delta/linux-pam-git.git, branch ldv/github-ci github.com: linux-pam/linux-pam.git .github: add gcc-12, clang-13, and clang-14 jobs 2023-01-21T08:00:00+00:00 Dmitry V. Levin ldv@strace.io 2023-01-21T08:00:00+00:00 9ae4fb5436eb25771be0330eed996951de96fa79 * .github/workflows/ci.yml (gcc12-x86_64, clang14-x86_64, clang13-x86_64): New jobs. (gcc11-x86_64-vendordir): Rename to gcc12-x86_64-vendordir, replace gcc-11 with gcc-12. (clang12-x86_64-vendordir): Rename to clang14-x86_64-vendordir, replace clang-12 with clang-14. 
* .github/workflows/ci.yml (gcc12-x86_64, clang14-x86_64,
clang13-x86_64): New jobs.
(gcc11-x86_64-vendordir): Rename to gcc12-x86_64-vendordir,
replace gcc-11 with gcc-12.
(clang12-x86_64-vendordir): Rename to clang14-x86_64-vendordir,
replace clang-12 with clang-14.
.github: switch from ubuntu-20.04 to ubuntu-latest 2023-01-20T08:00:00+00:00 Dmitry V. Levin ldv@strace.io 2023-01-20T08:00:00+00:00 4c25bcc8e1fbeff15376b3cfb3940c01d1df82fe Switch runners to the latest Ubuntu LTS available, which is currently Ubuntu 22.04. Also, remove old compiler versions from the ci matrix. * .github/workflows/ci.yml (gcc8-x86_64, clang10-x86_64, clang9-x86_64, clang8-x86_64): Remove. (gcc11-x86_64-vendordir, gcc11-x86_64, gcc10-x86_64, gcc9-x86_64, clang12-x86_64-vendordir, clang12-x86_64, clang11-x86_64): Replace ubuntu-20.04 with ubuntu-latest. Link: https://github.blog/changelog/2022-11-09-github-actions-ubuntu-latest-workflows-will-use-ubuntu-22-04/ 
Switch runners to the latest Ubuntu LTS available, which is currently
Ubuntu 22.04.  Also, remove old compiler versions from the ci matrix.

* .github/workflows/ci.yml (gcc8-x86_64, clang10-x86_64, clang9-x86_64,
clang8-x86_64): Remove.
(gcc11-x86_64-vendordir, gcc11-x86_64, gcc10-x86_64, gcc9-x86_64,
clang12-x86_64-vendordir, clang12-x86_64, clang11-x86_64): Replace
ubuntu-20.04 with ubuntu-latest.

Link: https://github.blog/changelog/2022-11-09-github-actions-ubuntu-latest-workflows-will-use-ubuntu-22-04/
pam_unix: silence compiler warning in md5.c 2023-01-19T08:00:00+00:00 Dmitry V. Levin ldv@strace.io 2023-01-19T08:00:00+00:00 be25a6dbd1507ee63bec5c424996a07738a09338 clang-14 insists on issuing the following warning: In file included from md5_good.c:4: md5.c:92:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch] byteReverse(ctx->in.c, 16); ^ md5.c:101:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch] byteReverse(ctx->in.c, 16); ^ md5.c:136:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch] byteReverse(ctx->in.c, 16); ^ md5.c:145:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch] byteReverse(ctx->in.c, 14); ^ md5.c:151:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch] byteReverse(ctx->buf.c, 4); ^ * modules/pam_unix/md5.c (byteReverse): Use uint32 instead of uint8_aligned, update all users. (uint8_aligned): Remove unused type. 
clang-14 insists on issuing the following warning:

  In file included from md5_good.c:4:
  md5.c:92:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
                  byteReverse(ctx->in.c, 16);
                              ^
  md5.c:101:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
                  byteReverse(ctx->in.c, 16);
                              ^
  md5.c:136:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
                  byteReverse(ctx->in.c, 16);
                              ^
  md5.c:145:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
          byteReverse(ctx->in.c, 14);
                      ^
  md5.c:151:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
          byteReverse(ctx->buf.c, 4);
                      ^

