|
 |
538c2f |
diff -up ecryptfs-utils-99/src/include/ecryptfs.h.syslog ecryptfs-utils-99/src/include/ecryptfs.h
|
|
|
538c2f |
--- ecryptfs-utils-99/src/include/ecryptfs.h.syslog 2012-07-24 13:22:22.225044430 +0200
|
|
|
538c2f |
+++ ecryptfs-utils-99/src/include/ecryptfs.h 2012-07-24 13:22:22.228044457 +0200
|
|
|
7a13e7 |
@@ -143,7 +143,7 @@
|
|
|
7a13e7 |
#define ECRYPTFS_TAG_67_PACKET 0x43
|
|
|
7a13e7 |
|
|
|
7a13e7 |
#define ecryptfs_syslog(type, fmt, arg...) \
|
|
|
7a13e7 |
- syslog(type, "%s: " fmt, __FUNCTION__, ## arg);
|
|
|
7a13e7 |
+ syslog(type, "ecryptfs: %s: " fmt, __FUNCTION__, ## arg);
|
|
|
7a13e7 |
|
|
|
7a13e7 |
#define ECRYPTFS_MAX_NUM_CIPHERS 64
|
|
|
7a13e7 |
#define ECRYPTFS_ECHO_ON 1
|
|
|
538c2f |
diff -up ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c
|
|
|
538c2f |
--- ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c.syslog 2012-07-24 13:22:22.222044403 +0200
|
|
|
538c2f |
+++ ecryptfs-utils-99/src/pam_ecryptfs/pam_ecryptfs.c 2012-07-24 13:23:02.726405147 +0200
|
|
|
538c2f |
@@ -94,7 +94,7 @@ static int wrap_passphrase_if_necessary(
|
|
|
7a13e7 |
|
|
|
7a13e7 |
rc = asprintf(&unwrapped_pw_filename, "/dev/shm/.ecryptfs-%s", username);
|
|
|
7a13e7 |
if (rc == -1) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Unable to allocate memory\n");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Unable to allocate memory\n");
|
|
|
7a13e7 |
return -ENOMEM;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
/* If /dev/shm/.ecryptfs-$USER exists and owned by the user
|
|
|
538c2f |
@@ -108,7 +108,7 @@ static int wrap_passphrase_if_necessary(
|
|
|
7a13e7 |
setuid(uid);
|
|
|
7a13e7 |
rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename);
|
|
|
7a13e7 |
if (rc != 0) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error wrapping cleartext password; " "rc = [%d]\n", rc);
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
return rc;
|
|
|
7a13e7 |
}
|
|
|
538c2f |
@@ -125,7 +125,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
7a13e7 |
struct ecryptfs_pam_data *epd = {0,};
|
|
|
7a13e7 |
|
|
|
7a13e7 |
if ((epd = malloc(sizeof(struct ecryptfs_pam_data))) == NULL) {
|
|
|
7a13e7 |
- syslog(LOG_ERR,"Memory allocation failed");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR,"Memory allocation failed");
|
|
|
7a13e7 |
rc = -ENOMEM;
|
|
|
7a13e7 |
goto out;
|
|
|
7a13e7 |
}
|
|
|
538c2f |
@@ -141,7 +141,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
7a13e7 |
epd->homedir = pwd->pw_dir;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
} else {
|
|
|
538c2f |
- syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user; rc = [%ld]\n", rc);
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user; rc = [%ld]\n", rc);
|
|
|
7a13e7 |
goto out;
|
|
|
7a13e7 |
}
|
|
|
538c2f |
|
|
|
538c2f |
@@ -149,7 +149,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
7a13e7 |
goto out;
|
|
|
7a13e7 |
private_mnt = ecryptfs_fetch_private_mnt(epd->homedir);
|
|
|
7a13e7 |
if (ecryptfs_private_is_mounted(NULL, private_mnt, NULL, 1)) {
|
|
|
7731a0 |
- syslog(LOG_DEBUG, "pam_ecryptfs: %s: %s is already mounted\n", __FUNCTION__, epd->homedir);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_DEBUG, "pam_ecryptfs: %s: %s is already mounted\n", __FUNCTION__, epd->homedir);
|
|
|
7a13e7 |
/* If private/home is already mounted, then we can skip
|
|
|
7a13e7 |
costly loading of keys */
|
|
|
7731a0 |
goto out;
|
|
|
7d5fb1 |
@@ -164,7 +164,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
538c2f |
rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&epd->passphrase);
