diff options
Diffstat (limited to 'libpam')
-rw-r--r-- | libpam/Makefile.in | 154 | ||||
-rw-r--r-- | libpam/include/security/pam_modutil.h | 5 | ||||
-rw-r--r-- | libpam/pam_audit.c | 4 | ||||
-rw-r--r-- | libpam/pam_delay.c | 1 | ||||
-rw-r--r-- | libpam/pam_dispatch.c | 8 | ||||
-rw-r--r-- | libpam/pam_dynamic.c | 10 | ||||
-rw-r--r-- | libpam/pam_get_authtok.c | 5 | ||||
-rw-r--r-- | libpam/pam_handlers.c | 18 | ||||
-rw-r--r-- | libpam/pam_item.c | 6 | ||||
-rw-r--r-- | libpam/pam_misc.c | 2 | ||||
-rw-r--r-- | libpam/pam_modutil_getgrgid.c | 12 | ||||
-rw-r--r-- | libpam/pam_modutil_getgrnam.c | 8 | ||||
-rw-r--r-- | libpam/pam_modutil_getpwnam.c | 8 | ||||
-rw-r--r-- | libpam/pam_modutil_getpwuid.c | 12 | ||||
-rw-r--r-- | libpam/pam_modutil_getspnam.c | 8 | ||||
-rw-r--r-- | libpam/pam_modutil_ingroup.c | 2 | ||||
-rw-r--r-- | libpam/pam_prelude.h | 1 | ||||
-rw-r--r-- | libpam/pam_session.c | 2 | ||||
-rw-r--r-- | libpam/pam_start.c | 2 | ||||
-rw-r--r-- | libpam/pam_static_modules.h | 14 | ||||
-rw-r--r-- | libpam/pam_tokens.h | 4 |
21 files changed, 168 insertions, 118 deletions
diff --git a/libpam/Makefile.in b/libpam/Makefile.in index fd8facc..6eb4f4d 100644 --- a/libpam/Makefile.in +++ b/libpam/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.11.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -21,8 +22,9 @@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -48,7 +50,7 @@ DIST_COMMON = $(include_HEADERS) $(noinst_HEADERS) \ $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/intlmacosx.m4 \ + $(top_srcdir)/m4/iconv.m4 \ $(top_srcdir)/m4/japhar_grep_cflags.m4 \ $(top_srcdir)/m4/jh_path_xml_catalog.m4 \ $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \ @@ -57,22 +59,36 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ $(top_srcdir)/m4/libprelude.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/pkg.m4 \ - $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \ - $(top_srcdir)/configure.in + $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ + $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) am__DEPENDENCIES_1 = @STATIC_MODULES_TRUE@am__DEPENDENCIES_2 = $(shell ls \ @@ -95,8 +111,9 @@ libpam_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libpam_la_LDFLAGS) $(LDFLAGS) -o $@ DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp +depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -108,7 +125,6 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ $(LDFLAGS) -o $@ SOURCES = $(libpam_la_SOURCES) DIST_SOURCES = $(libpam_la_SOURCES) -includeHEADERS_INSTALL = $(INSTALL_HEADER) HEADERS = $(include_HEADERS) $(noinst_HEADERS) ETAGS = etags CTAGS = ctags @@ -141,7 +157,6 @@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ FO2PDF = @FO2PDF@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GREP = @GREP@ @@ -199,6 +214,7 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PIE_CFLAGS = @PIE_CFLAGS@ @@ -216,7 +232,6 @@ USE_NLS = @USE_NLS@ VERSION = @VERSION@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ XMLCATALOG = @XMLCATALOG@ XMLLINT = @XMLLINT@ XML_CATALOG_FILE = @XML_CATALOG_FILE@ @@ -319,14 +334,14 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libpam/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --gnu libpam/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu libpam/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu libpam/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -344,23 +359,28 @@ $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: @@ -414,21 +434,21 @@ distclean-compile: .