Blob Blame History Raw
From 377741700be52a7f496231ab808a673e3e8ff10e Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Sun, 23 Nov 2014 21:07:58 +0100
Subject: [PATCH 117/117] PAM: Move is_uid_trusted from pam_ctx to preq

Keeping a per-request flag in a global structure is really dangerous.

Reviewed-by: Sumit Bose <sbose@redhat.com>
---
 src/responder/pam/pamsrv.h     |  2 +-
 src/responder/pam/pamsrv_cmd.c | 23 ++++++++++++-----------
 2 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/src/responder/pam/pamsrv.h b/src/responder/pam/pamsrv.h
index f92e7f7db0964777c26d69c7c08471a19de8ade3..066f35a428a9af81d665309b4ab5a80cf69561ba 100644
--- a/src/responder/pam/pamsrv.h
+++ b/src/responder/pam/pamsrv.h
@@ -39,7 +39,6 @@ struct pam_ctx {
     hash_table_t *id_table;
     size_t trusted_uids_count;
     uid_t *trusted_uids;
-    bool is_uid_trusted;
 
     /* List of domains that are accessible even for untrusted users. */
     char **public_domains;
@@ -58,6 +57,7 @@ struct pam_auth_req {
 
     pam_dp_callback_t *callback;
 
+    bool is_uid_trusted;
     bool check_provider;
     void *data;
 
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index b60ccba2d4ff669e7ed0252923a53755410851e3..02720018b91e1319346a023eca571913b544284a 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -849,15 +849,6 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
             talloc_get_type(cctx->rctx->pvt_ctx, struct pam_ctx);
     struct tevent_req *req;
 
-    pctx->is_uid_trusted = is_uid_trusted(cctx->client_euid,
-                                          pctx->trusted_uids_count,
-                                          pctx->trusted_uids);
-
-    if (!pctx->is_uid_trusted) {
-        DEBUG(SSSDBG_MINOR_FAILURE, "uid %"PRIu32" is not trusted.\n",
-              cctx->client_euid);
-    }
-
     preq = talloc_zero(cctx, struct pam_auth_req);
     if (!preq) {
         return ENOMEM;
@@ -872,6 +863,16 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
     }
     pd = preq->pd;
 
+    preq->is_uid_trusted = is_uid_trusted(cctx->client_euid,
+                                          pctx->trusted_uids_count,
+                                          pctx->trusted_uids);
+
+    if (!preq->is_uid_trusted) {
+        DEBUG(SSSDBG_MINOR_FAILURE, "uid %"PRIu32" is not trusted.\n",
+              cctx->client_euid);
+    }
+
+
     pd->cmd = pam_cmd;
     pd->priv = cctx->priv;
 
@@ -1304,7 +1305,7 @@ static void pam_dom_forwarder(struct pam_auth_req *preq)
     }
 
     /* Untrusted users can access only public domains. */
-    if (!pctx->is_uid_trusted &&
+    if (!preq->is_uid_trusted &&
             !is_domain_public(preq->pd->domain, pctx->public_domains,
                             pctx->public_domains_count)) {
         DEBUG(SSSDBG_MINOR_FAILURE,
@@ -1317,7 +1318,7 @@ static void pam_dom_forwarder(struct pam_auth_req *preq)
 
     /* skip this domain if not requested and the user is trusted
      * as untrusted users can't request a domain */
-    if (pctx->is_uid_trusted &&
+    if (preq->is_uid_trusted &&
             !is_domain_requested(preq->pd, preq->pd->domain)) {
         preq->pd->pam_status = PAM_USER_UNKNOWN;
         pam_reply(preq);
-- 
1.9.3