|
|
ad92e8 |
From 4b6de608c25a6ffbdb507be958e12f814b43077c Mon Sep 17 00:00:00 2001
|
|
|
ad92e8 |
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
|
|
|
ad92e8 |
Date: Wed, 4 Dec 2019 12:38:22 -0700
|
|
|
ad92e8 |
Subject: [PATCH] Only update the time stamp entry after the approval function
|
|
|
ad92e8 |
has succeeded. Bug #910
|
|
|
ad92e8 |
|
|
|
ad92e8 |
---
|
|
|
ad92e8 |
plugins/sudoers/check.c | 59 +++++++++++++++++++----------------------
|
|
|
ad92e8 |
1 file changed, 27 insertions(+), 32 deletions(-)
|
|
|
ad92e8 |
|
|
|
ad92e8 |
diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c
|
|
|
ad92e8 |
index db8e05161..ea1d89085 100644
|
|
|
ad92e8 |
--- a/plugins/sudoers/check.c
|
|
|
ad92e8 |
+++ b/plugins/sudoers/check.c
|
|
|
ad92e8 |
@@ -51,6 +51,7 @@ static bool display_lecture(int);
|
|
|
ad92e8 |
static struct passwd *get_authpw(int);
|
|
|
ad92e8 |
|
|
|
ad92e8 |
struct getpass_closure {
|
|
|
ad92e8 |
+ int tstat;
|
|
|
ad92e8 |
void *cookie;
|
|
|
ad92e8 |
struct passwd *auth_pw;
|
|
|
ad92e8 |
};
|
|
|
ad92e8 |
@@ -89,27 +90,20 @@ getpass_resume(int signo, void *vclosure)
|
|
|
ad92e8 |
* or -1 on fatal error.
|
|
|
ad92e8 |
*/
|
|
|
ad92e8 |
static int
|
|
|
ad92e8 |
-check_user_interactive(int validated, int mode, struct passwd *auth_pw)
|
|
|
ad92e8 |
+check_user_interactive(int validated, int mode, struct getpass_closure *closure)
|
|
|
ad92e8 |
{
|
|
|
ad92e8 |
struct sudo_conv_callback cb, *callback = NULL;
|
|
|
ad92e8 |
- struct getpass_closure closure;
|
|
|
ad92e8 |
- int status = TS_ERROR;
|
|
|
ad92e8 |
int ret = -1;
|
|
|
ad92e8 |
char *prompt;
|
|
|
ad92e8 |
bool lectured;
|
|
|
ad92e8 |
debug_decl(check_user_interactive, SUDOERS_DEBUG_AUTH)
|
|
|
ad92e8 |
|
|
|
ad92e8 |
- /* Setup closure for getpass_{suspend,resume} */
|
|
|
ad92e8 |
- closure.auth_pw = auth_pw;
|
|
|
ad92e8 |
- closure.cookie = NULL;
|
|
|
ad92e8 |
- sudo_pw_addref(closure.auth_pw);
|
|
|
ad92e8 |
-
|
|
|
ad92e8 |
/* Open, lock and read time stamp file if we are using it. */
|
|
|
ad92e8 |
if (!ISSET(mode, MODE_IGNORE_TICKET)) {
|
|
|
ad92e8 |
/* Open time stamp file and check its status. */
|
|
|
ad92e8 |
- closure.cookie = timestamp_open(user_name, user_sid);
|
|
|
ad92e8 |
- if (timestamp_lock(closure.cookie, closure.auth_pw))
|
|
|
ad92e8 |
- status = timestamp_status(closure.cookie, closure.auth_pw);
|
|
|
ad92e8 |
+ closure->cookie = timestamp_open(user_name, user_sid);
|
|
|
ad92e8 |
+ if (timestamp_lock(closure->cookie, closure->auth_pw))
|
|
|
ad92e8 |
+ closure->tstat = timestamp_status(closure->cookie, closure->auth_pw);
|
|
|
ad92e8 |
|
|
|
ad92e8 |
/* Construct callback for getpass function. */
|
|
|
ad92e8 |
memset(&cb, 0, sizeof(cb));
|
|
|
ad92e8 |
@@ -120,7 +114,7 @@ check_user_interactive(int validated, int mode, struct passwd *auth_pw)
|
|
|
ad92e8 |
callback = &cb;
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
|
|
|
ad92e8 |
- switch (status) {
|
|
|
ad92e8 |
+ switch (closure->tstat) {
|
|
|
ad92e8 |
case TS_FATAL:
|
|
|
ad92e8 |
/* Fatal error (usually setuid failure), unsafe to proceed. */
|
|
|
ad92e8 |
goto done;
|
|
|
ad92e8 |
@@ -144,32 +138,22 @@ check_user_interactive(int validated, int mode, struct passwd *auth_pw)
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
|
|
|
ad92e8 |
/* XXX - should not lecture if askpass helper is being used. */
|
|
|
ad92e8 |
- lectured = display_lecture(status);
|
|
|
ad92e8 |
+ lectured = display_lecture(closure->tstat);
|
|
|
ad92e8 |
|
|
|
ad92e8 |
/* Expand any escapes in the prompt. */
|
|
|
ad92e8 |
prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt,
|
|
|
ad92e8 |
- closure.auth_pw->pw_name);
|
|
|
ad92e8 |
+ closure->auth_pw->pw_name);
|
|
|
ad92e8 |
if (prompt == NULL)
|
|
|
ad92e8 |
goto done;
|
|
|
ad92e8 |
|
|
|
ad92e8 |
- ret = verify_user(closure.auth_pw, prompt, validated, callback);
|
|
|
ad92e8 |
+ ret = verify_user(closure->auth_pw, prompt, validated, callback);
|
|
|
ad92e8 |
if (ret == true && lectured)
|
|
|
ad92e8 |
(void)set_lectured(); /* lecture error not fatal */
|
|
|
ad92e8 |
free(prompt);
|
|
|
ad92e8 |
break;
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
|
|
|
ad92e8 |
- /*
|
|
|
ad92e8 |
- * Only update time stamp if user was validated.
