shithub: tlsclient

Download patch

ref: 98c1cd7ae022efe276123898af6b892eade0732c
parent: 2bbc75bddc6f2a07056ff017108e35f14061041b
parent: c7d2daff128ed89c4a64ad6d235f15764e73e5f9
author: grobe0ba <[email protected]>
date: Sat Apr 13 06:17:04 EDT 2024

Merge branch 'upstream'

--- a/Makefile
+++ b/Makefile
@@ -96,8 +96,8 @@
 .PHONY: tlsclient.obsd.install
 tlsclient.obsd.install: tlsclient.obsd login_-dp9ik tlsclient.1 login_-dp9ik.8
 	install tlsclient.obsd $(PREFIX)/bin/tlsclient
-	install tlsclient.1 $(PREFIX)/man/man1/
-	install login_-dp9ik.8 $(PREFIX)/man/man8/
+	install tlsclient.1 $(PREFIX)/share/man/man1/
+	install login_-dp9ik.8 $(PREFIX)/share/man/man8/
 	install -d $(PREFIX)/libexec/auth
 	install -g auth login_-dp9ik $(PREFIX)/libexec/auth/
 	install -d $(PREFIX)/libexec/git
--- a/cpu.c
+++ b/cpu.c
@@ -4,7 +4,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <signal.h>
-#define OPENSSL_API_COMPAT 0x10000000L
+#define OPENSSL_API_COMPAT 0x10100000L
 #include <openssl/ssl.h>
 
 #include <u.h>
@@ -63,7 +63,8 @@
 {
 	int p[2];
 
-	pipe(p);
+	if(pipe(p) < 0)
+		sysfatal("pipe failed");
 	switch(fork()){
 	case -1:
 		sysfatal("fork");
@@ -87,18 +88,18 @@
 //clean exit signal handler
 void suicide(int num) { exit(0); }
 
-typedef size_t (*iofunc)(int, void*, size_t);
-size_t tls_send(int f, void *b, size_t n) { return SSL_write(ssl_conn, b, n); }
-size_t tls_recv(int f, void *b, size_t n) { return SSL_read(ssl_conn, b, n); }
-size_t s_send(int f, void *b, size_t n) { return write(f, b, n); }
-size_t s_recv(int f, void *b, size_t n) { return read(f, b, n); }
+typedef ssize_t (*iofunc)(int, void*, size_t);
+ssize_t tls_send(int f, void *b, size_t n) { return SSL_write(ssl_conn, b, n); }
+ssize_t tls_recv(int f, void *b, size_t n) { return SSL_read(ssl_conn, b, n); }
+ssize_t s_send(int f, void *b, size_t n) { return write(f, b, n); }
+ssize_t s_recv(int f, void *b, size_t n) { return read(f, b, n); }
 
 void
 xfer(int from, int to, iofunc recvf, iofunc sendf)
 {
 	char buf[12*1024];
-	size_t n;
-	
+	ssize_t n;
+
 	while((n = recvf(from, buf, sizeof buf)) > 0 && sendf(to, buf, n) == n)
 		;
 }
@@ -178,8 +179,8 @@
 		sysfatal("could not init openssl");
 
 	if(*argv && !Rflag){
-		pipe(pin);
-		pipe(pout);
+		if(pipe(pin) < 0 || pipe(pout) < 0)
+			sysfatal("pipe");
 		switch(fork()){
 		case -1:
 			sysfatal("fork");
--- a/pam.c
+++ b/pam.c
@@ -14,7 +14,6 @@
 
 #include "fncs.h"
 
-/* pasword change TODO */
 PAM_EXTERN int
 pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv )
 {
@@ -21,7 +20,6 @@
 	return PAM_SUCCESS;
 }
 
-/* For checking if the user has expired, has access to specific machine etc */
 PAM_EXTERN int
 pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
@@ -30,7 +28,6 @@
 
 char *authserver;
 
-/* expected hook, this is where custom stuff happens */
 PAM_EXTERN int
 pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv )
 {
@@ -54,6 +51,8 @@
 		return PAM_AUTH_ERR;
 
 	ai = p9any(username, password, fd);
+	close(fd);
+
 	if(ai == nil)
 		return PAM_AUTH_ERR;