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< @@ -441,34 +461,37 @@ clean-libtool: install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(includedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(includedir)" && rm -f $$files ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -476,29 +499,34 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -519,13 +547,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -557,6 +589,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -578,6 +611,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -586,18 +621,28 @@ install-data-am: install-includeHEADERS install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-libLTLIBRARIES install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -637,6 +682,7 @@ uninstall-am: uninstall-includeHEADERS uninstall-libLTLIBRARIES tags uninstall uninstall-am uninstall-includeHEADERS \ uninstall-libLTLIBRARIES + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/libpam/include/security/pam_modutil.h b/libpam/include/security/pam_modutil.h index 317202d..8087ba1 100644 --- a/libpam/include/security/pam_modutil.h +++ b/libpam/include/security/pam_modutil.h @@ -47,6 +47,11 @@ #ifndef _SECURITY__PAM_MODUTIL_H #define _SECURITY__PAM_MODUTIL_H +#include <sys/types.h> +#include <pwd.h> +#include <grp.h> +#include <shadow.h> + #ifdef __cplusplus extern "C" { #endif diff --git a/libpam/pam_audit.c b/libpam/pam_audit.c index 7f2e0b2..531746a 100644 --- a/libpam/pam_audit.c +++ b/libpam/pam_audit.c @@ -161,7 +161,7 @@ pam_modutil_audit_write(pam_handle_t *pamh, int type, { int audit_fd; int rc; - + if ((audit_fd=_pam_audit_open(pamh)) == -1) { return PAM_SYSTEM_ERR; } else if (audit_fd == -2) { @@ -171,7 +171,7 @@ pam_modutil_audit_write(pam_handle_t *pamh, int type, rc = _pam_audit_writelog(pamh, audit_fd, type, message, retval); audit_close(audit_fd); - + return rc < 0 ? PAM_SYSTEM_ERR : PAM_SUCCESS; } diff --git a/libpam/pam_delay.c b/libpam/pam_delay.c index a9cfa80..cb6c9d5 100644 --- a/libpam/pam_delay.c +++ b/libpam/pam_delay.c @@ -156,4 +156,3 @@ int pam_fail_delay(pam_handle_t *pamh, unsigned int usec) return PAM_SUCCESS; } - diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c index 98c69c6..eb52c82 100644 --- a/libpam/pam_dispatch.c +++ b/libpam/pam_dispatch.c @@ -261,16 +261,16 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, if (impression == _PAM_UNDEF || (impression == _PAM_POSITIVE && status == PAM_SUCCESS) ) { - if ( retval != PAM_IGNORE || cached_retval == retval ) { + if ( retval != PAM_IGNORE || cached_retval == retval ) { impression = _PAM_POSITIVE; - status = retval; - } + status = retval; + } } } /* this means that we need to skip #action stacked modules */ while (h->next != NULL && h->next->stack_level >= stack_level && action > 0) { - do { + do { h = h->next; ++depth; } while (h->next != NULL && h->next->stack_level > stack_level); diff --git a/libpam/pam_dynamic.c b/libpam/pam_dynamic.c index 5be33c3..e1155e5 100644 --- a/libpam/pam_dynamic.c +++ b/libpam/pam_dynamic.c @@ -55,8 +55,8 @@ void *_pam_dlopen(const char *mod_path) NSObjectFileImage ofile; void *ret = NULL; - if (NSCreateObjectFileImageFromFile(mod_path, &ofile) != - NSObjectFileImageSuccess ) + if (NSCreateObjectFileImageFromFile(mod_path, &ofile) != + NSObjectFileImageSuccess ) return NULL; ret = NSLinkModule(ofile, mod_path, NSLINKMODULE_OPTION_PRIVATE | NSLINKMODULE_OPTION_BINDNOW); @@ -68,7 +68,7 @@ void *_pam_dlopen(const char *mod_path) #endif } -servicefn _pam_dlsym(void *handle, const char *symbol) +servicefn _pam_dlsym(void *handle, const char *symbol) { #ifdef PAM_SHL char *_symbol = NULL; @@ -83,7 +83,7 @@ servicefn _pam_dlsym(void *handle, const char *symbol) return NULL; strcpy(_symbol, SHLIB_SYM_PREFIX); strcat(_symbol, symbol); - if( shl_findsym(&handle, _symbol, + if( shl_findsym(&handle, _symbol, (short) TYPE_PROCEDURE, &ret ){ free(_symbol); return NULL; @@ -92,7 +92,7 @@ servicefn _pam_dlsym(void *handle, const char *symbol) } return ret; - + #elif defined(PAM_DYLD) NSSymbol nsSymbol; char *_symbol; diff --git a/libpam/pam_get_authtok.c b/libpam/pam_get_authtok.c index ecd2991..31bb162 100644 --- a/libpam/pam_get_authtok.c +++ b/libpam/pam_get_authtok.c @@ -102,6 +102,8 @@ pam_get_authtok_internal (pam_handle_t *pamh, int item, if (retval != PAM_SUCCESS || authtok_type == NULL) authtok_type = ""; } + else + pam_set_item(pamh, PAM_AUTHTOK_TYPE, authtok_type); } retval = pam_get_item (pamh, item, &prevauthtok); @@ -210,6 +212,9 @@ pam_get_authtok_verify (pam_handle_t *pamh, const char **authtok, } else { + retval = pam_get_item (pamh, PAM_AUTHTOK_TYPE, (const void **)&authtok_type); + if (retval != PAM_SUCCESS || authtok_type == NULL) + authtok_type = ""; retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp, PROMPT2, authtok_type, strlen (authtok_type) > 0?" ":""); diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c index 59a1929..02714f7 100644 --- a/libpam/pam_handlers.c +++ b/libpam/pam_handlers.c @@ -194,16 +194,16 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f tok = _pam_StrTok(NULL, " \n\t", &nexttok); if (pam_include) { - if (substack) { + if (substack) { res = _pam_add_handler(pamh, PAM_HT_SUBSTACK, other, - stack_level, module_type, actions, tok, - 0, NULL, 0); + stack_level, module_type, actions, tok, + 0, NULL, 0); if (res != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "error adding substack %s", tok); D(("failed to load module - aborting")); return PAM_ABORT; - } - } + } + } if (_pam_load_conf_file(pamh, tok, this_service, module_type, stack_level + substack #ifdef PAM_READ_BOTH_CONFS @@ -625,7 +625,7 @@ _pam_load_module(pam_handle_t *pamh, const char *mod_path, int handler_type) struct loaded_module *mod; D(("_pam_load_module: loading module `%s'", mod_path)); - + mod = pamh->handlers.module; /* First, ensure the module is loaded */ @@ -774,12 +774,12 @@ int _pam_add_handler(pam_handle_t *pamh /* if we get here with NULL it means allocation error */ return PAM_ABORT; } - + mod_type = mod->type; } - + if (mod_path == NULL) - mod_path = UNKNOWN_MODULE; + mod_path = UNKNOWN_MODULE; /* * At this point 'mod' points to the stored/loaded module. diff --git a/libpam/pam_item.c b/libpam/pam_item.c index 00e00c2..8148fd5 100644 --- a/libpam/pam_item.c +++ b/libpam/pam_item.c @@ -315,8 +315,8 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) if (pamh->former.want_user) { /* must have a prompt to resume with */ if (! pamh->former.prompt) { - pam_syslog(pamh, LOG_ERR, - "pam_get_user: failed to resume with prompt" + pam_syslog(pamh, LOG_ERR, + "pam_get_user: failed to resume with prompt" ); return PAM_ABORT; } @@ -324,7 +324,7 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) /* must be the same prompt as last time */ if (strcmp(pamh->former.prompt, use_prompt)) { pam_syslog(pamh, LOG_ERR, - "pam_get_user: resumed with different prompt"); + "pam_get_user: resumed with different prompt"); return PAM_ABORT; } diff --git a/libpam/pam_misc.c b/libpam/pam_misc.c index 0e60727..aac0e92 100644 --- a/libpam/pam_misc.c +++ b/libpam/pam_misc.c @@ -312,7 +312,7 @@ void _pam_parse_control(int *control_array, char *tok) break; } } - if (act > 0) { + if (act > 0) { /* * Either we have a number or we have hit an error. In * principle, there