* modules/pam_unix/md5.c (byteReverse): Use uint32 instead of
uint8_aligned, update all users.
(uint8_aligned): Remove unused type.
pam_client.h: silence compiler warning 2023-01-19T08:00:00+00:00 Dmitry V. Levin ldv@strace.io 2023-01-19T08:00:00+00:00 cc3f6702afdea7e9a20983810c19f5cc58eaf5e8 gcc-12 insists on issuing the following warning: In file included from libpamc.h:13, from pamc_converse.c:9: pamc_converse.c: In function 'pamc_converse': include/security/pam_client.h:129:27: error: array subscript 'struct <anonymous>[0]' is partly outside array bounds of 'unsigned char[6]' [-Werror=array-bounds] 129 | (*(old_p))->control = cntrl; \ | ^~ pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW' 209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0); | ^~~~~~~~~~~~ include/security/pam_client.h:87:29: note: object of size 6 allocated by 'calloc' 87 | # define PAM_BP_CALLOC calloc | ^ include/security/pam_client.h:124:29: note: in expansion of macro 'PAM_BP_CALLOC' 124 | if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \ | ^~~~~~~~~~~~~ pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW' 209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0); | ^~~~~~~~~~~~ * libpamc/include/security/pam_client.h (pamc_bp_t): Decorate the structure pointed by pamc_bp_t pointer as packed. Despite being a part of the API, the structure is not supposed to be used directly, and all the interface macros were assuming from the very beginning that this structure is packed. 
gcc-12 insists on issuing the following warning:

  In file included from libpamc.h:13,
                   from pamc_converse.c:9:
  pamc_converse.c: In function 'pamc_converse':
  include/security/pam_client.h:129:27: error: array subscript 'struct <anonymous>[0]' is partly outside array bounds of 'unsigned char[6]' [-Werror=array-bounds]
    129 |                 (*(old_p))->control = cntrl;                               \
        |                           ^~
  pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
    209 |     PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
        |     ^~~~~~~~~~~~
  include/security/pam_client.h:87:29: note: object of size 6 allocated by 'calloc'
     87 | # define PAM_BP_CALLOC      calloc
        |                             ^
  include/security/pam_client.h:124:29: note: in expansion of macro 'PAM_BP_CALLOC'
    124 |             if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) {                 \
        |                             ^~~~~~~~~~~~~
  pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
    209 |     PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
        |     ^~~~~~~~~~~~

* libpamc/include/security/pam_client.h (pamc_bp_t): Decorate the
structure pointed by pamc_bp_t pointer as packed.  Despite being a part
of the API, the structure is not supposed to be used directly, and all
the interface macros were assuming from the very beginning that this
structure is packed.
pam_limits: silence compiler warning 2023-01-19T08:00:00+00:00 Dmitry V. Levin ldv@strace.io 2023-01-19T08:00:00+00:00 2aae166e5e4ce921f750cb08f8da08f1cfcedead gcc-12 insists on issuing the following warning: In file included from /usr/include/string.h:535, from pam_limits.c:24: In function 'strncat', inlined from 'check_logins' at pam_limits.c:287:6, inlined from 'setup_limits' at pam_limits.c:1066:13, inlined from 'pam_sm_open_session' at pam_limits.c:1267:14: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:138:10: error: '__builtin___strncat_chk' argument 2 declared attribute 'nonstring' [-Werror=stringop-overread] 138 | return __builtin___strncat_chk (__dest, __src, __len, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 139 | __glibc_objsize (__dest)); | ~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from /usr/include/utmp.h:29, from pam_limits.c:37: /usr/include/x86_64-linux-gnu/bits/utmp.h: In function 'pam_sm_open_session': /usr/include/x86_64-linux-gnu/bits/utmp.h:66:8: note: argument 'ut_user' declared here 66 | char ut_user[UT_NAMESIZE] | ^~~~~~~ * modules/pam_limits/pam_limits.c (check_logins): Use memcpy instead of strncat to pacify the compiler. 
gcc-12 insists on issuing the following warning:

