diff options
author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2018-12-27 16:33:27 +0000 |
---|---|---|
committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2018-12-27 16:33:27 +0000 |
commit | 064374be911f72dfaec8a75f06da1f9fc1827712 (patch) | |
tree | ad96fd1f1b9b57a50005db7803f6b79e748bb820 /shadow | |
parent | 4dc1e6e42f1f602e1d2227e112f2db8dce9da763 (diff) | |
parent | 7c7d34a16f08f84427b3f617313d9633423ad5eb (diff) |
Merge commit 'refs/top-bases/t/hurdsig-global-dispositions' into t/hurdsig-global-dispositions
Diffstat (limited to 'shadow')
-rw-r--r-- | shadow/Makefile | 16 | ||||
-rw-r--r-- | shadow/fgetspent.c | 2 | ||||
-rw-r--r-- | shadow/fgetspent_r.c | 2 | ||||
-rw-r--r-- | shadow/getspent.c | 2 | ||||
-rw-r--r-- | shadow/getspent_r.c | 2 | ||||
-rw-r--r-- | shadow/getspnam.c | 2 | ||||
-rw-r--r-- | shadow/getspnam_r.c | 2 | ||||
-rw-r--r-- | shadow/lckpwdf.c | 32 | ||||
-rw-r--r-- | shadow/putspent.c | 2 | ||||
-rw-r--r-- | shadow/sgetspent.c | 2 | ||||
-rw-r--r-- | shadow/sgetspent_r.c | 2 | ||||
-rw-r--r-- | shadow/shadow.h | 22 | ||||
-rw-r--r-- | shadow/tst-putspent.c | 2 |
13 files changed, 34 insertions, 56 deletions
diff --git a/shadow/Makefile b/shadow/Makefile index c76fedc2ae..1c28a01f73 100644 --- a/shadow/Makefile +++ b/shadow/Makefile @@ -1,4 +1,4 @@ -# Copyright (C) 1996-2016 Free Software Foundation, Inc. +# Copyright (C) 1996-2018 Free Software Foundation, Inc. # This file is part of the GNU C Library. # The GNU C Library is free software; you can redistribute it and/or @@ -29,12 +29,12 @@ routines = getspent getspnam sgetspent fgetspent putspent \ tests = tst-shadow tst-putspent -CFLAGS-getspent_r.c = -fexceptions -CFLAGS-getspent.c = -fexceptions -CFLAGS-fgetspent.c = -fexceptions -CFLAGS-fgetspent_r.c = -fexceptions $(libio-mtsafe) -CFLAGS-putspent.c = -fexceptions $(libio-mtsafe) -CFLAGS-getspnam.c = -fexceptions -CFLAGS-getspnam_r.c = -fexceptions +CFLAGS-getspent_r.c += -fexceptions +CFLAGS-getspent.c += -fexceptions +CFLAGS-fgetspent.c += -fexceptions +CFLAGS-fgetspent_r.c += -fexceptions $(libio-mtsafe) +CFLAGS-putspent.c += -fexceptions $(libio-mtsafe) +CFLAGS-getspnam.c += -fexceptions +CFLAGS-getspnam_r.c += -fexceptions include ../Rules diff --git a/shadow/fgetspent.c b/shadow/fgetspent.c index 0e0f86c9e7..2884775c35 100644 --- a/shadow/fgetspent.c +++ b/shadow/fgetspent.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or diff --git a/shadow/fgetspent_r.c b/shadow/fgetspent_r.c index d63ce2e430..5a547b436d 100644 --- a/shadow/fgetspent_r.c +++ b/shadow/fgetspent_r.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or diff --git a/shadow/getspent.c b/shadow/getspent.c index 4d730953f0..8b2c376638 100644 --- a/shadow/getspent.c +++ b/shadow/getspent.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. diff --git a/shadow/getspent_r.c b/shadow/getspent_r.c index 704ab636df..1690689940 100644 --- a/shadow/getspent_r.c +++ b/shadow/getspent_r.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. diff --git a/shadow/getspnam.c b/shadow/getspnam.c index a9db27bd26..17b7a32f67 100644 --- a/shadow/getspnam.c +++ b/shadow/getspnam.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. diff --git a/shadow/getspnam_r.c b/shadow/getspnam_r.c index 081ee0c0c2..fa4f03c991 100644 --- a/shadow/getspnam_r.c +++ b/shadow/getspnam_r.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. diff --git a/shadow/lckpwdf.c b/shadow/lckpwdf.c index 120108de26..9bbb175d4e 100644 --- a/shadow/lckpwdf.c +++ b/shadow/lckpwdf.c @@ -1,5 +1,5 @@ /* Handle locking of password file. - Copyright (C) 1996-2016 Free Software Foundation, Inc. + Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. @@ -24,6 +24,7 @@ #include <string.h> #include <unistd.h> #include <sys/file.h> +#include <sigsetops.h> #include <kernel-features.h> @@ -96,39 +97,12 @@ __lckpwdf (void) /* Prevent problems caused by multiple threads. */ __libc_lock_lock (lock); - int oflags = O_WRONLY | O_CREAT; -#ifdef O_CLOEXEC - oflags |= O_CLOEXEC; -#endif + int oflags = O_WRONLY | O_CREAT | O_CLOEXEC; lock_fd = __open (PWD_LOCKFILE, oflags, 0600); if (lock_fd == -1) /* Cannot create lock