|
|
|
0e4ddb |
epd->passphrase = strdup(epd->passphrase);
|
|
|
7a13e7 |
if (rc != PAM_SUCCESS) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error retrieving passphrase; rc = [%ld]\n",
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error retrieving passphrase; rc = [%ld]\n",
|
|
|
7a13e7 |
rc);
|
|
|
7a13e7 |
goto out;
|
|
|
7a13e7 |
}
|
|
|
6154d2 |
@@ -175,7 +175,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
538c2f |
from_hex(epd->salt, salt_hex, ECRYPTFS_SALT_SIZE);
|
|
|
7a13e7 |
epd->unwrap = ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0));
|
|
|
7a13e7 |
if ((rc=pam_set_data(pamh, ECRYPTFS_PAM_DATA, epd, pam_free_ecryptfsdata)) != PAM_SUCCESS) {
|
|
|
7a13e7 |
- syslog(LOG_ERR, "Unable to store ecryptfs pam data : %s", pam_strerror(pamh, rc));
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR, "Unable to store ecryptfs pam data : %s", pam_strerror(pamh, rc));
|
|
|
7a13e7 |
goto out;
|
|
|
0e4ddb |
}
|
|
|
538c2f |
|
|
|
538c2f |
@@ -199,12 +199,12 @@ static struct passwd *fetch_pwd(pam_hand
|
|
|
7a13e7 |
|
|
|
7a13e7 |
rc = pam_get_user(pamh, &username, NULL);
|
|
|
7a13e7 |
if (rc != PAM_SUCCESS || username == NULL) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc);
|
|
|
7a13e7 |
return NULL;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
pwd = getpwnam(username);
|
|
|
7a13e7 |
if (pwd == NULL) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc);
|
|
|
7a13e7 |
return NULL;
|
|
|
7a13e7 |
}
|
|
|
7731a0 |
return pwd;
|
|
|
538c2f |
@@ -235,13 +235,13 @@ static int private_dir(pam_handle_t *pam
|
|
|
7a13e7 |
if (
|
|
|
7a13e7 |
(asprintf(&autofile, "%s/.ecryptfs/%s", pwd->pw_dir, a) < 0)
|
|
|
7a13e7 |
|| autofile == NULL) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for autofile name");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for autofile name");
|
|
|
7a13e7 |
return 1;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (
|
|
|
7a13e7 |
(asprintf(&sigfile, "%s/.ecryptfs/%s.sig", pwd->pw_dir,
|
|
|
7a13e7 |
PRIVATE_DIR) < 0) || sigfile == NULL) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for sigfile name");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for sigfile name");
|
|
|
7a13e7 |
return 1;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (stat(sigfile, &s) != 0) {
|
|
|
538c2f |
@@ -253,7 +253,7 @@ static int private_dir(pam_handle_t *pam
|
|
|
7a13e7 |
goto out;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if ((pid = fork()) < 0) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error setting up private mount");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error setting up private mount");
|
|
|
7a13e7 |
return 1;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (pid == 0) {
|
|
|
538c2f |
@@ -261,7 +261,7 @@ static int private_dir(pam_handle_t *pam
|
|
|
7a13e7 |
if ((asprintf(&recorded,
|
|
|
7a13e7 |
"%s/.ecryptfs/.wrapped-passphrase.recorded",
|
|
|
7a13e7 |
pwd->pw_dir) < 0) || recorded == NULL) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for recorded name");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for recorded name");
|
|
|
7a13e7 |
_exit(255);
|
|
|
7a13e7 |
}
|
|
|
7731a0 |
if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) {
|
|
|
538c2f |
@@ -273,12 +273,12 @@ static int private_dir(pam_handle_t *pam
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (stat(autofile, &s) != 0) {
|
|
|
7a13e7 |
/* User does not want to auto-mount */
|
|
|
7731a0 |
- syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs mount");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs mount");