  In file included from /usr/include/string.h:535,
                   from pam_limits.c:24:
  In function 'strncat',
      inlined from 'check_logins' at pam_limits.c:287:6,
      inlined from 'setup_limits' at pam_limits.c:1066:13,
      inlined from 'pam_sm_open_session' at pam_limits.c:1267:14:
  /usr/include/x86_64-linux-gnu/bits/string_fortified.h:138:10: error: '__builtin___strncat_chk' argument 2 declared attribute 'nonstring' [-Werror=stringop-overread]
    138 |   return __builtin___strncat_chk (__dest, __src, __len,
        |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    139 |                                   __glibc_objsize (__dest));
        |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
  In file included from /usr/include/utmp.h:29,
                   from pam_limits.c:37:
  /usr/include/x86_64-linux-gnu/bits/utmp.h: In function 'pam_sm_open_session':
  /usr/include/x86_64-linux-gnu/bits/utmp.h:66:8: note: argument 'ut_user' declared here
     66 |   char ut_user[UT_NAMESIZE]
        |        ^~~~~~~

* modules/pam_limits/pam_limits.c (check_logins): Use memcpy instead of
strncat to pacify the compiler.
.github: remove x86 and x32 jobs 2023-01-18T11:03:40+00:00 Dmitry V. Levin ldv@altlinux.org 2023-01-13T08:00:00+00:00 5b203b05dc7232ed63763ecbbe78b4a153f19075 These types of jobs were implemented using the old version of the OS that is currently being deprecated by github actions. * .github/workflows/ci.yml (gcc11-x86-vendordir, gcc11-x86, gcc10-x86, gcc9-x86, gcc8-x86, clang10-x86, clang9-x86, clang8-x86, gcc11-x32, gcc10-x32, gcc9-x32, gcc8-x32): Remove. Link: https://github.com/actions/runner-images/issues/6002 
These types of jobs were implemented using the old version of the OS
that is currently being deprecated by github actions.

* .github/workflows/ci.yml (gcc11-x86-vendordir, gcc11-x86, gcc10-x86,
gcc9-x86, gcc8-x86, clang10-x86, clang9-x86, clang8-x86, gcc11-x32,
gcc10-x32, gcc9-x32, gcc8-x32): Remove.

Link: https://github.com/actions/runner-images/issues/6002
pam_listfile: fix pointer misuse leading to data corruption 2023-01-18T11:03:40+00:00 Cyril Duval cyril.duval@diabolocom.com 2022-11-23T14:20:38+00:00 58cb830da11e54bcc0116a4b5b1afd3e45a08482 pam_listfile assumes the group being tested will be written at the end of the argument list by carrying only a pointer to the value being examined in 'myval'. Therefore example ''' auth required pam_listfile.so \ onerr=succeed apply=ftp item=user sense=deny file=/etc/ftpusers ''' modified from https://linux.die.net/man/8/pam_listfile is not working because 'apply_val' will point to the latest value of 'myval', which in this case will be "/etc/ftpusers" instead of "ftp". Fix this issue by copying the value of 'myval' instead of just taking a reference pointer. Signed-off-by: Cyril Duval <cyril.duval@diabolocom.com> 
pam_listfile assumes the group being tested will be written at the end
of the argument list by carrying only a pointer to the value being
examined in 'myval'.

Therefore example

'''
auth    required       pam_listfile.so \
        onerr=succeed apply=ftp item=user sense=deny file=/etc/ftpusers
'''

modified from https://linux.die.net/man/8/pam_listfile is not working because
'apply_val' will point to the latest value of 'myval', which in this case will
be "/etc/ftpusers" instead of "ftp".