is nothing to stop us accepting diff --git a/libpam/pam_modutil_getgrgid.c b/libpam/pam_modutil_getgrgid.c index 600946a..386d6f4 100644 --- a/libpam/pam_modutil_getgrgid.c +++ b/libpam/pam_modutil_getgrgid.c @@ -16,7 +16,7 @@ #include <stdlib.h> static int intlen(int number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -26,7 +26,7 @@ static int intlen(int number) } static int longlen(long number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -72,7 +72,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid) int i; data_name = malloc(strlen("_pammodutil_getgrgid") + 1 + - longlen((long)gid) + 1 + intlen(INT_MAX) + 1); + longlen((long)gid) + 1 + intlen(INT_MAX) + 1); if ((pamh != NULL) && (data_name == NULL)) { D(("was unable to register the data item [%s]", pam_strerror(pamh, status))); @@ -83,7 +83,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid) if (pamh != NULL) { for (i = 0; i < INT_MAX; i++) { sprintf(data_name, "_pammodutil_getgrgid_%ld_%d", - (long) gid, i); + (long) gid, i); status = PAM_NO_MODULE_DATA; if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) { status = pam_set_data(pamh, data_name, @@ -114,7 +114,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid) /* no sense in repeating the call */ break; } - + length <<= PWD_LENGTH_SHIFT; } while (length < PWD_ABSURD_PWD_LENGTH); @@ -131,7 +131,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid) * Sorry, there does not appear to be a reentrant version of * getgrgid(). So, we use the standard libc function. */ - + return getgrgid(gid); #endif /* def HAVE_GETGRGID_R */ diff --git a/libpam/pam_modutil_getgrnam.c b/libpam/pam_modutil_getgrnam.c index adf7daa..cbb1551 100644 --- a/libpam/pam_modutil_getgrnam.c +++ b/libpam/pam_modutil_getgrnam.c @@ -16,7 +16,7 @@ #include <stdlib.h> static int intlen(int number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -62,7 +62,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group) int i; data_name = malloc(strlen("_pammodutil_getgrnam") + 1 + - strlen(group) + 1 + intlen(INT_MAX) + 1); + strlen(group) + 1 + intlen(INT_MAX) + 1); if ((pamh != NULL) && (data_name == NULL)) { D(("was unable to register the data item [%s]", pam_strerror(pamh, status))); @@ -103,7 +103,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group) /* no sense in repeating the call */ break; } - + length <<= PWD_LENGTH_SHIFT; } while (length < PWD_ABSURD_PWD_LENGTH); @@ -120,7 +120,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group) * Sorry, there does not appear to be a reentrant version of * getgrnam(). So, we use the standard libc function. */ - + return getgrnam(group); #endif /* def HAVE_GETGRNAM_R */ diff --git a/libpam/pam_modutil_getpwnam.c b/libpam/pam_modutil_getpwnam.c index f4e4d80..8132c76 100644 --- a/libpam/pam_modutil_getpwnam.c +++ b/libpam/pam_modutil_getpwnam.c @@ -16,7 +16,7 @@ #include <stdlib.h> static int intlen(int number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -62,7 +62,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user) int i; data_name = malloc(strlen("_pammodutil_getpwnam") + 1 + - strlen(user) + 1 + intlen(INT_MAX) + 1); + strlen(user) + 1 + intlen(INT_MAX) + 1); if ((pamh != NULL) && (data_name == NULL)) { D(("was unable to register the data item [%s]", pam_strerror(pamh, status))); @@ -103,7 +103,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user) /* no sense in repeating the call */ break; } - + length <<= PWD_LENGTH_SHIFT; } while (length < PWD_ABSURD_PWD_LENGTH); @@ -120,7 +120,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user) * Sorry, there does not appear to