The branch, build-main has been updated via 71d3d4aca6c9f2024f4ba84ba285705b4d74600d (commit) from c3ab8f90c5f29e9a5e011372211296a54e45c927 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: src/pam-freerdp.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) The diff of changes is: diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 9007a52..89c5d5d 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -33,6 +33,7 @@ #include <security/pam_appl.h> #define PAM_TYPE_DOMAIN 1234 +#define ALL_GOOD_SIGNAL "Ar, ready to authenticate cap'n" static char * global_domain = NULL; /* FIXME? This is a work around to the fact that PAM seems to be clearing @@ -269,6 +270,9 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse /* Track write out */ int writedata = 0; + /* Track ready writing */ + int readywrite = 0; + if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 || setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) { /* Don't need to clean up yet */ @@ -337,6 +341,11 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse goto cleanup; } + readywrite = write(readypipe, ALL_GOOD_SIGNAL, strlen(ALL_GOOD_SIGNAL) + 1); + if (readywrite != strlen(ALL_GOOD_SIGNAL) + 1) { + goto cleanup; + } + connected_addr_size = sizeof(struct sockaddr_un); connectfd = accept(socketfd, (struct sockaddr *)&connected_addr, &connected_addr_size); if (connectfd < 0) { @@ -422,8 +431,18 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv retval = PAM_SYSTEM_ERR; } else { + char readbuffer[strlen(ALL_GOOD_SIGNAL) + 1]; + int readlen = 0; + + readlen = read(sessionready[0], readbuffer, strlen(ALL_GOOD_SIGNAL) + 1); + close(sessionready[0]); - session_pid = pid; + + if (readlen == strlen(ALL_GOOD_SIGNAL) + 1) { + session_pid = pid; + } else { + retval = PAM_SYSTEM_ERR; + } } done: hooks/post-receive -- libpam-x2go.git (Remote login session via X2Go (PAM module)) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "libpam-x2go.git" (Remote login session via X2Go (PAM module)).