From 32d90eab80ee957350c4c218ecf7ed5ac7efc7d0 Mon Sep 17 00:00:00 2001 From: rpm-build Date: Thu, 19 Oct 2023 16:54:43 +0800 Subject: [PATCH] FIX CVE-2022-1049 --- CHANGELOG.md | 4 +++- pcs/daemon/auth.py | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7949064..c6007ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,7 +17,8 @@ cluster cib-upgrade` manually is not needed ([rhbz#2022463]) - Fix displaying differences between configuration checkpoints in `pcs config checkpoint diff` command ([rhbz#2175881]) - +- Pcs daemon was allowing expired accounts, and accounts with expired + passwords to login when using PAM auth. ([huntr#220307]) [ghissue#441]: https://github.com/ClusterLabs/pcs/issues/441 [ghpull#431]: https://github.com/ClusterLabs/pcs/pull/431 @@ -28,6 +29,7 @@ [rhbz#2033248]: https://bugzilla.redhat.com/show_bug.cgi?id=2033248 [rhbz#2036633]: https://bugzilla.redhat.com/show_bug.cgi?id=2036633 [rhbz#2175881]: https://bugzilla.redhat.com/show_bug.cgi?id=2175881 +[huntr#220307]: https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5/ ## [0.11.1] - 2021-11-30 diff --git a/pcs/daemon/auth.py b/pcs/daemon/auth.py index 592aa63..1ae2ed2 100644 --- a/pcs/daemon/auth.py +++ b/pcs/daemon/auth.py @@ -52,6 +52,7 @@ libpam = CDLL(find_library("pam")) strdup = prep_fn(libc.strdup, POINTER(c_char), [c_char_p]) calloc = prep_fn(libc.calloc, c_void_p, [c_uint, c_uint]) pam_authenticate = prep_fn(libpam.pam_authenticate, c_int, [pam_handle, c_int]) +pam_acct_mgmt = prep_fn(libpam.pam_acct_mgmt, c_int, [pam_handle, c_int]) pam_end = prep_fn(libpam.pam_end, c_int, [pam_handle, c_int]) pam_start = prep_fn( libpam.pam_start, @@ -90,6 +91,8 @@ def authenticate_by_pam(username, password): ) if returncode == PAM_SUCCESS: returncode = pam_authenticate(pamh, 0) + if returncode == PAM_SUCCESS: + returncode = pam_acct_mgmt(pamh, 0) pam_end(pamh, returncode) return returncode == PAM_SUCCESS -- 2.27.0