Date: 11 Dec 2003 14:56:45 -0000 From: Andreas Hauser <andy-freebsd@splashground.de> To: Dag-Erling Smorgrav <des@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_echo pam_echo.c src/lib/libpam/modules/pam_group pam_group.c src/lib/libpam/modules/pam_lastlog pam_lastlog.c src/lib/libpam/modules/pam_opieaccess... Message-ID: <20031211145645.3379.qmail@paladin.fortunaty.net> In-Reply-To: <200312111355.hBBDtHZV012277@repoman.freebsd.org> References: <200312111355.hBBDtHZV012277@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
des wrote @ Thu, 11 Dec 2003 05:55:16 -0800 (PST):
> Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs
> more work than the others). This should make most modules build with -O2.
Index: pam_krb5.c
===================================================================
RCS file: /home/ncvs/src/lib/libpam/modules/pam_krb5/pam_krb5.c,v
retrieving revision 1.18
diff -u -p -r1.18 pam_krb5.c
--- pam_krb5.c 31 May 2003 17:19:03 -0000 1.18
+++ pam_krb5.c 2 Dec 2003 23:05:25 -0000
@@ -105,7 +105,8 @@ pam_sm_authenticate(pam_handle_t *pamh,
krb5_get_init_creds_opt opts;
struct passwd *pwd;
int retval;
- const char *sourceuser, *user, *pass, *service;
+ const char *user, *pass;
+ const void *sourceuser, *service, *item;
char *principal, *princ_name, *ccache_name, luser[32], *srvdup;
retval = pam_get_user(pamh, &user, USER_PROMPT);
@@ -114,18 +115,18 @@ pam_sm_authenticate(pam_handle_t *pamh,
PAM_LOG("Got user: %s", user);
- retval = pam_get_item(pamh, PAM_RUSER, (const void **)&sourceuser);
+ retval = pam_get_item(pamh, PAM_RUSER, &sourceuser);
if (retval != PAM_SUCCESS)
return (retval);
- PAM_LOG("Got ruser: %s", sourceuser);
+ PAM_LOG("Got ruser: %s", (const char *)sourceuser);
service = NULL;
- pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
+ pam_get_item(pamh, PAM_SERVICE, &service);
if (service == NULL)
service = "unknown";
- PAM_LOG("Got service: %s", service);
+ PAM_LOG("Got service: %s", (const char *)service);
krbret = krb5_init_context(&pam_context);
if (krbret != 0) {
@@ -153,7 +154,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
/* Get principal name */
if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF))
- asprintf(&principal, "%s/%s", sourceuser, user);
+ asprintf(&principal, "%s/%s", (const char *)sourceuser, user);
else
principal = strdup(user);
@@ -208,7 +209,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (retval != PAM_SUCCESS)
goto cleanup2;
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
+ retval = pam_get_item(pamh, PAM_USER, &item);
if (retval != PAM_SUCCESS)
goto cleanup2;
@@ -267,7 +268,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
PAM_LOG("Credentials stashed");
/* Verify them */
- if ((srvdup = strdup(service)) == NULL) {
+ if ((srvdup = strdup((const char *)service)) == NULL) {
retval = PAM_BUF_ERR;
goto cleanup;
}
@@ -283,7 +284,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
PAM_LOG("Credentials stash verified");
- retval = pam_get_data(pamh, "ccache", (const void **)&ccache_name);
+ retval = pam_get_data(pamh, "ccache", &item);
if (retval == PAM_SUCCESS) {
krb5_cc_destroy(pam_context, ccache);
PAM_VERBOSE_ERROR("Kerberos 5 error");
@@ -343,7 +344,8 @@ pam_sm_setcred(pam_handle_t *pamh, int f
krb5_cc_cursor cursor;
struct passwd *pwd = NULL;
int retval;
- const char *cache_name, *q, *user;
+ const char *cache_name, *q;
+ const void *user, *cache_data;
char *cache_name_buf = NULL, *p;
uid_t euid;
@@ -364,11 +366,11 @@ pam_sm_setcred(pam_handle_t *pamh, int f
PAM_LOG("Establishing credentials");
/* Get username */
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
+ retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS)
return (retval);
- PAM_LOG("Got user: %s", user);
+ PAM_LOG("Got user: %s", (const char *)user);
krbret = krb5_init_context(&pam_context);
if (krbret != 0) {
@@ -384,21 +386,21 @@ pam_sm_setcred(pam_handle_t *pamh, int f
PAM_LOG("Got euid, egid: %d %d", euid, egid);
/* Retrieve the temporary cache */
- retval = pam_get_data(pamh, "ccache", (const void **)&cache_name);
+ retval = pam_get_data(pamh, "ccache", &cache_data);
if (retval != PAM_SUCCESS) {
retval = PAM_CRED_UNAVAIL;
goto cleanup3;
}
- krbret = krb5_cc_resolve(pam_context, cache_name, &ccache_temp);
+ krbret = krb5_cc_resolve(pam_context, (const char *)cache_data, &ccache_temp);
if (krbret != 0) {
- PAM_LOG("Error krb5_cc_resolve(\"%s\"): %s", cache_name,
+ PAM_LOG("Error krb5_cc_resolve(\"%s\"): %s", (const char *)cache_data,
krb5_get_err_text(pam_context, krbret));
retval = PAM_SERVICE_ERR;
goto cleanup3;
}
/* Get the uid. This should exist. */
- pwd = getpwnam(user);
+ pwd = getpwnam((const char *)user);
if (pwd == NULL) {
retval = PAM_USER_UNKNOWN;
goto cleanup3;
@@ -579,15 +581,15 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
krb5_ccache ccache;
krb5_principal princ;
int retval;
- const char *user, *ccache_name;
+ const void *user, *ccache_name;
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
+ retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS)
return (retval);
- PAM_LOG("Got user: %s", user);
+ PAM_LOG("Got user: %s", (const char *)user);
- retval = pam_get_data(pamh, "ccache", (const void **)&ccache_name);
+ retval = pam_get_data(pamh, "ccache", &ccache_name);
if (retval != PAM_SUCCESS)
return (PAM_SUCCESS);
@@ -601,15 +603,15 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
PAM_LOG("Context initialised");
- krbret = krb5_cc_resolve(pam_context, ccache_name, &ccache);
+ krbret = krb5_cc_resolve(pam_context, (const char *)ccache_name, &ccache);
if (krbret != 0) {
- PAM_LOG("Error krb5_cc_resolve(\"%s\"): %s", ccache_name,
+ PAM_LOG("Error krb5_cc_resolve(\"%s\"): %s", (const char *)ccache_name,
krb5_get_err_text(pam_context, krbret));
krb5_free_context(pam_context);
return (PAM_PERM_DENIED);
}
- PAM_LOG("Got ccache %s", ccache_name);
+ PAM_LOG("Got ccache %s", (const char *)ccache_name);
krbret = krb5_cc_get_principal(pam_context, ccache, &princ);
@@ -622,7 +624,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
PAM_LOG("Got principal");
- if (krb5_kuserok(pam_context, princ, user))
+ if (krb5_kuserok(pam_context, princ, (const char *)user))
retval = PAM_SUCCESS;
else
retval = PAM_PERM_DENIED;
@@ -652,17 +654,18 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
krb5_get_init_creds_opt opts;
krb5_data result_code_string, result_string;
int result_code, retval;
- const char *user, *pass;
+ const char *pass;
+ const void *user;
char *princ_name, *passdup;
if (!(flags & PAM_UPDATE_AUTHTOK))
return (PAM_AUTHTOK_ERR);
- retval = pam_get_item(pamh, PAM_USER, (const void **)&user);
+ retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS)
return (retval);
- PAM_LOG("Got user: %s", user);
+ PAM_LOG("Got user: %s", (const char *)user);
krbret = krb5_init_context(&pam_context);
if (krbret != 0) {
@@ -677,7 +680,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
PAM_LOG("Credentials options initialised");
/* Get principal name */
- krbret = krb5_parse_name(pam_context, user, &princ);
+ krbret = krb5_parse_name(pam_context, (const char *)user, &princ);
if (krbret != 0) {
PAM_LOG("Error krb5_parse_name(): %s",
krb5_get_err_text(pam_context, krbret));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031211145645.3379.qmail>