[Libreoffice-commits] .: sal/inc sal/osl

Michael Meeks mmeeks at kemper.freedesktop.org
Mon Oct 25 08:09:27 PDT 2010


 sal/inc/osl/security.h |    7 
 sal/osl/unx/security.c |  460 +------------------------------------------------
 2 files changed, 14 insertions(+), 453 deletions(-)

New commits:
commit 617a1feae1ff04f6de6bfb91c3c5b05d709c03cb
Author: Nadav Vinik <email at nadavvin.com>
Date:   Mon Oct 25 16:08:20 2010 +0100

    remove un-necessary pam usage

diff --git a/sal/inc/osl/security.h b/sal/inc/osl/security.h
index d22f128..0fd27f5 100644
--- a/sal/inc/osl/security.h
+++ b/sal/inc/osl/security.h
@@ -35,8 +35,8 @@ extern "C" {
 #endif
 
 typedef enum {
-    osl_Security_E_None,				
-    osl_Security_E_UserUnknown,			
+    osl_Security_E_None,
+    osl_Security_E_UserUnknown,
     osl_Security_E_WrongPassword,
     osl_Security_E_Unknown,
     osl_Security_E_FORCE_EQUAL_SIZE = SAL_MAX_ENUM
@@ -57,7 +57,8 @@ typedef void* oslSecurity;
 */
 oslSecurity SAL_CALL osl_getCurrentSecurity(void);
 
-/** Create a security handle for the denoted user.
+/** Deprecated API
+    Create a security handle for the denoted user.
     Try to log in the user on the local system.
     @param strzUserName [in] denotes the name of the user to logg in.
     @param strPasswd [in] the password for this user.
diff --git a/sal/osl/unx/security.c b/sal/osl/unx/security.c
index 92bc432..0cc1072 100644
--- a/sal/osl/unx/security.c
+++ b/sal/osl/unx/security.c
@@ -47,12 +47,6 @@
 
 #include "secimpl.h"
 
-#ifndef NOPAM
-#ifndef PAM_BINARY_MSG
-#define PAM_BINARY_MSG 6
-#endif
-#endif
-
 static oslSecurityError SAL_CALL 
 osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
                   oslSecurity* pSecurity);
@@ -141,311 +135,6 @@ oslSecurity SAL_CALL osl_getCurrentSecurity()
     }
 }
 
