Fix crash with pam_lastlog

Resolves: RHEL-53984
2024-09-27 18:50:06 -04:00 · 2024-09-27 18:50:06 -04:00 · 35f9128ba2
commit 35f9128ba2
parent b6c8366468
2 changed files with 44 additions and 2 deletions
--- a/0001-internals-Root-conversation-and-closure-data.patch
+++ b/0001-internals-Root-conversation-and-closure-data.patch
@ -0,0 +1,36 @@
+commit 89ff31db581df98eb34f19471421f5cfcfb1cefd (HEAD -> master)
+Author: Ray Strode <rstrode@redhat.com>
+Date:   Fri Sep 27 15:31:03 2024 -0400
+
+    internals: Root conversation and closure data
+
+    If the conversation and closure data are not rooted to the class
+    then they can be garbage collected before the conversation function
+    is invoked.
+
+    That leads to a crash in pam_lastlog during session open time.
+
+    This commit addressed the issue by assigning the state to the class
+    as properties.
+
+diff --git a/src/pam/__internals.py b/src/pam/__internals.py
+index 99a0397..9e33188 100644
+--- a/src/pam/__internals.py
+++ b/src/pam/__internals.py
+@@ -311,11 +311,11 @@ class PamAuthenticator:
+ 
+         # do this up front so we can safely throw an exception if there's
+         # anything wrong with it
+-        app_data = {'msgs': self.messages, 'password': password, 'encoding': encoding}
+-        conv = PamConv(__conv, c_void_p.from_buffer(py_object(app_data)))
+        self.app_data = {'msgs': self.messages, 'password': password, 'encoding': encoding}
+        self.conv = PamConv(__conv, c_void_p.from_buffer(py_object(self.app_data)))
+ 
+         self.handle = PamHandle()
+-        retval = self.pam_start(service, username, byref(conv),
+        retval = self.pam_start(service, username, byref(self.conv),
+                                 byref(self.handle))
+ 
+         if retval != PAM_SUCCESS:  # pragma: no cover
+
+
--- a/python-pam.spec
+++ b/python-pam.spec
@ -1,6 +1,6 @@
 Name:           python-pam
 Version:        2.0.2
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        Pure Python interface to the Pluggable Authentication Modules system on Linux
 License:        MIT
 URL:            https://github.com/FirefighterBlu3/python-pam
@ -8,6 +8,8 @@ Source0:        https://pypi.python.org/packages/source/p/%{name}/%{name}-%{vers
 BuildArch:      noarch
 BuildRequires:  python3-devel

+Patch:          0001-internals-Root-conversation-and-closure-data.patch
+
 %generate_buildrequires
 %pyproject_buildrequires

@ -24,7 +26,7 @@ This module provides an authenticate function that allows the caller to
 authenticate a given username / password against the PAM system on Linux.

 %prep
-%autosetup
+%autosetup -p1

 %build
 %pyproject_wheel
@ -39,6 +41,10 @@ authenticate a given username / password against the PAM system on Linux.
 %{python3_sitelib}/python_pam-%{version}*

 %changelog
+* Fri Sep 27 2024 Ray Strode <rstrode@redhat.com> - 2.0.2-9
+- Fix crash with pam_lastlog
+  Resolves: RHEL-53984
+
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.0.2-8
 - Bump release for June 2024 mass rebuild