From 1fd7a5ecb46a02a29ebf42039575b5344307bfbb Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Wed, 8 Feb 2023 18:58:37 +0100 Subject: [PATCH 4/4] PAM_SSS: close(sss_cli_sd) should also be protected with mutex. Otherwise a thread calling pam_end() can close socket mid pam transaction in another thread. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug only manifested on platforms where "lockfree client" feature wasn't built. Reviewed-by: Pavel Březina Reviewed-by: Sumit Bose (cherry picked from commit bf3f73ea0ee123fe4e7c4bdd2287ac5a5e6d9082) --- src/sss_client/pam_sss.c | 3 +++ src/sss_client/pam_sss_gss.c | 2 ++ 2 files changed, 5 insertions(+) diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c index afbdef59a..39ad17188 100644 --- a/src/sss_client/pam_sss.c +++ b/src/sss_client/pam_sss.c @@ -117,7 +117,10 @@ static void close_fd(pam_handle_t *pamh, void *ptr, int err) #endif /* PAM_DATA_REPLACE */ D(("Closing the fd")); + + sss_pam_lock(); sss_cli_close_socket(); + sss_pam_unlock(); } struct cert_auth_info { diff --git a/src/sss_client/pam_sss_gss.c b/src/sss_client/pam_sss_gss.c index 1109ec570..dd578ae5d 100644 --- a/src/sss_client/pam_sss_gss.c +++ b/src/sss_client/pam_sss_gss.c @@ -581,7 +581,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, } done: + sss_pam_lock(); sss_cli_close_socket(); + sss_pam_unlock(); free(username); free(domain); free(target); -- 2.37.3