This checks the return code of snprintf() and makes sure that fullpath
actually fits into a buffer of size PATH_MAX. Otherwise, it will output
an error and exit.
Instead of hardcoding the buffer size to 256, using PATH_MAX makes more
sense here, since this can be defined differently on different
platforms. This is not perfect, though, refer to [1] for some details.
In our case it should be good enough.
[1]: https://eklitzke.org/path-max-is-tricky
Certain phrases (Challenge-response) were not spelled consistently
throughout the project. This commit adjusts for that and fixes a
couple of typos along the way and uses the base form of verbs in
case of error messages.
A previous commit (d51124e) added the `e` flag to the `fopen()` calls. However
this flag is not supported on all platforms (MacOS) and will be silently
dropped (see #145). This patch works around those issues by manually opening
the file descriptor using `open()` with the `O_CLOEXEC` flag, and invoking
`fd_open()` on the resulting file descriptor to open an appropriate `FILE`
stream.
This makes sure that all files used by pam_yubico will be opened with the
`O_CLOEXEC` flag on all supported platforms to mitigate issues with missing
`fclose()` invocation (see #136).
This uses mkostemp() instead of mkstemp(), passing along the `O_CLOEXEC` flag,
which makes sure that the file descriptor is closed and won't be leaked into
any child process, which was previously an issue due to a missing fclose()
(#136).
This adds the `e` flag to fopen() calls, making sure the `O_CLOEXEC` flag is
used. This makes sure that the file descriptor is being closed and not leaked
into child processes. This was an issues previously due to a missing fclose()
(#136).
This opens any file descriptors with the O_CLOEXEC flag, which will make sure
that file descriptors won't be leaked into any child process. This was
previously an issue due to a forgotten fclose() (#136).
This fixes a couple of compiler warnings due to wrong pointer casts in regards
to the pamh structure, which is a bit of a hackery way to access the test data.
The latter function is considered insecure and deprecated on some platforms.
This will create the directory with 0700 implicitely, where it was 0755
beforehand. Since this is a more secure default and the test suite runs fine,
we don't bother to chmod the directory.
Since the install script currently requires sudo, we should state so
explicetely in the .travis.yml file to make sure we get a sudo-enabled
environment and not a container-based one, as there is no sudo available
in the latter one. The default was changed in August 2017, so when
forking this repository, the Travis CI won't work out-of-the box without
this modification. This is described in some details here [1].
[1]: https://docs.travis-ci.com/user/reference/overview/