|
|
|
7a13e7 |
_exit(0);
|
|
|
7a13e7 |
}
|
|
|
538c2f |
clearenv();
|
|
|
538c2f |
if (initgroups(pwd->pw_name, pwd->pw_gid) != 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "Unable to set user's groups : %m");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "Unable to set user's groups : %m");
|
|
|
538c2f |
_exit(255);
|
|
|
538c2f |
}
|
|
|
7731a0 |
/* run mount.ecryptfs_private as the user */
|
|
|
538c2f |
@@ -286,16 +286,16 @@ static int private_dir(pam_handle_t *pam
|
|
|
538c2f |
_exit(255);
|
|
|
7a13e7 |
execl("/sbin/mount.ecryptfs_private",
|
|
|
7a13e7 |
"mount.ecryptfs_private", NULL);
|
|
|
7a13e7 |
- syslog(LOG_ERR,"unable to execute mount.ecryptfs_private : %m");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR,"unable to execute mount.ecryptfs_private : %m");
|
|
|
7a13e7 |
} else {
|
|
|
7a13e7 |
if (stat(autofile, &s) != 0) {
|
|
|
7a13e7 |
/* User does not want to auto-unmount */
|
|
|
7731a0 |
- syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs unmount");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs unmount");
|
|
|
7a13e7 |
_exit(0);
|
|
|
7a13e7 |
}
|
|
|
538c2f |
clearenv();
|
|
|
538c2f |
if (initgroups(pwd->pw_name, pwd->pw_gid) != 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "Unable to set user's groups : %m");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "Unable to set user's groups : %m");
|
|
|
538c2f |
_exit(255);
|
|
|
538c2f |
}
|
|
|
7731a0 |
/* run umount.ecryptfs_private as the user */
|
|
|
538c2f |
@@ -303,7 +303,7 @@ static int private_dir(pam_handle_t *pam
|
|
|
538c2f |
_exit(255);
|
|
|
7a13e7 |
execl("/sbin/umount.ecryptfs_private",
|
|
|
7a13e7 |
"umount.ecryptfs_private", NULL);
|
|
|
7a13e7 |
- syslog(LOG_ERR,"unable to execute umount.ecryptfs_private : %m");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR,"unable to execute umount.ecryptfs_private : %m");
|
|
|
6154d2 |
_exit(255);
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
_exit(255);
|
|
|
538c2f |
@@ -338,24 +338,24 @@ static int fill_keyring(pam_handle_t *pa
|
|
|
538c2f |
|
|
|
7a13e7 |
if ((rc=pam_get_data(pamh, ECRYPTFS_PAM_DATA, (const void **)&epd)) != PAM_SUCCESS)
|
|
|
7a13e7 |
{
|
|
|
7a13e7 |
- syslog(LOG_ERR,"Unable to get ecryptfs pam data : %s", pam_strerror(pamh, rc));
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR,"Unable to get ecryptfs pam data : %s", pam_strerror(pamh, rc));
|
|
|
7a13e7 |
return -EINVAL;
|
|
|
0e4ddb |
}
|
|
|
7a13e7 |
|
|
|
538c2f |
oeuid = geteuid();
|
|
|
538c2f |
oegid = getegid();
|
|
|
538c2f |
if ((ngids = getgroups(sizeof(groups)/sizeof(gid_t), groups)) < 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "pam_ecryptfs: geteuid error");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: geteuid error");
|
|
|
538c2f |
goto outnouid;
|
|
|
538c2f |
}
|
|
|
538c2f |
|
|
|
538c2f |
if (setegid(epd->gid) < 0 || setgroups(1, &epd->gid) < 0 || seteuid(epd->uid) < 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "pam_ecryptfs: seteuid error");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: seteuid error");
|
|
|
538c2f |
goto out;
|
|
|
538c2f |
}
|
|
|
538c2f |
|
|
|
538c2f |
if (!auth_tok_sig) {
|
|
|
538c2f |
- syslog(LOG_ERR, "Out of memory\n");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "Out of memory\n");
|
|
|
538c2f |
return -ENOMEM;
|
|
|
538c2f |
}
|
|
|
538c2f |
|
|
|
538c2f |
@@ -367,12 +367,12 @@ static int fill_keyring(pam_handle_t *pa
|
|
|
538c2f |
goto out_child;
|
|
|
538c2f |
|
|
|
7a13e7 |
if (epd->passphrase == NULL) {
|
|
|
7a13e7 |