-
-#if defined LINUX && !defined NOPAM
-
-/*
- *
- * osl Routines for Pluggable Authentication Modules (PAM)
- * tested with Linux-PAM 0.66 on Redhat-6.0 and 
- * Linux-PAM 0.64 on RedHat-5.2,
- * XXX Will probably not run on PAM 0.59 or prior, since 
- *     number of pam_response* responses has changed
- *
- */
-
-#include <security/pam_appl.h>
-
-typedef struct {
-    char* name;
-    char* password;
-} sal_PamData;
-
-typedef struct {
-    int (*pam_start)(const char *service_name, const char *user,
-                      const struct pam_conv *pam_conversation,
-                      pam_handle_t **pamh);
-    int (*pam_end)          (pam_handle_t *pamh, int pam_status);
-    int (*pam_authenticate) (pam_handle_t *pamh, int flags);
-    int (*pam_acct_mgmt)    (pam_handle_t *pamh, int flags);
-} sal_PamModule;
-
-/*
- * Implement a pam-conversation callback-routine, 
- * it just supply name and password instead of prompting the user.
- * I guess that echo-off means 'ask for password' and echo-on means
- * 'ask for user-name'. In fact I've never been asked anything else
- * than the password 
- * XXX Please notice that if a pam-module does ask anything else, we 
- *     are completely lost, and a pam-module is free to do so
- * XXX
- */
-
-static int 
-osl_PamConversation (int num_msg, const struct pam_message **msgm,
-                     struct pam_response **response, void *appdata_ptr)
-{
-    int	  		i;
-    sal_Bool	error;
-    sal_PamData         *pam_data;
-    struct pam_response *p_reply;
-
-    /* resource initialization */
-    pam_data = (sal_PamData*) appdata_ptr;
-    p_reply  = (struct pam_response *) calloc( num_msg, 
-                                               sizeof(struct pam_response));
-    if ( p_reply == NULL || pam_data == NULL )
-    {
-        if ( p_reply != NULL )
-            free ( p_reply );
-        *response = NULL;
-        return PAM_CONV_ERR;
-    }
-
-    /* pseudo dialog */
-    error = sal_False;
-    for ( i = 0; i < num_msg ; i++ )
-    {
-        switch ( msgm[ i ]->msg_style )
-        {
-            case PAM_PROMPT_ECHO_OFF: 
-                p_reply[ i ].resp_retcode = 0;
-                p_reply[ i ].resp 		  = strdup( pam_data->password );
-                 break;
-            case PAM_PROMPT_ECHO_ON:  
-                p_reply[ i ].resp_retcode = 0;
-                p_reply[ i ].resp 		= strdup( pam_data->name );
-                break;
-            case PAM_ERROR_MSG:
-            case PAM_TEXT_INFO:
-             case PAM_BINARY_PROMPT:
-            case PAM_BINARY_MSG:
-                p_reply[ i ].resp_retcode 	= 0;
-                p_reply[ i ].resp 			= NULL;
-                break;
-            default:
-                error = sal_True; 
-                break;
-        }
-    }
-
-    /* free resources on error */
-    if ( error )
-    {
-        for ( i = 0; i < num_msg ; i++ )
-            if ( p_reply[ i ].resp )
-            {
-                memset ( p_reply[ i ].resp, 0, 
-                         strlen( p_reply[ i ].resp ) );  
-                free   ( p_reply[ i ].resp );
-            }
-        free ( p_reply );
-
-        *response = NULL;
-        return PAM_CONV_ERR;
-    }
-
-    /* well done */
-    *response = p_reply;
-    return PAM_SUCCESS;
-}
-
-#ifndef PAM_LINK
-/*
- * avoid linking against libpam.so, since it is not available on all systems,
