kauth: fix klog principal name parsing

If a principal name is specified to the klog command, it is not
correctly passed in the pw structure.  This in turn causes
uninitialized storage to be passed to ka_UserAuthenticateGeneral.
This may either lead to a segmentation fault in klog, or cause
garbage to be passed to the kaserver, leading to garbage in some
log and audit messages.  In all cases it is impossible to authenticate
to kaserver with a specified principal name.  However, klog
still works correctly when no principal name is specified.

This was introduced by commit 68ce3aa814a7e3085242e705f013f05ed5da2d5c
which removed lclpw to eliminate a clang warning.  However, the clang
warning was misleading in this case, as lclpw was actually used
(confusingly) to indirectly update the pw structure.

Instead of reverting this commit, just update pw->pwname directly.

Change-Id: I565360c6e2f970637422e8b01998d3fc29874ec4
Reviewed-on: http://gerrit.openafs.org/11145
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/kauth/klog.c b/src/kauth/klog.c
index 458c606..9116a88 100644 (file)
--- a/src/kauth/klog.c
+++ b/src/kauth/klog.c
@@ -268,6 +268,7 @@ CommandProc(struct cmd_syndesc *as, void *arock)
            foundExplicitCell = 1;
            strncpy(realm, cell, sizeof(realm));
        }
+       pw->pw_name = name;
     } else {
        /* No explicit name provided: use Unix uid. */
        pw = getpwuid(getuid());