be a reentrant version of * getpwnam(). So, we use the standard libc function. */ - + return getpwnam(user); #endif /* def HAVE_GETPWNAM_R */ diff --git a/libpam/pam_modutil_getpwuid.c b/libpam/pam_modutil_getpwuid.c index 33a6cf4..3a43593 100644 --- a/libpam/pam_modutil_getpwuid.c +++ b/libpam/pam_modutil_getpwuid.c @@ -16,7 +16,7 @@ #include <stdlib.h> static int intlen(int number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -26,7 +26,7 @@ static int intlen(int number) } static int longlen(long number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -72,7 +72,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid) int i; data_name = malloc(strlen("_pammodutil_getpwuid") + 1 + - longlen((long) uid) + 1 + intlen(INT_MAX) + 1); + longlen((long) uid) + 1 + intlen(INT_MAX) + 1); if ((pamh != NULL) && (data_name == NULL)) { D(("was unable to register the data item [%s]", pam_strerror(pamh, status))); @@ -83,7 +83,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid) if (pamh != NULL) { for (i = 0; i < INT_MAX; i++) { sprintf(data_name, "_pammodutil_getpwuid_%ld_%d", - (long) uid, i); + (long) uid, i); status = PAM_NO_MODULE_DATA; if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) { status = pam_set_data(pamh, data_name, @@ -114,7 +114,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid) /* no sense in repeating the call */ break; } - + length <<= PWD_LENGTH_SHIFT; } while (length < PWD_ABSURD_PWD_LENGTH); @@ -131,7 +131,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid) * Sorry, there does not appear to be a reentrant version of * getpwuid(). So, we use the standard libc function. */ - + return getpwuid(uid); #endif /* def HAVE_GETPWUID_R */ diff --git a/libpam/pam_modutil_getspnam.c b/libpam/pam_modutil_getspnam.c index 7cc6488..032709e 100644 --- a/libpam/pam_modutil_getspnam.c +++ b/libpam/pam_modutil_getspnam.c @@ -16,7 +16,7 @@ #include <stdlib.h> static int intlen(int number) -{ +{ int len = 2; while (number != 0) { number /= 10; @@ -62,7 +62,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user) int i; data_name = malloc(strlen("_pammodutil_getspnam") + 1 + - strlen(user) + 1 + intlen(INT_MAX) + 1); + strlen(user) + 1 + intlen(INT_MAX) + 1); if ((pamh != NULL) && (data_name == NULL)) { D(("was unable to register the data item [%s]", pam_strerror(pamh, status))); @@ -103,7 +103,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user) /* no sense in repeating the call */ break; } - + length <<= PWD_LENGTH_SHIFT; } while (length < PWD_ABSURD_PWD_LENGTH); @@ -120,7 +120,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user) * Sorry, there does not appear to be a reentrant version of * getspnam(). So, we use the standard libc function. */ - + return getspnam(user); #endif /* def HAVE_GETSPNAM_R */ diff --git a/libpam/pam_modutil_ingroup.c b/libpam/pam_modutil_ingroup.c index 7a15f71..875cf3e 100644 --- a/libpam/pam_modutil_ingroup.c +++ b/libpam/pam_modutil_ingroup.c @@ -74,7 +74,7 @@ pam_modutil_user_in_group_common(pam_handle_t *pamh UNUSED, return 0; } -int +int pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh, const char *user, const char *group) { diff --git a/libpam/pam_prelude.h b/libpam/pam_prelude.h index 13ee6fd..196b141 100644 --- a/libpam/pam_prelude.h +++ b/libpam/pam_prelude.h @@ -13,4 +13,3 @@ void prelude_send_alert(pam_handle_t *pamh, int authval); #endif /* _SECURITY_PAM_PRELUDE_H */ - diff --git a/libpam/pam_session.c b/libpam/pam_session.c index 34532bc..512153f 100644 --- a/libpam/pam_session.c +++ b/libpam/pam_session.c @@ -24,7 +24,7 @@ int pam_open_session(pam_handle_t *pamh, int