and return AUTH_NO_TOKENS if file doesn't exist. This fixes issues in
the nullok case where this user should just be skipped over, handle
other issues with user file as an AUTH_ERROR.
fixes#194
This also unifies the code between pam-u2f and yubico-pam which means
removing the O_CREAT flag here. This is however in line with the README
and the behaviour of pam-u2f. Also, the previous code did lstat on the
path before and if it did not exist it would not have moved on to the
open() anyways.
The previous code was using a trick of saving the actual retval value
as the "pointer". The problem with that was when pam_get_data copied
it out it treated it as a void* which is 8 byte on 64 bit operating
system which meant it copied 8 byte to a 4 byte location and overwrote
the stack with 4 bytes.
The fix is using a heap pointer instead, influenced by the official
code in https://github.com/linux-pam/linux-pam/blob/master/modules/pam_unix/pam_unix_auth.c
With feedback from pedro martelletto, thanks.
If the PAM module cannot update the challenge response file (due to permissions errors, usually), the incorrect error message is displayed "Error communicating with YubiKey...".
This patch makes it so the correct error message is sent to the PAM client, which makes resolving this issue a lot easier.
As raised in #174, ldap_bind_as_user cannot be used if this module is
set to get YubiKey+OTP because the initial ldap lookup fails (since the
password is not set yet). `always_prompt` will stil the initial lookup,
meaning that the user will be given the chance to enter their password.
This adds support for using a client cert/key to authenticate to an LDAP
server. It is separate from binding with a username and password and
can either be used alongside it or with an anonymous bind to the server.
This allows using the authenticating user's username and password to
bind to the LDAP server. This is desirable because it allows for
looking up the yubikey attributes without needing to create a service
account.
Compiler cannot find the declaration for pm_sm_authenticate and prints
the following warning (split due to long line):
pam_test.c:184:10: warning: implicit declaration of function
‘pam_sm_authenticate’; did you mean ‘pam_authenticate’?
[-Wimplicit-function-declaration]
This makes sure that file descriptors will be closed, even if the
fdopen() call failes, which was overlooked in some cases beforehand.
Should be not an issue in the real world, but let's be as clean as
possible.
strncpy() is _NOT_ a safe version of strcpy() and it should not be used
(ineffective and dangerous since a NUL termination might be missing).
Instead snprintf() the way to safely construct a string with a given
limit. This commit implements this for the action parsing in ykpamcfg.