- syslog(LOG_ERR, "NULL passphrase; aborting\n");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR, "NULL passphrase; aborting\n");
|
|
|
7a13e7 |
rc = -EINVAL;
|
|
|
7a13e7 |
goto out_child;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if ((rc = ecryptfs_validate_keyring())) {
|
|
|
7a13e7 |
- syslog(LOG_WARNING,
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_WARNING,
|
|
|
7a13e7 |
"Cannot validate keyring integrity\n");
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
rc = 0;
|
|
|
538c2f |
@@ -384,12 +384,12 @@ static int fill_keyring(pam_handle_t *pa
|
|
|
7a13e7 |
epd->homedir,
|
|
|
7a13e7 |
ECRYPTFS_DEFAULT_WRAPPED_PASSPHRASE_FILENAME);
|
|
|
7a13e7 |
if (rc == -1) {
|
|
|
7a13e7 |
- syslog(LOG_ERR, "Unable to allocate memory\n");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR, "Unable to allocate memory\n");
|
|
|
7a13e7 |
rc = -ENOMEM;
|
|
|
7a13e7 |
goto out_child;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (wrap_passphrase_if_necessary(epd->username, epd->uid, wrapped_pw_filename, epd->passphrase, epd->salt) == 0) {
|
|
|
7a13e7 |
- syslog(LOG_INFO, "Passphrase file wrapped");
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_INFO, "Passphrase file wrapped");
|
|
|
7a13e7 |
} else {
|
|
|
7a13e7 |
goto out_child;
|
|
|
7a13e7 |
}
|
|
|
538c2f |
@@ -405,7 +405,7 @@ static int fill_keyring(pam_handle_t *pa
|
|
|
7a13e7 |
goto out_child;
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
if (rc) {
|
|
|
7a13e7 |
- syslog(LOG_ERR, "Error adding passphrase key token to "
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_ERR, "Error adding passphrase key token to "
|
|
|
7a13e7 |
"user session keyring; rc = [%d]\n", rc);
|
|
|
7a13e7 |
goto out_child;
|
|
|
7a13e7 |
}
|
|
|
538c2f |
@@ -415,7 +415,7 @@ out_child:
|
|
|
7a13e7 |
}
|
|
|
7a13e7 |
tmp_pid = waitpid(child_pid, NULL, 0);
|
|
|
7a13e7 |
if (tmp_pid == -1)
|
|
|
7a13e7 |
- syslog(LOG_WARNING,
|
|
|
7a13e7 |
+ ecryptfs_syslog(LOG_WARNING,
|
|
|
7a13e7 |
"waitpid() returned with error condition\n");
|
|
|
538c2f |
out:
|
|
|
538c2f |
seteuid(oeuid);
|
|
|
538c2f |
@@ -473,33 +473,33 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
|
7731a0 |
homedir = pwd->pw_dir;
|
|
|
7731a0 |
}
|
|
|
7731a0 |
} else {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%d]\n", username, rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%d]\n", username, rc);
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
538c2f |
|
|
|
538c2f |
oeuid = geteuid();
|
|
|
538c2f |
oegid = getegid();
|
|
|
538c2f |
if ((ngids = getgroups(sizeof(groups)/sizeof(gid_t), groups)) < 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "pam_ecryptfs: geteuid error");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: geteuid error");
|
|
|
538c2f |
goto outnouid;
|
|
|
538c2f |
}
|
|
|
538c2f |
|
|
|
538c2f |
if (setegid(gid) < 0 || setgroups(1, &gid) < 0 || seteuid(uid) < 0) {
|
|
|
538c2f |
- syslog(LOG_ERR, "pam_ecryptfs: seteuid error");
|
|
|
538c2f |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: seteuid error");
|
|
|
538c2f |
goto out;
|
|
|
538c2f |
}
|
|
|
538c2f |
|
|
|
7731a0 |
if ((rc = pam_get_item(pamh, PAM_OLDAUTHTOK,
|
|
|
7731a0 |
(const void **)&old_passphrase))
|
|
|
7731a0 |
!= PAM_SUCCESS) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error retrieving old passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error retrieving old passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
538c2f |
/* On the first pass, do nothing except check that we have a password */
|
|
|
7731a0 |
if ((flags & PAM_PRELIM_CHECK)) {
