMAL(getgrgid);
-PROTO_DEPRECATED(getgrgid_r);
+PROTO_DEPRECATED(getgrgid);
+PROTO_NORMAL(getgrgid_r);
PROTO_DEPRECATED(getgrnam);
PROTO_DEPRECATED(getgrnam_r);
PROTO_DEPRECATED(group_from_gid);
diff --git a/lib/libc/hidden/pwd.h b/lib/libc/hidden/pwd.h
index 52e3ac1e9e0..b4e0dad9ca5 100644
--- a/lib/libc/hidden/pwd.h
+++ b/lib/libc/hidden/pwd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pwd.h,v 1.2 2015/11/18 16:44:46 tedu Exp $ */
+/* $OpenBSD: pwd.h,v 1.3 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 2015 Philip Guenther <guenther@openbsd.org>
*
@@ -31,10 +31,10 @@ PROTO_DEPRECATED(bcrypt_gensalt);
PROTO_NORMAL(bcrypt_newhash);
PROTO_DEPRECATED(endpwent);
PROTO_DEPRECATED(getpwent);
-PROTO_NORMAL(getpwnam);
+PROTO_DEPRECATED(getpwnam);
PROTO_NORMAL(getpwnam_r);
PROTO_NORMAL(getpwnam_shadow);
-PROTO_NORMAL(getpwuid);
+PROTO_DEPRECATED(getpwuid);
PROTO_NORMAL(getpwuid_r);
PROTO_NORMAL(getpwuid_shadow);
PROTO_NORMAL(pw_dup);
diff --git a/lib/libc/net/rcmdsh.c b/lib/libc/net/rcmdsh.c
index 5d468ff4c44..14275d414a4 100644
--- a/lib/libc/net/rcmdsh.c
+++ b/lib/libc/net/rcmdsh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rcmdsh.c,v 1.17 2015/11/01 03:45:29 guenther Exp $ */
+/* $OpenBSD: rcmdsh.c,v 1.18 2015/11/24 22:03:33 millert Exp $ */
/*
* Copyright (c) 2001, MagniComp
@@ -58,15 +58,16 @@ rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser,
struct hostent *hp;
int sp[2];
pid_t cpid;
- char *p;
- struct passwd *pw;
+ char *p, pwbuf[_PW_BUF_LEN];
+ struct passwd pwstore, *pw = NULL;
/* What rsh/shell to use. */
if (rshprog == NULL)
rshprog = _PATH_RSH;
/* locuser must exist on this host. */
- if ((pw = getpwnam(locuser)) == NULL) {
+ getpwnam_r(locuser, &pwstore, pwbuf, sizeof(pwbuf), &pw);
+ if (pw == NULL) {
(void) fprintf(stderr, "rcmdsh: unknown user: %s\n", locuser);
return(-1);
}
diff --git a/lib/libc/net/ruserok.c b/lib/libc/net/ruserok.c
index 88c89ac40fa..7dda9550a8f 100644
--- a/lib/libc/net/ruserok.c
+++ b/lib/libc/net/ruserok.c
@@ -111,11 +111,11 @@ iruserok_sa(const void *raddr, int rlen, int superuser, const char *ruser,
struct sockaddr *sa;
char *cp;
struct stat sbuf;
- struct passwd *pwd;
+ struct passwd pwstore, *pwd;
FILE *hostf;
uid_t uid;
int first;
- char pbuf[PATH_MAX];
+ char pbuf[PATH_MAX], pwbuf[_PW_BUF_LEN];
sa = (struct sockaddr *)raddr;
first = 1;
@@ -132,7 +132,9 @@ again:
int len;
first = 0;
- if ((pwd = getpwnam(luser)) == NULL)
+ pwd = NULL;
+ getpwnam_r(luser, &pwstore, pwbuf, sizeof(pwbuf), &pwd);
+ if (pwd == NULL)
return (-1);
len = snprintf(pbuf, sizeof pbuf, "%s/.rhosts", pwd->pw_dir);
if (len < 0 || len >= sizeof pbuf)