Fix this issue by copying the value of 'myval' instead of just taking
a reference pointer.

Signed-off-by: Cyril Duval <cyril.duval@diabolocom.com>
doc: Update PAM documentation from DockBook 4 to DocBook 5 2022-12-16T09:31:37+00:00 Stefan Schubert schubi@suse.de 2022-10-25T14:29:41+00:00 cf2fc5ff7b4a8555fda2a5ebe5f6ab0e45c22996 Changed files -------------- Make.xml.rules.in: - Using RNG file instead of DTD file for checking XML files. - Taking the correct stylesheet for README files. doc/sag/Makefile.am, doc/adg/Makefile.am, doc/mwg/Makefile.am: - Using RNG file instead of DTD file for checking XML files. configure.ac: - Adding a new option for selecting RNG check file (-enable-docbook-rng) - Switching stylesheets to docbook 5 - Checking DocBook 5 environment instead of DocBook 4 environment *.xml: Update from DockBook 4 to DocBook 5 
Changed files
--------------

Make.xml.rules.in:
- Using RNG file instead of DTD file for checking XML files.
- Taking the correct stylesheet for README files.

doc/sag/Makefile.am, doc/adg/Makefile.am, doc/mwg/Makefile.am:
- Using RNG file instead of DTD file for checking XML files.

configure.ac:
- Adding a new option for selecting RNG check file (-enable-docbook-rng)
- Switching stylesheets to docbook 5
- Checking DocBook 5 environment instead of DocBook 4 environment

*.xml:
Update from DockBook 4 to DocBook 5
pam_env: Use vendor specific pam_env.conf and environment as fallback 2022-12-14T08:29:35+00:00 Stefan Schubert schubi@suse.de 2021-12-03T13:33:20+00:00 6135c45347b6173e305fda66eef138bde693b795 Use the vendor directory as fallback for a distribution provided default config if there is no one in /etc. * Makefile.am: Add libeconf setting. * pam_env.c: Take care about the fallback configuration in the vendor directory. * pam_env.8.xml: Add description for the vendor directory. * pam_env.conf.5.xml: Add description for the vendor directory. * tst-pam_env-retval.c: Add tests for libeconf. * configure.ac: Add ECONF settings for building man pages. 
Use the vendor directory as fallback for a distribution provided default
config if there is no one in /etc.

* Makefile.am: Add libeconf setting.
* pam_env.c: Take care about the fallback configuration in the vendor directory.
* pam_env.8.xml: Add description for the vendor directory.
* pam_env.conf.5.xml: Add description for the vendor directory.
* tst-pam_env-retval.c: Add tests for libeconf.
* configure.ac: Add ECONF settings for building man pages.
pam_shells: Use the vendor directory as fallback for a distribution provided default config if there is no one in /etc. 2022-12-12T09:15:12+00:00 Stefan Schubert schubi@suse.de 2022-11-16T17:37:14+00:00 d71de05146d03c271bd5507724d24d1ad17c2be5 If pam will be compiled with the option --enable-vendordir=<vendor_dir> and NOT defined --disable-econf, the files which define valid login shells will be parsed in following order: - <vendor_dir>/shells - <vendor_dir>/shells.d/* - /etc/shells.d/shells But all files in <vendor_dir> will be ingnored if the user has defined his own file /etc/shells. This commit solves issue: https://github.com/linux-pam/linux-pam/issues/498 
If pam will be compiled with the option --enable-vendordir=<vendor_dir> and
NOT defined --disable-econf, the files which define valid login shells will
be parsed in following order:
- <vendor_dir>/shells
- <vendor_dir>/shells.d/*
- /etc/shells.d/shells
But all files in <vendor_dir> will be ingnored if the user has defined his
own file /etc/shells.
This commit solves issue: https://github.com/linux-pam/linux-pam/issues/498