pam: Fix password torching const-ness

In some code branches, the PAM code "torches" a password by zeroing
it. However, it does this through a const pointer which we otherwise
know is not actually const. Make sure we get better type checking by
doing this through a non-const pointer.

Change-Id: Ibdb4c7b98baf964a8efdf0e8a9882f8ab29e22af
Reviewed-on: http://gerrit.openafs.org/4554
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>

diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c
index 83e472d..9051cc4 100644 (file)
--- a/src/pam/afs_auth.c
+++ b/src/pam/afs_auth.c
@@ -57,7 +57,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     int got_authtok = 0;       /* got PAM_AUTHTOK upon entry */
     PAM_CONST char *user = NULL, *password = NULL;
     afs_int32 password_expires = -1;
-    int torch_password = 1;
+    char *torch_password = NULL;
     int i;
     PAM_CONST struct pam_conv *pam_convp = NULL;
     int auth_ok;
@@ -205,13 +205,11 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
            pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user);
     } else if (password[0] == '\0') {
        /* Actually we *did* get one but it was empty. */
-       torch_password = 0;
        pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
        RET(PAM_NEW_AUTHTOK_REQD);
     } else {
        if (logmask && LOG_MASK(LOG_DEBUG))
            pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-       torch_password = 0;
        got_authtok = 1;
     }
     if (!(use_first_pass || try_first_pass)) {
@@ -222,8 +220,6 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
     if (password == NULL) {
        char *prompt_password;
 
-       torch_password = 1;
-
        if (use_first_pass)
            RET(PAM_AUTH_ERR);  /* shouldn't happen */
        if (try_first_pass)
@@ -256,7 +252,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
        my_password_buf[sizeof(my_password_buf) - 1] = '\0';
        memset(prompt_password, 0, strlen(prompt_password));
        free(prompt_password);
-       password = my_password_buf;
+       password = torch_password = my_password_buf;
 
     }
 
@@ -398,7 +394,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
      * after pam_afs
      */
     if (!got_authtok) {
-       torch_password = 0;
+       torch_password = NULL;
        (void)pam_set_item(pamh, PAM_AUTHTOK, password);
     }
 
@@ -414,7 +410,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc,
        char *tmp = strdup(password);
        (void)pam_set_data(pamh, pam_afs_lh, tmp, lc_cleanup);
        if (torch_password)
-           memset((char *)password, 0, strlen(password));
+           memset(torch_password, 0, strlen(torch_password));
     }
     (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV

diff --git a/src/pam/afs_password.c b/src/pam/afs_password.c
index d8c7728..0aab5b1 100644 (file)
--- a/src/pam/afs_password.c
+++ b/src/pam/afs_password.c
@@ -39,7 +39,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
     int try_first_pass = 0;
     int ignore_root = 0;
     int got_authtok = 0;       /* got PAM_AUTHTOK upon entry */
-    int torch_password = 1;
+    char *torch_password = NULL;
     int i;
     char my_password_buf[256];
     char instance[256];
@@ -150,13 +150,11 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
            pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user);
     } else if (password[0] == '\0') {
        /* Actually we *did* get one but it was empty. */
-       torch_password = 0;
        pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user);
        RET(PAM_NEW_AUTHTOK_REQD);
     } else {
        if (logmask && LOG_MASK(LOG_DEBUG))
            pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-       torch_password = 0;
        got_authtok = 1;
     }
     if (!(use_first_pass || try_first_pass)) {
@@ -165,7 +163,6 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
 
     if (password == NULL) {
        char *prompt_password;
-       torch_password = 1;
        if (use_first_pass)
            RET(PAM_AUTH_ERR);  /* shouldn't happen */
        if (try_first_pass)
@@ -196,7 +193,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
        my_password_buf[sizeof(my_password_buf) - 1] = '\0';
        memset(prompt_password, 0, strlen(password));
        free(prompt_password);
-       password = my_password_buf;
+       password = torch_password = my_password_buf;
     }
 
     if ((code = ka_VerifyUserPassword(KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, (char *)user,        /* kerberos name */
@@ -208,7 +205,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
        pam_afs_syslog(LOG_ERR, PAMAFS_LOGIN_FAILED, user, reason);
        RET(PAM_AUTH_ERR);
     }
-    torch_password = 0;
+    torch_password = NULL;
     pam_set_item(pamh, PAM_AUTHTOK, password);
     pam_set_item(pamh, PAM_OLDAUTHTOK, password);
     if (flags & PAM_PRELIM_CHECK) {
@@ -301,7 +298,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv)
 
   out:
     if (password && torch_password) {
-       memset((char *)password, 0, strlen(password));
+       memset(torch_password, 0, strlen(torch_password));
     }
     (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV

diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c
index 7077ec9..5fa060f 100644 (file)
--- a/src/pam/afs_setcred.c
+++ b/src/pam/afs_setcred.c
@@ -50,7 +50,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
     char my_password_buf[256];
     char *cell_ptr = NULL;
     char sbuffer[100];
-    int torch_password = 1;
+    char *torch_password = NULL;
     int auth_ok = 0;
     char *lh;
     PAM_CONST char *user = NULL;
@@ -202,7 +202,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
        } else if (password[0] == '\0') {
            /* Actually we *did* get one but it was empty. */
            got_authtok = 1;
-           torch_password = 0;
            /* So don't use it. */
            password = NULL;
            if (use_first_pass) {
@@ -214,7 +213,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
        } else {
            if (logmask && LOG_MASK(LOG_DEBUG))
                pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user);
-           torch_password = 0;
            got_authtok = 1;
        }
        if (!(use_first_pass || try_first_pass)) {
@@ -225,8 +223,6 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
        if (password == NULL) {
            char *prompt_password;
 
-           torch_password = 1;
-
            if (use_first_pass)
                RET(PAM_AUTH_ERR);      /* shouldn't happen */
            if (try_first_pass)
@@ -260,7 +256,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
            my_password_buf[sizeof(my_password_buf) - 1] = '\0';
            memset(prompt_password, 0, strlen(prompt_password));
            free(prompt_password);
-           password = my_password_buf;
+           password = torch_password = my_password_buf;
        }
        /*
         * We only set a PAG here, if we haven't got one before in
@@ -322,7 +318,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 
        /* pam_sm_authenticate should have set this
         * if (auth_ok && !got_authtok) {
-        *     torch_password = 0;
+        *     torch_password = NULL;
         *     (void) pam_set_item(pamh, PAM_AUTHTOK, password);
         * }
         */
@@ -354,7 +350,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
 
   out:
     if (password && torch_password)
-       memset((char*)password, 0, strlen(password));
+       memset(torch_password, 0, strlen(torch_password));
     (void)setlogmask(origmask);
 #ifndef AFS_SUN56_ENV
     closelog();