|
|
|
ad92e8 |
- * Failure to update the time stamp is not a fatal error.
|
|
|
ad92e8 |
- */
|
|
|
ad92e8 |
- if (ret == true && ISSET(validated, VALIDATE_SUCCESS) && status != TS_ERROR)
|
|
|
ad92e8 |
- (void)timestamp_update(closure.cookie, closure.auth_pw);
|
|
|
ad92e8 |
done:
|
|
|
ad92e8 |
- if (closure.cookie != NULL)
|
|
|
ad92e8 |
- timestamp_close(closure.cookie);
|
|
|
ad92e8 |
- sudo_pw_delref(closure.auth_pw);
|
|
|
ad92e8 |
-
|
|
|
ad92e8 |
debug_return_int(ret);
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
|
|
|
ad92e8 |
@@ -180,7 +164,7 @@ done:
|
|
|
ad92e8 |
int
|
|
|
ad92e8 |
check_user(int validated, int mode)
|
|
|
ad92e8 |
{
|
|
|
ad92e8 |
- struct passwd *auth_pw;
|
|
|
ad92e8 |
+ struct getpass_closure closure = { TS_ERROR };
|
|
|
ad92e8 |
int ret = -1;
|
|
|
ad92e8 |
bool exempt = false;
|
|
|
ad92e8 |
debug_decl(check_user, SUDOERS_DEBUG_AUTH)
|
|
|
ad92e8 |
@@ -189,9 +173,9 @@ check_user(int validated, int mode)
|
|
|
ad92e8 |
* Init authentication system regardless of whether we need a password.
|
|
|
ad92e8 |
* Required for proper PAM session support.
|
|
|
ad92e8 |
*/
|
|
|
ad92e8 |
- if ((auth_pw = get_authpw(mode)) == NULL)
|
|
|
ad92e8 |
+ if ((closure.auth_pw = get_authpw(mode)) == NULL)
|
|
|
ad92e8 |
goto done;
|
|
|
ad92e8 |
- if (sudo_auth_init(auth_pw) == -1)
|
|
|
ad92e8 |
+ if (sudo_auth_init(closure.auth_pw) == -1)
|
|
|
ad92e8 |
goto done;
|
|
|
ad92e8 |
|
|
|
ad92e8 |
/*
|
|
|
ad92e8 |
@@ -222,15 +206,26 @@ check_user(int validated, int mode)
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
|
|
|
ad92e8 |
- ret = check_user_interactive(validated, mode, auth_pw);
|
|
|
ad92e8 |
+ ret = check_user_interactive(validated, mode, &closure);
|
|
|
ad92e8 |
|
|
|
ad92e8 |
done:
|
|
|
ad92e8 |
if (ret == true) {
|
|
|
ad92e8 |
/* The approval function may disallow a user post-authentication. */
|
|
|
ad92e8 |
- ret = sudo_auth_approval(auth_pw, validated, exempt);
|
|
|
ad92e8 |
+ ret = sudo_auth_approval(closure.auth_pw, validated, exempt);
|
|
|
ad92e8 |
+
|
|
|
ad92e8 |
+ /*
|
|
|
ad92e8 |
+ * Only update time stamp if user validated and was approved.
|
|
|
ad92e8 |
+ * Failure to update the time stamp is not a fatal error.
|
|
|
ad92e8 |
+ */
|
|
|
ad92e8 |
+ if (ret == true && closure.tstat != TS_ERROR) {
|
|
|
ad92e8 |
+ if (ISSET(validated, VALIDATE_SUCCESS))
|
|
|
ad92e8 |
+ (void)timestamp_update(closure.cookie, closure.auth_pw);
|
|
|
ad92e8 |
+ }
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
- sudo_auth_cleanup(auth_pw);
|
|
|
ad92e8 |
- sudo_pw_delref(auth_pw);
|
|
|
ad92e8 |
+ timestamp_close(closure.cookie);
|
|
|
ad92e8 |
+ sudo_auth_cleanup(closure.auth_pw);
|
|
|
ad92e8 |
+ if (closure.auth_pw != NULL)
|
|
|
ad92e8 |
+ sudo_pw_delref(closure.auth_pw);
|
|
|
ad92e8 |
|
|
|
ad92e8 |
debug_return_int(ret);
|
|
|
ad92e8 |
}
|
|
|
ad92e8 |
--
|
|
|
ad92e8 |
2.25.1
|
|
|
ad92e8 |
|