flags) #ifdef HAVE_LIBAUDIT retval = _pam_auditlog(pamh, PAM_OPEN_SESSION, retval, flags); -#endif +#endif return retval; } diff --git a/libpam/pam_start.c b/libpam/pam_start.c index b7cd771..328416d 100644 --- a/libpam/pam_start.c +++ b/libpam/pam_start.c @@ -111,6 +111,7 @@ int pam_start ( (*pamh)->data = NULL; if ( _pam_make_env(*pamh) != PAM_SUCCESS ) { pam_syslog(*pamh,LOG_ERR,"pam_start: failed to initialize environment"); + _pam_drop((*pamh)->pam_conversation); _pam_drop((*pamh)->service_name); _pam_drop((*pamh)->user); _pam_drop(*pamh); @@ -127,6 +128,7 @@ int pam_start ( if ( _pam_init_handlers(*pamh) != PAM_SUCCESS ) { pam_syslog(*pamh, LOG_ERR, "pam_start: failed to initialize handlers"); _pam_drop_env(*pamh); /* purge the environment */ + _pam_drop((*pamh)->pam_conversation); _pam_drop((*pamh)->service_name); _pam_drop((*pamh)->user); _pam_drop(*pamh); diff --git a/libpam/pam_static_modules.h b/libpam/pam_static_modules.h index 999adc2..698989b 100644 --- a/libpam/pam_static_modules.h +++ b/libpam/pam_static_modules.h @@ -63,7 +63,6 @@ extern struct pam_module _pam_nologin_modstruct; extern struct pam_module _pam_permit_modstruct; extern struct pam_module _pam_pwhistory_modstruct; extern struct pam_module _pam_rhosts_modstruct; -extern struct pam_module _pam_rhosts_auth_modstruct; extern struct pam_module _pam_rootok_modstruct; extern struct pam_module _pam_securetty_modstruct; #ifdef WITH_SELINUX @@ -81,10 +80,7 @@ extern struct pam_module _pam_timestamp_modstruct; extern struct pam_module _pam_tty_audit_modstruct; #endif extern struct pam_module _pam_umask_modstruct; -extern struct pam_module _pam_unix_acct_modstruct; -extern struct pam_module _pam_unix_auth_modstruct; -extern struct pam_module _pam_unix_passwd_modstruct; -extern struct pam_module _pam_unix_session_modstruct; +extern struct pam_module _pam_unix_modstruct; extern struct pam_module _pam_userdb_modstruct; extern struct pam_module _pam_warn_modstruct; extern struct pam_module _pam_wheel_modstruct; @@ -95,7 +91,9 @@ extern struct pam_module _pam_xauth_modstruct; static struct pam_module *static_modules[] = { &_pam_access_modstruct, +#ifdef HAVE_LIBCRACK &_pam_cracklib_modstruct, +#endif &_pam_debug_modstruct, &_pam_deny_modstruct, &_pam_echo_modstruct, @@ -124,7 +122,6 @@ static struct pam_module *static_modules[] = { &_pam_permit_modstruct, &_pam_pwhistory_modstruct, &_pam_rhosts_modstruct, - &_pam_rhosts_auth_modstruct, &_pam_rootok_modstruct, &_pam_securetty_modstruct, #ifdef WITH_SELINUX @@ -142,10 +139,7 @@ static struct pam_module *static_modules[] = { &_pam_tty_audit_modstruct, #endif &_pam_umask_modstruct, - &_pam_unix_acct_modstruct, - &_pam_unix_auth_modstruct, - &_pam_unix_passwd_modstruct, - &_pam_unix_session_modstruct, + &_pam_unix_modstruct, &_pam_userdb_modstruct, &_pam_warn_modstruct, &_pam_wheel_modstruct, diff --git a/libpam/pam_tokens.h b/libpam/pam_tokens.h index fcda7ec..1412fa3 100644 --- a/libpam/pam_tokens.h +++ b/libpam/pam_tokens.h @@ -89,13 +89,13 @@ const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = { * 3. The name of the author may not be used to endorse or promote * products derived from this software without specific prior * written permission. - * + * * ALTERNATIVELY, this product may be distributed under the terms of * the GNU Public License, in which case the provisions of the GPL are * required INSTEAD OF the above restrictions. (This clause is * necessary due to a potential bad interaction between the GPL and * the restrictions contained in a BSD-style copyright.) - * + * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |