From 80ed93e9c2cae8108470d6c5b59f6bf4a32a07eb Mon Sep 17 00:00:00 2001 From: Martin Nagy Date: Thu, 8 Nov 2007 14:40:51 +0000 Subject: [PATCH] - Correct calling of pam_end (#235843). --- vsftpd-2.0.5-pam_end.patch | 81 ++++++++++++++++++++++++++++++++++++++ vsftpd.spec | 7 +++- 2 files changed, 87 insertions(+), 1 deletion(-) create mode 100644 vsftpd-2.0.5-pam_end.patch diff --git a/vsftpd-2.0.5-pam_end.patch b/vsftpd-2.0.5-pam_end.patch new file mode 100644 index 0000000..9b4f70e --- /dev/null +++ b/vsftpd-2.0.5-pam_end.patch @@ -0,0 +1,81 @@ +diff -up vsftpd-2.0.5/sysdeputil.c.pam_end vsftpd-2.0.5/sysdeputil.c +--- vsftpd-2.0.5/sysdeputil.c.pam_end 2007-11-02 15:53:20.000000000 +0100 ++++ vsftpd-2.0.5/sysdeputil.c 2007-11-08 13:49:44.000000000 +0100 +@@ -320,7 +320,7 @@ vsf_sysdep_check_auth(const struct mystr + retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host)); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } +@@ -329,7 +329,7 @@ vsf_sysdep_check_auth(const struct mystr + retval = pam_set_item(s_pamh, PAM_TTY, "ftp"); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } +@@ -338,7 +338,7 @@ vsf_sysdep_check_auth(const struct mystr + retval = pam_set_item(s_pamh, PAM_RUSER, str_getbuf(p_user_str)); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } +@@ -346,28 +346,28 @@ vsf_sysdep_check_auth(const struct mystr + retval = pam_authenticate(s_pamh, 0); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } + retval = pam_acct_mgmt(s_pamh, 0); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } + retval = pam_setcred(s_pamh, PAM_ESTABLISH_CRED); + if (retval != PAM_SUCCESS) + { +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } + if (!tunable_session_support) + { + /* You're in already! */ +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 1; + } +@@ -378,7 +378,7 @@ vsf_sysdep_check_auth(const struct mystr + { + vsf_remove_uwtmp(); + (void) pam_setcred(s_pamh, PAM_DELETE_CRED); +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, retval); + s_pamh = 0; + return 0; + } +@@ -399,7 +399,7 @@ vsf_auth_shutdown(void) + } + (void) pam_close_session(s_pamh, 0); + (void) pam_setcred(s_pamh, PAM_DELETE_CRED); +- (void) pam_end(s_pamh, 0); ++ (void) pam_end(s_pamh, PAM_SUCCESS); + s_pamh = 0; + vsf_remove_uwtmp(); + } diff --git a/vsftpd.spec b/vsftpd.spec index 4c8e3a2..644ec9a 100644 --- a/vsftpd.spec +++ b/vsftpd.spec @@ -3,7 +3,7 @@ Summary: Very Secure Ftp Daemon Name: vsftpd Version: 2.0.5 -Release: 19%{?dist} +Release: 20%{?dist} License: GPL Group: System Environment/Daemons URL: http://vsftpd.beasts.org/ @@ -42,6 +42,7 @@ Patch26: vsftpd-2.0.5-bind_denied.patch Patch27: vsftpd-2.0.5-uniq_rename.patch Patch28: vsftpd-2.0.5-anon_umask.patch Patch29: vsftpd-2.0.5-pasv_dot.patch +Patch30: vsftpd-2.0.5-pam_end.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root %if %{tcp_wrappers} @@ -98,6 +99,7 @@ cp %{SOURCE1} . %patch27 -p1 -b .uniq_rename %patch28 -p1 -b .anon_umask %patch29 -p1 -b .pasv_dot +%patch30 -p1 -b .pam_end %build %ifarch s390x @@ -156,6 +158,9 @@ fi %{_var}/ftp %changelog +* Thu Nov 08 2007 Martin Nagy - 2.0.5-20 +- Correct calling of pam_end (#235843). + * Wed Aug 29 2007 Fedora Release Engineering - 2.0.5-19 - Rebuild for selinux ppc32 issue.