d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7c2274dc95
freebsd-dev/lib/libpam/modules
History
Jacques Vidrine 7c2274dc95 The pam_krb5 module stored a reference to a krb5_ccache structure as 
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt).  However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation.  Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.

Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.

This bug was uncovered by phkmalloc's free'd memory scrubbing.

Approved by:	re (jhb)
2002-11-13 17:46:15 +00:00
..
pam_deny Major cleanup: 2002-04-12 22:27:25 +00:00
pam_echo Just to show that PAM can do almost anything from the ridiculous to the 2002-05-23 22:03:06 +00:00
pam_exec Just to show that PAM can do almost anything from the ridiculous to the 2002-05-23 22:03:06 +00:00
pam_ftp Major cleanup: 2002-04-12 22:27:25 +00:00
pam_ftpusers Add pam_ftpusers(8), which enforces /etc/ftpusers. 2002-05-08 00:30:10 +00:00
pam_kerberosIV Major cleanup: 2002-04-12 22:27:25 +00:00
pam_krb5 The pam_krb5 module stored a reference to a krb5_ccache structure as 2002-11-13 17:46:15 +00:00
pam_ksu Tidy up. 2002-06-06 13:55:01 +00:00
pam_lastlog Missed one in previous commit. 2002-05-30 20:48:59 +00:00
pam_login_access Major cleanup: 2002-04-12 22:27:25 +00:00
pam_nologin Major cleanup: 2002-04-12 22:27:25 +00:00
pam_opie Since pam_get_authtok(3) doesn't know about our options structure, setting 2002-07-30 08:32:03 +00:00
pam_opieaccess Use PAM_SUCCESS instead of PAM_IGNORE. 2002-04-15 06:26:32 +00:00
pam_passwdqc mdoc(7) police: polish markup. 2002-05-30 14:49:57 +00:00
pam_permit Major cleanup: 2002-04-12 22:27:25 +00:00
pam_radius Allow the admin to specify a different NAS identifier than the hostname. 2002-10-28 10:28:46 +00:00
pam_rhosts mdoc(7) police: kill whitespace at EOL. 2002-05-30 14:52:00 +00:00
pam_rootok Major cleanup: 2002-04-12 22:27:25 +00:00
pam_securetty Major cleanup: 2002-04-12 22:27:25 +00:00
pam_self Major cleanup: 2002-04-12 22:27:25 +00:00
pam_ssh Major cleanup: 2002-04-12 22:27:25 +00:00
pam_tacplus Major cleanup: 2002-04-12 22:27:25 +00:00
pam_unix Free old_pwd only in the code path where it has been allocated. 2002-05-22 23:18:25 +00:00
pam_wheel Introduce 'exempt_if_empty' option to pam_wheel(8), which bypasses the 2002-10-18 02:37:29 +00:00
Makefile Switch to OpenPAM. Bump library version. Modules are now versioned, so 2002-03-05 21:56:25 +00:00
Makefile.inc Major cleanup of bsd.lib.mk. 2002-05-13 10:53:24 +00:00
modules.inc Add pam_ksu(8), a module to do Kerberos 5 authentication and 2002-05-28 20:52:31 +00:00