|
|
|
7731a0 |
if (!old_passphrase)
|
|
|
7731a0 |
{
|
|
|
7731a0 |
- syslog(LOG_WARNING, "pam_ecryptfs: PAM passphrase change module retrieved a NULL passphrase; nothing to do\n");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_WARNING, "pam_ecryptfs: PAM passphrase change module retrieved a NULL passphrase; nothing to do\n");
|
|
|
7731a0 |
rc = PAM_AUTHTOK_RECOVER_ERR;
|
|
|
7731a0 |
}
|
|
|
538c2f |
goto out;
|
|
|
538c2f |
@@ -507,13 +507,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
|
7731a0 |
if ((rc = pam_get_item(pamh, PAM_AUTHTOK,
|
|
|
7731a0 |
(const void **)&new_passphrase))
|
|
|
7731a0 |
!= PAM_SUCCESS) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error retrieving new passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error retrieving new passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
7731a0 |
if ((rc = asprintf(&wrapped_pw_filename, "%s/.ecryptfs/%s", homedir,
|
|
|
7731a0 |
ECRYPTFS_DEFAULT_WRAPPED_PASSPHRASE_FILENAME))
|
|
|
7731a0 |
== -1) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Unable to allocate memory\n");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Unable to allocate memory\n");
|
|
|
7731a0 |
rc = -ENOMEM;
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
538c2f |
@@ -523,13 +523,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
|
7731a0 |
from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE);
|
|
|
7731a0 |
}
|
|
|
7731a0 |
if (wrap_passphrase_if_necessary(username, uid, wrapped_pw_filename, new_passphrase, salt) == 0) {
|
|
|
7731a0 |
- syslog(LOG_DEBUG, "pam_ecryptfs: Passphrase file wrapped");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_DEBUG, "pam_ecryptfs: Passphrase file wrapped");
|
|
|
7731a0 |
} else {
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
7731a0 |
|
|
|
7731a0 |
if (!old_passphrase || !new_passphrase || *new_passphrase == '\0') {
|
|
|
7731a0 |
- syslog(LOG_WARNING, "pam_ecryptfs: PAM passphrase change module retrieved at least one NULL passphrase; nothing to do\n");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_WARNING, "pam_ecryptfs: PAM passphrase change module retrieved at least one NULL passphrase; nothing to do\n");
|
|
|
7731a0 |
rc = PAM_AUTHTOK_RECOVER_ERR;
|
|
|
7731a0 |
goto out;
|
|
|
7731a0 |
}
|
|
|
538c2f |
@@ -546,20 +546,20 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
|
7731a0 |
if ((rc = ecryptfs_unwrap_passphrase(passphrase,
|
|
|
7731a0 |
wrapped_pw_filename,
|
|
|
7731a0 |
old_passphrase, salt))) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error attempting to unwrap passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error attempting to unwrap passphrase; rc = [%d]\n", rc);
|
|
|
7731a0 |
goto out_child;
|
|
|
7731a0 |
}
|
|
|
7731a0 |
if ((rc = ecryptfs_wrap_passphrase(wrapped_pw_filename,
|
|
|
7731a0 |
new_passphrase, salt,
|
|
|
7731a0 |
passphrase))) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error attempting to wrap passphrase; rc = [%d]", rc);
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_ERR, "pam_ecryptfs: Error attempting to wrap passphrase; rc = [%d]", rc);
|
|
|
7731a0 |
goto out_child;
|
|
|
7731a0 |
}
|
|
|
7731a0 |
out_child:
|
|
|
7731a0 |
_exit(0);
|
|
|
7731a0 |
}
|
|
|
7731a0 |
if ((tmp_pid = waitpid(child_pid, NULL, 0)) == -1)
|
|
|
7731a0 |
- syslog(LOG_WARNING, "pam_ecryptfs: waitpid() returned with error condition\n");
|
|
|
7731a0 |
+ ecryptfs_syslog(LOG_WARNING, "pam_ecryptfs: waitpid() returned with error condition\n");
|
|
|
7731a0 |
free(wrapped_pw_filename);
|
|
|
7731a0 |
out:
|
|
|
538c2f |
|