Changeset View
Changeset View
Standalone View
Standalone View
pam_kwallet.c
Show All 10 Lines | |||||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * | 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * | ||
12 | * Lesser General Public License for more details. * | 12 | * Lesser General Public License for more details. * | ||
13 | * * | 13 | * * | ||
14 | * You should have received a copy of the GNU Lesser General Public * | 14 | * You should have received a copy of the GNU Lesser General Public * | ||
15 | * License along with this library; if not, write to the Free Software * | 15 | * License along with this library; if not, write to the Free Software * | ||
16 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * | 16 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * | ||
17 | *************************************************************************************/ | 17 | *************************************************************************************/ | ||
18 | 18 | | |||
19 | #include <fcntl.h> | ||||
19 | #include <gcrypt.h> | 20 | #include <gcrypt.h> | ||
20 | #include <stdio.h> | 21 | #include <stdio.h> | ||
21 | #include <signal.h> | 22 | #include <signal.h> | ||
22 | #include <unistd.h> | 23 | #include <unistd.h> | ||
23 | #include <stdlib.h> | 24 | #include <stdlib.h> | ||
24 | #include <string.h> | 25 | #include <string.h> | ||
25 | #include <errno.h> | 26 | #include <errno.h> | ||
26 | #include <grp.h> | 27 | #include <grp.h> | ||
▲ Show 20 Lines • Show All 660 Lines • ▼ Show 20 Line(s) | 673 | } else if (pid == 0) { | |||
687 | unlink(path);//in case the file already exists | 688 | unlink(path);//in case the file already exists | ||
688 | 689 | | |||
689 | char *dir = strdup(path); | 690 | char *dir = strdup(path); | ||
690 | dir[strlen(dir) - 14] = '\0';//remove kdewallet.salt | 691 | dir[strlen(dir) - 14] = '\0';//remove kdewallet.salt | ||
691 | mkpath(dir); //create the path in case it does not exists | 692 | mkpath(dir); //create the path in case it does not exists | ||
692 | free(dir); | 693 | free(dir); | ||
693 | 694 | | |||
694 | char *salt = gcry_random_bytes(KWALLET_PAM_SALTSIZE, GCRY_STRONG_RANDOM); | 695 | char *salt = gcry_random_bytes(KWALLET_PAM_SALTSIZE, GCRY_STRONG_RANDOM); | ||
695 | FILE *fd = fopen(path, "w"); | 696 | const int fd = open(path, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0600); | ||
aacid: const | |||||
While this is "just an int", my personal taste is very much against using const on a file descriptor as this is not how this really works. I don't know. dakon: While this is "just an int", my personal taste is very much against using const on a file… | |||||
It is how it really works. Think of as a handle value, you're promising not to assign that handle value to point somewhere else, not that you won't change the value it points to. Why i want this const? Because when you see that you can be sure that the rest of the file there's no other fd = open() or similar, and thus you're sure that the rest of the operations in this function that use fd are over "path". aacid: It is how it really works. Think of as a handle value, you're promising not to assign that… | |||||
696 | 697 | | |||
697 | //If the file can't be created | 698 | //If the file can't be created | ||
698 | if (fd == NULL) { | 699 | if (fd == -1) { | ||
699 | syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); | 700 | syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); | ||
700 | exit(-2); | 701 | exit(-2); | ||
701 | } | 702 | } | ||
702 | 703 | | |||
703 | fwrite(salt, KWALLET_PAM_SALTSIZE, 1, fd); | 704 | const ssize_t wlen = write(fd, salt, KWALLET_PAM_SALTSIZE); | ||
aacid: const | |||||
dakon: ACK | |||||
704 | fclose(fd); | 705 | close(fd); | ||
706 | if (wlen != KWALLET_PAM_SALTSIZE) { | ||||
707 | syslog(LOG_ERR, "%s: Short write to file: %s", logPrefix, path); | ||||
708 | unlink(path); | ||||
709 | exit(-2); | ||||
710 | } | ||||
705 | 711 | | |||
706 | exit(0); // success | 712 | exit(0); // success | ||
707 | } else { | 713 | } else { | ||
708 | // pam process, just wait for child to finish | 714 | // pam process, just wait for child to finish | ||
709 | int status; | 715 | int status; | ||
710 | waitpid(pid, &status, 0); | 716 | waitpid(pid, &status, 0); | ||
711 | if (status != 0) { | 717 | if (status != 0) { | ||
712 | pam_syslog(pamh, LOG_ERR, "%s: Couldn't create salt file", logPrefix); | 718 | pam_syslog(pamh, LOG_ERR, "%s: Couldn't create salt file", logPrefix); | ||
Show All 28 Lines | 737 | } else if (pid == 0) { | |||
741 | struct stat info; | 747 | struct stat info; | ||
742 | if (stat(path, &info) != 0 || info.st_size == 0 || !S_ISREG(info.st_mode)) { | 748 | if (stat(path, &info) != 0 || info.st_size == 0 || !S_ISREG(info.st_mode)) { | ||
743 | syslog(LOG_ERR, "%s: Failed to ensure %s looks like a salt file", logPrefix, path); | 749 | syslog(LOG_ERR, "%s: Failed to ensure %s looks like a salt file", logPrefix, path); | ||
744 | free(path); | 750 | free(path); | ||
745 | close(readSaltPipe[1]); | 751 | close(readSaltPipe[1]); | ||
746 | exit(-1); | 752 | exit(-1); | ||
747 | } | 753 | } | ||
748 | 754 | | |||
749 | FILE *fd = fopen(path, "r"); | 755 | const int fd = open(path, O_RDONLY | O_CLOEXEC); | ||
aacid: const | |||||
750 | if (fd == NULL) { | 756 | if (fd == -1) { | ||
751 | syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); | 757 | syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno)); | ||
752 | free(path); | 758 | free(path); | ||
753 | close(readSaltPipe[1]); | 759 | close(readSaltPipe[1]); | ||
754 | exit(-1); | 760 | exit(-1); | ||
755 | } | 761 | } | ||
756 | free(path); | 762 | free(path); | ||
757 | char salt[KWALLET_PAM_SALTSIZE] = {}; | 763 | char salt[KWALLET_PAM_SALTSIZE] = {}; | ||
758 | const int bytesRead = fread(salt, 1, KWALLET_PAM_SALTSIZE, fd); | 764 | const ssize_t bytesRead = read(fd, salt, KWALLET_PAM_SALTSIZE); | ||
aacid: const | |||||
759 | fclose(fd); | 765 | close(fd); | ||
760 | if (bytesRead != KWALLET_PAM_SALTSIZE) { | 766 | if (bytesRead != KWALLET_PAM_SALTSIZE) { | ||
761 | syslog(LOG_ERR, "%s: Couldn't read the full salt file contents from file. %d:%d", logPrefix, bytesRead, KWALLET_PAM_SALTSIZE); | 767 | syslog(LOG_ERR, "%s: Couldn't read the full salt file contents from file. %d:%d", logPrefix, bytesRead, KWALLET_PAM_SALTSIZE); | ||
762 | exit(-1); | 768 | exit(-1); | ||
763 | } | 769 | } | ||
764 | 770 | | |||
765 | const ssize_t written = better_write(readSaltPipe[1], salt, KWALLET_PAM_SALTSIZE); | 771 | const ssize_t written = better_write(readSaltPipe[1], salt, KWALLET_PAM_SALTSIZE); | ||
766 | 772 | | |||
767 | close(readSaltPipe[1]); | 773 | close(readSaltPipe[1]); | ||
▲ Show 20 Lines • Show All 86 Lines • Show Last 20 Lines |
const