- * instead load-on-call, returns structure which holds pointer to 
- * pam-functions, 
- * library is never closed in case of success
- */
-
-static sal_PamModule* osl_getPAM()
-{
-    static sal_PamModule *pam_module = NULL;
-    static sal_Bool load_once = sal_False;
-
-    if ( !load_once )
-    {
-        /* get library-handle. cannot use osl-module, since 
-            RTLD_GLOBAL is required for PAM-0.64 RH 5.2 
-           (but not for PAM-0.66 RH 6.0) */
-        void *pam_hdl;
-        
-        pam_hdl = dlopen( "libpam.so.0", RTLD_GLOBAL | RTLD_LAZY );  
-        
-        if ( pam_hdl != NULL )
-            pam_module = (sal_PamModule*)calloc( 1, sizeof(sal_PamModule) );
-        
-        /* load functions */
-        if ( pam_module  != NULL )
-        {
-            pam_module->pam_acct_mgmt = (int (*)(pam_handle_t *, int)) dlsym ( pam_hdl, "pam_acct_mgmt" );
-            pam_module->pam_authenticate 
-                                      = (int (*)(pam_handle_t *, int)) dlsym ( pam_hdl, "pam_authenticate" );
-            pam_module->pam_end       = (int (*)(pam_handle_t *, int)) dlsym ( pam_hdl, "pam_end" );
-            pam_module->pam_start     = (int (*)(const char *, const char *, const struct pam_conv *, pam_handle_t **)) dlsym ( pam_hdl, "pam_start" );
-
-            /* free resources, if not completely successful */
-            if (   (pam_module->pam_start 		 == NULL) 
-                || (pam_module->pam_end 		 == NULL)  
-                || (pam_module->pam_authenticate == NULL) 
-                || (pam_module->pam_acct_mgmt 	 == NULL) )
-            {
-                free( pam_module );
-                pam_module = NULL;
-                dlclose( pam_hdl );
-            }
-        }
-
-        /* never try again */
-        load_once = sal_True;
-    }
-
-    return pam_module;	
-}
-#endif
-
-/*
- * User Identification using PAM
- */
-
-static sal_Bool
-osl_PamAuthentification( const sal_Char* name, const sal_Char* password )
-{
-    sal_Bool success = sal_False;
-
-#ifndef PAM_LINK
-    sal_PamModule* pam_module;
-
-    pam_module = osl_getPAM();
-    if ( pam_module != NULL )
-    {
-#endif
-        pam_handle_t   *pam_handle = NULL;
-        struct pam_conv pam_conversation;
-        sal_PamData     pam_data;
-
-        int				return_value;
-
-        pam_data.name     = (char*) name;
-        pam_data.password = (char*) password; 
-    
-        pam_conversation.conv 		 = osl_PamConversation;
-        pam_conversation.appdata_ptr = (void*)(&pam_data); 
-
-#ifndef PAM_LINK
-          return_value = pam_module->pam_start( "su", name, 
-            &pam_conversation, &pam_handle);
-#else
-          return_value = pam_start( "su", name, 
-            &pam_conversation, &pam_handle);
-#endif
-        if (return_value == PAM_SUCCESS ) 
-#ifndef PAM_LINK
-            return_value = pam_module->pam_authenticate(pam_handle, 0);
-#else
-            return_value = pam_authenticate(pam_handle, 0);
-#endif
-          if (return_value == PAM_SUCCESS ) 
-#ifndef PAM_LINK
-            return_value = pam_module->pam_acct_mgmt(pam_handle, 0);
-        pam_module->pam_end( pam_handle, return_value );
-#else
-            return_value = pam_acct_mgmt(pam_handle, 0);
-        pam_end( pam_handle, return_value );
-#endif
-    
-        success = (sal_Bool)(return_value == PAM_SUCCESS);
