Deprecated code used in 'sss_client/pam_sss.c' #7606

alexey-tikhonov · 2024-09-18T15:48:19Z

../src/sss_client/pam_sss.c: In function 'overwrite_and_free_authtoks':
../src/sss_client/pam_sss.c:174:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  174 |         _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size);
      |         ^~~~~~~~~~~~~~~~
In file included from ../src/sss_client/sss_pam_macros.h:33,
                 from ../src/sss_client/pam_sss.c:45:
../src/sss_client/pam_sss.c:174:9: note: declared here
  174 |         _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:174:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  174 |         _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:174:9: note: declared here
  174 |         _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:180:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  180 |         _pam_overwrite_n((void *)pi->pam_newauthtok,  pi->pam_newauthtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:180:9: note: declared here
  180 |         _pam_overwrite_n((void *)pi->pam_newauthtok,  pi->pam_newauthtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:180:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  180 |         _pam_overwrite_n((void *)pi->pam_newauthtok,  pi->pam_newauthtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:180:9: note: declared here
  180 |         _pam_overwrite_n((void *)pi->pam_newauthtok,  pi->pam_newauthtok_size);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:186:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  186 |         _pam_overwrite_n((void *)pi->first_factor, strlen(pi->first_factor));
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:186:9: note: declared here
  186 |         _pam_overwrite_n((void *)pi->first_factor, strlen(pi->first_factor));
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:186:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  186 |         _pam_overwrite_n((void *)pi->first_factor, strlen(pi->first_factor));
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:186:9: note: declared here
  186 |         _pam_overwrite_n((void *)pi->first_factor, strlen(pi->first_factor));
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'do_pam_conversation':
../src/sss_client/pam_sss.c:307:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:307:21: note: declared here
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:307:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:307:21: note: declared here
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:307:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:307:21: note: declared here
  307 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: note: declared here
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: note: declared here
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:310:25: note: declared here
  310 |                         _pam_overwrite((void *) answer);
      |                         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: note: declared here
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: note: declared here
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:325:17: note: declared here
  325 |                 _pam_overwrite((void *)resp[0].resp);
      |                 ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: note: declared here
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: note: declared here
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:333:21: note: declared here
  333 |                     _pam_overwrite((void *)resp[0].resp);
      |                     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'send_and_receive':
../src/sss_client/pam_sss.c:1619:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1619 |         _pam_overwrite_n((void *)buf, rd.len);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1619:9: note: declared here
 1619 |         _pam_overwrite_n((void *)buf, rd.len);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1619:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1619 |         _pam_overwrite_n((void *)buf, rd.len);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1619:9: note: declared here
 1619 |         _pam_overwrite_n((void *)buf, rd.len);
      |         ^~~~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_password':
../src/sss_client/pam_sss.c:1645:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1645:9: note: declared here
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1645:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1645:9: note: declared here
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1645:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1645:9: note: declared here
 1645 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_2fa':
../src/sss_client/pam_sss.c:1784:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1784:13: note: declared here
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1784:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1784:13: note: declared here
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1784:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1784:13: note: declared here
 1784 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: note: declared here
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: note: declared here
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1788:13: note: declared here
 1788 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_2fa_single':
../src/sss_client/pam_sss.c:1817:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1817:9: note: declared here
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1817:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1817:9: note: declared here
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1817:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1817:9: note: declared here
 1817 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_passkey':
../src/sss_client/pam_sss.c:1998:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1998:13: note: declared here
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1998:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1998:13: note: declared here
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1998:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:1998:13: note: declared here
 1998 |             _pam_overwrite((void *)resp[pin_idx].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_sc_pin':
../src/sss_client/pam_sss.c:2281:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2281:9: note: declared here
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2281:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2281:9: note: declared here
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2281:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2281:9: note: declared here
 2281 |         _pam_overwrite((void *)resp[0].resp);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: note: declared here
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: note: declared here
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2371:5: note: declared here
 2371 |     _pam_overwrite((void *)answer);
      |     ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: note: declared here
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: note: declared here
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2377:13: note: declared here
 2377 |             _pam_overwrite((void *)resp[0].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: note: declared here
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: note: declared here
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2381:13: note: declared here
 2381 |             _pam_overwrite((void *)resp[1].resp);
      |             ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c: In function 'prompt_new_password':
../src/sss_client/pam_sss.c:2411:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2411:9: note: declared here
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2411:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2411:9: note: declared here
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2411:9: error: 'xx_' is deprecated [-Werror=deprecated-declarations]
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~
../src/sss_client/pam_sss.c:2411:9: note: declared here
 2411 |         _pam_overwrite((void *)answer);
      |         ^~~~~~~~~~~~~~

The text was updated successfully, but these errors were encountered:

alexey-tikhonov · 2024-09-18T15:51:24Z

https://github.com/linux-pam/linux-pam/blob/master/NEWS

Release 1.5.3
...
* Deprecated _pam_overwrite(), _pam_overwrite_n(), and _pam_drop_reply() macros
  provided by _pam_macros.h; the memory override performed by these macros can
  be optimized out by the compiler and therefore can no longer be relied upon.

with `sss_erase_mem_securely()` Resolves: SSSD#7606

alexey-tikhonov · 2024-09-27T11:33:24Z

Pushed PR: #7615

master
- 312e0eb - Revert "ci: allow deprecated functions during build"
- 0330ebe - CLIENT:PAM: replace deprecated _pam_overwrite

alexey-tikhonov added a commit to alexey-tikhonov/sssd that referenced this issue Sep 23, 2024

CLIENT:PAM: replace deprecated _pam_overwrite

95819e8

with `sss_erase_mem_securely()` Resolves: SSSD#7606

alexey-tikhonov linked a pull request Sep 23, 2024 that will close this issue

CLIENT:PAM: replace deprecated _pam_overwrite #7615

Closed

alexey-tikhonov self-assigned this Sep 23, 2024

alexey-tikhonov added a commit to alexey-tikhonov/sssd that referenced this issue Sep 25, 2024

CLIENT:PAM: replace deprecated _pam_overwrite

e175f95

with `sss_erase_mem_securely()` Resolves: SSSD#7606

alexey-tikhonov added a commit to alexey-tikhonov/sssd that referenced this issue Sep 25, 2024

CLIENT:PAM: replace deprecated _pam_overwrite

19fde46

with `sss_erase_mem_securely()` Resolves: SSSD#7606

alexey-tikhonov closed this as completed in 0330ebe Sep 27, 2024

alexey-tikhonov added the Closed: Fixed Issue was closed as fixed. label Sep 27, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deprecated code used in 'sss_client/pam_sss.c' #7606

Deprecated code used in 'sss_client/pam_sss.c' #7606

alexey-tikhonov commented Sep 18, 2024

alexey-tikhonov commented Sep 18, 2024

alexey-tikhonov commented Sep 27, 2024

Deprecated code used in 'sss_client/pam_sss.c' #7606

Deprecated code used in 'sss_client/pam_sss.c' #7606

Comments

alexey-tikhonov commented Sep 18, 2024

alexey-tikhonov commented Sep 18, 2024

alexey-tikhonov commented Sep 27, 2024