ecryptfs-devel team mailing list archive

["Dustin Kirkland" <dustin.kirkland@xxxxxxxxx>]

[PATCH] pam_ecryptfs: error on empty password

1) support the PAM preliminary check (first pass).
2) ensure that new_password is not an empty string (in addition to not
being NULL)
3) set rc = PAM_AUTHTOK_RECOVER_ERR in these new error cases to ensure
that the PAM stack executes (breaks) appropriately

Thanks to Steve Langasek for developing and testing this patch for Ubuntu.

Signed-off-by: Dustin Kirkland <kirkland@xxxxxxxxxxxxx>

--- ecryptfs-utils-53/src/pam_ecryptfs/pam_ecryptfs.c	2008-10-17 00:46:22.053831882 -0500
+++ ecryptfs-utils-53/src/pam_ecryptfs/pam_ecryptfs.c	2008-10-17 00:48:12.121213631 -0500
@@ -357,6 +357,18 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
 		seteuid(saved_uid);
 		goto out;
 	}
+	/* On the first pass, do nothing except check that we have a password */
+	if ((flags & PAM_PRELIM_CHECK)) {
+		if (!old_passphrase)
+		{
+			syslog(LOG_WARNING, "eCryptfs PAM passphrase change "
+			       "module retrieved a NULL passphrase; nothing to "
+			       "do\n");
+			rc = PAM_AUTHTOK_RECOVER_ERR;
+		}
+		seteuid(saved_uid);
+		goto out;
+	}
 	if ((rc = pam_get_item(pamh, PAM_AUTHTOK,
 			       (const void **)&new_passphrase))
 	    != PAM_SUCCESS) {
@@ -366,10 +378,11 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
 		goto out;
 	}
 	seteuid(saved_uid);
-	if (!old_passphrase || !new_passphrase) {
+	if (!old_passphrase || !new_passphrase || *new_passphrase == '\0') {
 		syslog(LOG_WARNING, "eCryptfs PAM passphrase change module "
 		       "retrieved at least one NULL passphrase; nothing to "
 		       "do\n");
+		rc = PAM_AUTHTOK_RECOVER_ERR;
 		goto out;
 	}
 	if ((rc = asprintf(&wrapped_pw_filename, "%s/.ecryptfs/%s", homedir,