-#ifndef PAM_LINK
-    }
-#endif
-
-      return success;
-}
-
-
-#ifndef CRYPT_LINK
-/* dummy crypt, matches the interface of 
-   crypt() but does not encrypt at all */
-static const sal_Char* SAL_CALL
-osl_noCrypt ( const sal_Char *key, const sal_Char *salt )
-{
-    (void) salt; /* unused */
-    return key;
-}
-
-/* load-on-call crypt library and crypt symbol */
-static void*  SAL_CALL
-osl_getCrypt()
-{
-    static char* (*crypt_sym)(const char*, const char*) = NULL;
-    static sal_Bool load_once  = sal_False;
-
-    if ( !load_once )
-    {
-        void * crypt_library;
-
-        crypt_library = dlopen( "libcrypt.so.1", RTLD_GLOBAL | RTLD_LAZY ); /* never closed */
-        if ( crypt_library != NULL )
-            crypt_sym = (char* (*)(const char *, const char *)) dlsym(crypt_library, "crypt" );
-        if ( crypt_sym == NULL ) /* no libcrypt or libcrypt without crypt */
-            crypt_sym = (char* (*)(const char *, const char *)) &osl_noCrypt;
-
-        load_once = sal_True;
-    }
-
-    return (void*)crypt_sym;	
-}
-
-/* replacement for crypt function for password encryption, uses either 
-   strong encryption of dlopen'ed libcrypt.so.1 or dummy implementation 
-   with no encryption. Objective target is to avoid linking against 
-   libcrypt (not available on caldera open linux 2.2 #63822#) */
-static sal_Char* SAL_CALL
-osl_dynamicCrypt ( const sal_Char *key, const sal_Char *salt )
-{
-    char* (*dynamic_crypt)(char *, char *);
-
-    dynamic_crypt = (char * (*)(char *, char *)) osl_getCrypt();
-
-    return dynamic_crypt( (sal_Char*)key, (sal_Char*)salt );
-}
-#endif
-
-/*
- * compare an encrypted and an unencrypted password for equality
- * returns true if passwords are equal, false otherwise
- * Note: uses crypt() and a mutex instead of crypt_r() since crypt_r needs
- * more than 128KByte of external buffer for struct crypt_data 
- */
-
-static sal_Bool SAL_CALL
-osl_equalPasswords ( const sal_Char *pEncryptedPassword, const sal_Char *pPlainPassword )
-{
-    static pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER;
-
-    sal_Bool  success;
-    sal_Char  salt[3]; 
-    sal_Char *encrypted_plain;
-
-    salt[0] = pEncryptedPassword[0];
-    salt[1] = pEncryptedPassword[1];
-    salt[2] = '\0';
-    
-    pthread_mutex_lock(&crypt_mutex);
-
-#ifndef CRYPT_LINK
-    encrypted_plain = (sal_Char *)osl_dynamicCrypt( pPlainPassword, salt );
-#else
-    encrypted_plain = (sal_Char *)crypt( pPlainPassword, salt );
-#endif
-    success = (sal_Bool) (strcmp(pEncryptedPassword, encrypted_plain) == 0);
-    
-    pthread_mutex_unlock(&crypt_mutex);
-    
-    return success;
-}
-
-#endif /* defined LINUX && !defined NOPAM */
 oslSecurityError SAL_CALL osl_loginUser(
     rtl_uString *ustrUserName,
     rtl_uString *ustrPassword,
@@ -457,10 +146,9 @@ oslSecurityError SAL_CALL osl_loginUser(
     rtl_String* strPassword=0;
     sal_Char* pszUserName=0;
     sal_Char* pszPassword=0;
-    
+
     if ( ustrUserName != 0 )
     {
-        
         rtl_uString2String( &strUserName,
                             rtl_uString_getStr(ustrUserName),
                             rtl_uString_getLength(ustrUserName),
@@ -468,7 +156,7 @@ oslSecurityError SAL_CALL osl_loginUser(
                             OUSTRING_TO_OSTRING_CVTFLAGS );
         pszUserName = rtl_string_getStr(strUserName);
     }
-    
+
 
