41 lines
1.3 KiB
Diff
41 lines
1.3 KiB
Diff
From 308c40306db937dda0ed99c7a426c7730c3d326c Mon Sep 17 00:00:00 2001
|
|
From: liuxinhao <liuxinhao@kylinsec.com.cn>
|
|
Date: Mon, 14 Nov 2022 16:50:36 +0800
|
|
Subject: [PATCH] fix(CVE): PAM authorization bypass due to incorrect usage
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
- 修复问题: 已经过期的账户持有凭证仍然能登录
|
|
---
|
|
libexec/session-guard-checkpass/main.cpp | 6 +++++-
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libexec/session-guard-checkpass/main.cpp b/libexec/session-guard-checkpass/main.cpp
|
|
index e667bde..4606411 100644
|
|
--- a/libexec/session-guard-checkpass/main.cpp
|
|
+++ b/libexec/session-guard-checkpass/main.cpp
|
|
@@ -203,7 +203,6 @@ int main(int argc, char *argv[])
|
|
|
|
int authRes = PAM_SUCCESS;
|
|
authRes = pam_authenticate(pamh, 0);
|
|
-
|
|
const char *newUserName;
|
|
if (pam_get_item(pamh, PAM_USER, (const void **)&newUserName) != PAM_SUCCESS)
|
|
{
|
|
@@ -211,6 +210,11 @@ int main(int argc, char *argv[])
|
|
return EXIT_FAILURE;
|
|
}
|
|
|
|
+ if( authRes == PAM_SUCCESS )
|
|
+ {
|
|
+ authRes = pam_acct_mgmt(pamh, 0);
|
|
+ }
|
|
+
|
|
const char *authResultString = pam_strerror(pamh, authRes);
|
|
CompleteEvent event(true, authRes == PAM_SUCCESS, QString(authResultString));
|
|
kiran_pam_message_send_event(CHANNEL_WRITE, &event);
|
|
--
|
|
2.33.0
|
|
|