file. */ RETURN_CLOSE_FD (-1); -#ifndef __ASSUME_O_CLOEXEC -# ifdef O_CLOEXEC - if (__have_o_cloexec <= 0) -# endif - { - /* Make sure file gets correctly closed when process finished. */ - int flags = __fcntl (lock_fd, F_GETFD, 0); - if (flags == -1) - /* Cannot get file flags. */ - RETURN_CLOSE_FD (-1); -# ifdef O_CLOEXEC - if (__have_o_cloexec == 0) - __have_o_cloexec = (flags & FD_CLOEXEC) == 0 ? -1 : 1; - if (__have_o_cloexec < 0) -# endif - { - flags |= FD_CLOEXEC; /* Close on exit. */ - if (__fcntl (lock_fd, F_SETFD, flags) < 0) - /* Cannot set new flags. */ - RETURN_CLOSE_FD (-1); - } - } -#endif - /* Now we have to get exclusive write access. Since multiple process could try this we won't stop when it first fails. Instead we set a timeout for the system call. Once the timer diff --git a/shadow/putspent.c b/shadow/putspent.c index fd57fec0af..edd79d238d 100644 --- a/shadow/putspent.c +++ b/shadow/putspent.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1991-2016 Free Software Foundation, Inc. +/* Copyright (C) 1991-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or diff --git a/shadow/sgetspent.c b/shadow/sgetspent.c index c1a07f046f..a6b2325df1 100644 --- a/shadow/sgetspent.c +++ b/shadow/sgetspent.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or diff --git a/shadow/sgetspent_r.c b/shadow/sgetspent_r.c index de0e711df3..73a9e65cdf 100644 --- a/shadow/sgetspent_r.c +++ b/shadow/sgetspent_r.c @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or diff --git a/shadow/shadow.h b/shadow/shadow.h index 010949f4d0..351882e448 100644 --- a/shadow/shadow.h +++ b/shadow/shadow.h @@ -1,4 +1,4 @@ -/* Copyright (C) 1996-2016 Free Software Foundation, Inc. +/* Copyright (C) 1996-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -15,7 +15,11 @@ License along with the GNU C Library; if not, see <http://www.gnu.org/licenses/>. */ -/* Declaration of types and functions for shadow password suite. */ +/* Declaration of types and functions for "shadow" storage of hashed + passphrases. The shadow database is like the user database, but is + only accessible with special privileges, so that malicious users + cannot retrieve everyone else's hashed passphrase to brute-force at + their convenience. */ #ifndef _SHADOW_H #define _SHADOW_H 1 @@ -24,22 +28,22 @@ #include <paths.h> -#define __need_FILE -#include <stdio.h> #define __need_size_t #include <stddef.h> +#include <bits/types/FILE.h> + /* Paths to the user database files. */ #define SHADOW _PATH_SHADOW __BEGIN_DECLS -/* Structure of the password file. */ +/* A record in the shadow database. */ struct spwd { char *sp_namp; /* Login name. */ - char *sp_pwdp; /* Encrypted password. */ + char *sp_pwdp; /* Hashed passphrase. */ long int sp_lstchg; /* Date of last change. */ long int sp_min; /* Minimum number of days between changes. */ long int sp_max; /* Maximum number of days between changes. */ @@ -101,7 +105,7 @@ extern struct spwd *sgetspent (const char *__string); therefore not marked with __THROW. */ extern struct spwd *fgetspent (FILE *__stream); -/* Write line containing shadow password entry to stream. +/* Write line containing shadow entry to stream. This function is not part of POSIX and therefore no official cancellation point. But due to similarity with an POSIX interface @@ -137,10 +141,10 @@ extern int fgetspent_r (FILE *__stream, struct spwd *__result_buf, /* The simple locking functionality provided here is not suitable for multi-threaded applications. */ -/* Protect password file against multi writers. */ +/* Request exclusive access to /etc/passwd and /etc/shadow. */ extern int lckpwdf (void) __THROW; -/* Unlock password file. */ +/* Release exclusive access to /etc/passwd and /etc/shadow. */ extern int ulckpwdf (void) __THROW; __END_DECLS diff --git a/shadow/tst-putspent.c b/shadow/tst-putspent.c index 2f5af28b74..f6d8d19f33 100644 --- a/shadow/tst-putspent.c +++ b/shadow/tst-putspent.c @@ -1,5 +1,5 @@ /* Test for processing of invalid shadow entries. [BZ #18724] - Copyright (C) 2015-2016 Free Software Foundation, Inc. + Copyright (C) 2015-2018 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or |