     if ( ustrPassword != 0 )
     {
@@ -476,165 +164,37 @@ oslSecurityError SAL_CALL osl_loginUser(
                             rtl_uString_getStr(ustrPassword),
                             rtl_uString_getLength(ustrPassword),
                             RTL_TEXTENCODING_UTF8,
-                            OUSTRING_TO_OSTRING_CVTFLAGS );    
+                            OUSTRING_TO_OSTRING_CVTFLAGS );
         pszPassword = rtl_string_getStr(strPassword);
     }
-    
-    
+
+
     Error=osl_psz_loginUser(pszUserName,pszPassword,pSecurity);
 
     if ( strUserName != 0 )
-    {    
+    {
         rtl_string_release(strUserName);
     }
-    
+
     if ( strPassword)
     {
         rtl_string_release(strPassword);
     }
-    
-    
+
+
     return Error;
 }
 
-    
+
 static oslSecurityError SAL_CALL 
 osl_psz_loginUser(const sal_Char* pszUserName, const sal_Char* pszPasswd,
                oslSecurity* pSecurity)
 {
-#if defined NETBSD || defined SCO || defined AIX || defined FREEBSD || \
-    defined MACOSX
     (void)pszUserName;
     (void)pszPasswd;
     (void)pSecurity;
 
     return osl_Security_E_None;
-
-#else
-
-    oslSecurityError nError = osl_Security_E_Unknown;
-    oslSecurityImpl * p = NULL;
-    if (pszUserName != NULL && pszPasswd != NULL && pSecurity != NULL) {
-        /* get nis or normal password, should succeed for any known user, but
-           perhaps the password is wrong (i.e. 'x') if shadow passwords are in
-           use or authentication must be done by PAM */
-        size_t n = 0;
-        int err = 0;
-        struct passwd * found = NULL;
-        for (;;) {
-            p = growSecurityImpl(p, &n);
-            if (p == NULL) {
-                break;
-            }
-            err = getpwnam_r(
-                pszUserName, &p->m_pPasswd, p->m_buffer, n, &found);
-            if (err != ERANGE) {
-                break;
-            }
-        }
-        if (p != NULL && err == 0) {
-            if (found == NULL) {
-                nError = osl_Security_E_UserUnknown;
-            } else {
-#if defined LINUX && !defined NOPAM
-                /* only root is able to read the /etc/shadow passwd, a normal
-                   user even can't read his own encrypted passwd */
-                if (osl_equalPasswords(p->m_pPasswd.pw_passwd, pszPasswd) ||
-                    osl_PamAuthentification(pszUserName, pszPasswd))
-                {
-                    nError = osl_Security_E_None;
-                } else {
-                    char buffer[1024];
-                    struct spwd result_buf;
-                    struct spwd * pShadowPasswd;
-                    buffer[0] = '\0';
-                    if (getspnam_r(
-                            pszUserName, &result_buf, buffer, sizeof buffer,
-                            &pShadowPasswd) == 0 &&
-                        pShadowPasswd != NULL)
-                    {
-                        nError =
-                            osl_equalPasswords(
-                                pShadowPasswd->sp_pwdp, pszPasswd)
-                            ? osl_Security_E_None
-                            : osl_Security_E_WrongPassword;
-                    } else if (getuid() == 0) {
-                        /* mfe: Try to verify the root-password via nis */
-                        if (getspnam_r(
-                                "root", &result_buf, buffer, sizeof buffer,
-                                &pShadowPasswd) == 0 &&
-                            pShadowPasswd != NULL &&
-                            osl_equalPasswords(
-                                pShadowPasswd->sp_pwdp, pszPasswd))
-                        {
-                            nError = osl_Security_E_None;
-                        } else {
-                            /* mfe: we can't get via nis (glibc2.0.x has bug in
-                               getspnam_r) we try it with the normal getspnam */
-                            static pthread_mutex_t pwmutex =
-                                PTHREAD_MUTEX_INITIALIZER;
-                            pthread_mutex_lock(&pwmutex);
-                            pShadowPasswd = getspnam("root");
-                            pthread_mutex_unlock(&pwmutex);
-                            nError =
-                                ((pShadowPasswd != NULL &&
-                                  osl_equalPasswords(
-                                      pShadowPasswd->sp_pwdp, pszPasswd)) ||
-                                 osl_PamAuthentification("root", pszPasswd))
-                                ? osl_Security_E_None
-                                : osl_Security_E_WrongPassword;
-                        }
-                    }
-                }
-#else
-                char buffer[1024];
-                struct spwd spwdStruct;
-                buffer[0] = '\0';
-#ifndef NEW_SHADOW_API
-                if (getspnam_r(pszUserName, &spwdStruct, buffer, sizeof buffer) != NULL)
-#else
-                if (getspnam_r(pszUserName, &spwdStruct, buffer, sizeof buffer, NULL) == 0)
-#endif
-                {
-                    char salt[3];
-                    char * cryptPasswd;
-                    strncpy(salt, spwdStruct.sp_pwdp, 2);
-                    salt[2] = '\0';
-                    cryptPasswd = (char *) crypt(pszPasswd, salt);
-                    if (strcmp(spwdStruct.sp_pwdp, cryptPasswd) == 0) {
-                        nError = osl_Security_E_None;
-                    } else if (getuid() == 0 &&
-#ifndef NEW_SHADOW_API
-                               (getspnam_r("root", &spwdStruct, buffer, sizeof buffer) != NULL))
-#else
-                               (getspnam_r("root", &spwdStruct, buffer, sizeof buffer, NULL) == 0))
-#endif
-                    {
-                        /* if current process is running as root, allow to logon
-                           as any other user */
-                        strncpy(salt, spwdStruct.sp_pwdp, 2);
-                        salt[2] = '\0';
-                        cryptPasswd = (char *) crypt(pszPasswd, salt);
-                        if (strcmp(spwdStruct.sp_pwdp, cryptPasswd) == 0) {
-                            nError = osl_Security_E_None;
-                        }
-                    } else {
-                        nError = osl_Security_E_WrongPassword;      
-                    }
-                }
-#endif
-            }
-        }
-    }
-    if (nError == osl_Security_E_None) {
-        *pSecurity = p;
-    } else {
-        deleteSecurityImpl(p);
-        *pSecurity = NULL;
-    }
-    return nError;
-
-#endif
 }
 
 oslSecurityError SAL_CALL osl_loginUserOnFileServer(


More information about the Libreoffice-commits mailing list