Dag-Erling Smørgrav
41bb288744
The only place RETURNP() is used returns a non-const pointer.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@511 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2012-01-09 13:25:09 +00:00
Dag-Erling Smørgrav
596b3af085
Use a different default prompt if PAM_RHOST != PAM_HOST.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@510 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-12-31 13:14:23 +00:00
Dag-Erling Smørgrav
8ec4a16273
Don't log an error message if the file does not exist.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@509 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-12-22 17:18:53 +00:00
Dag-Erling Smørgrav
95ed7f5d0c
Style / consistency
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@503 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-12-18 14:00:33 +00:00
Dag-Erling Smørgrav
dd498bc7ad
Use openpam_check_path_owner_perms()
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@502 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-12-18 13:59:22 +00:00
Dag-Erling Smørgrav
996a845863
Report an error if one of the modules in the chain does not implement
...
the requested primitive. This is a significant change, but it should
only affect poorly-written PAM modules, and the alternative is a
potential fail-open situation.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@501 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-12-07 01:28:05 +00:00
Dag-Erling Smørgrav
229c006c86
Forgotten in previous commit: check the ownership and permissions of the
...
policy file.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@500 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-22 12:07:03 +00:00
Dag-Erling Smørgrav
1a4edb80d7
Factor out and improve the module ownership / permission check, and add
...
a similar (but race-proof) check for the policy file.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@499 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-22 11:51:50 +00:00
Dag-Erling Smørgrav
b9f0b632da
Validate the service name, closing an attack vector for programs like
...
kcheckpass that let the user specify which policy to apply. See
<URL:http://c-skills.blogspot.com/2011/11/openpam-trickery.html >.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@497 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-21 16:25:49 +00:00
Dag-Erling Smørgrav
026c898ec5
Disallow changing the service name.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@496 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-21 16:20:45 +00:00
Dag-Erling Smørgrav
d9f7580763
nit
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@494 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-20 02:58:34 +00:00
Dag-Erling Smørgrav
d98f755c25
Refuse to load a module if it is owned by anyone else than root or the
...
arbitrator or it is writable by group or other.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@493 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-20 02:28:15 +00:00
Dag-Erling Smørgrav
b011e58526
dst can't be const, you idiot.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@492 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-20 02:04:17 +00:00
Dag-Erling Smørgrav
6a92548403
Reorganize the headers and centralize the string tables.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@491 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-12 00:12:32 +00:00
Dag-Erling Smørgrav
ff73a20a84
Add a strlcpy(3) implementation.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@490 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-11 03:04:46 +00:00
Dag-Erling Smørgrav
e8522c7fcc
Always create optv, even if there are no options.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@488 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-05 20:50:15 +00:00
Dag-Erling Smørgrav
c86a681052
The count was never used, so ditch it and return plain PAM error codes
...
instead.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@487 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-05 20:00:46 +00:00
Dag-Erling Smørgrav
ba7de9c9c6
Remove debugging code.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@484 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 16:47:26 +00:00
Dag-Erling Smørgrav
493804d19b
Fix a couple of bugs in the option string reassembly code.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@483 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 16:46:20 +00:00
Dag-Erling Smørgrav
6835696a2a
Revert large parts of r478. I had forgotten that the module arguments
...
are actually passed to each service function in the classic (argc,
argv) form. The only place where the compiler could have caught this
used a type cast, and it did not show up in testing either because all
of the modules I tested use openpam_get_option(3) instead of
manipulating argv directly.
The cleaned-up policy parsing code remains in place, but options are
once more stored as strings, pretty much the way they appear in the
policy file, except that quotes are stripped.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@482 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 16:33:02 +00:00
Dag-Erling Smørgrav
c16faba34e
The include directive expects a service name, not a filename.
...
While there, remember to check for trailing garbage.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@481 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 16:09:22 +00:00
Dag-Erling Smørgrav
b373991f87
namespace violation mumble mumble
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@479 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 15:40:15 +00:00
Dag-Erling Smørgrav
55f6a50684
Major overhaul of the policy parser to support quoted option values. As a
...
bonus, it should now be much easier to read and understand.
This also changes the way options are stored: they are now stored as a list
of { key, value } pairs rather than "key=value" strings.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@478 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 15:39:18 +00:00
Dag-Erling Smørgrav
11b10d0991
Minor simplification.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@477 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 15:30:34 +00:00
Dag-Erling Smørgrav
9b234e1f88
Provide strlcmp(3) internally on systems that don't already have it.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@475 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 15:29:24 +00:00
Dag-Erling Smørgrav
f229d69d05
Fix the case where match_word() matches the last word on the line. It
...
would previously return 0 because it expected the next character after
the matched word to be a space.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@474 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 10:56:10 +00:00
Dag-Erling Smørgrav
ebccc4d687
- Deduplicate the trailing-whitespace code.
...
- Don't treat "\\\n" as whitespace. It's not what most people would
expect, and the documentation doesn't mention it.
- Improve the documentation a bit now that gendoc.pl supports bullet
lists.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@473 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-03 10:48:25 +00:00
Dag-Erling Smørgrav
dd2c21f7b6
Mention that the service function is called twice.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@466 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-02 23:33:43 +00:00
Dag-Erling Smørgrav
956ef0df60
If a module directory was specified on the configure command line, the
...
OPENPAM_MODULES_DIR macro was defined in config.h in addition to
CFLAGS. Place OPENPAM_MODULES_DIR unconditionally in config.h and
remove it from CFLAGS.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@462 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-02 15:04:31 +00:00
Dag-Erling Smørgrav
a1be39bf2d
Fix namespace violations in local variables used to prevent double
...
evaluation in macros.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@461 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-02 14:00:38 +00:00
Dag-Erling Smørgrav
0eae3f21c1
Fix namespace violations in some symbols which have external linkage but
...
are not part of the API.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@460 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-02 13:56:03 +00:00
Dag-Erling Smørgrav
8799ff11b9
Eliminate a potential double evaluation in one of the tracing macros.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@459 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-02 13:50:56 +00:00
Dag-Erling Smørgrav
81b5c45be2
Add a new API function, openpam_subst(3), which replaces substitution
...
codes in a string with the values of selected PAM items. Use it for
prompts.
Furthermore, modify pam_get_user(3) and pam_get_authtok(3) to look for
module options named {user,authtok,oldauthtok}_prompt, as appropriate.
If found, these options take precedence over both the caller's prompt
and the PAM_{USER,AUTHTOK,OLDAUTHTOK}_PROMPT items. The usefulness of
these options is somewhat limited by the fact that the policy file
parser does not support quoted strings; that's next on the todo list.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@455 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-10-29 18:31:11 +00:00
Dag-Erling Smørgrav
b66176bb02
This was written long after the DARPA contract ended.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@447 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-10-22 02:47:36 +00:00
Dag-Erling Smørgrav
874f75e8f4
Document that the item argument (for pam_get_item(3)) and the data
...
argument (for pam_get_data(3)) are untouched if the function fails.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@444 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-10-22 01:03:23 +00:00
Dag-Erling Smørgrav
6970f8c093
We already have PAM_USER, PAM_RUSER and PAM_RHOST. Add PAM_HOST for
...
the sake of completeness. It is automatically set in pam_start(3).
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@443 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-10-22 01:01:39 +00:00
Dag-Erling Smørgrav
16844f8456
Update copyright and release notes.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@437 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-09-13 12:00:13 +00:00
Dag-Erling Smørgrav
b4871fa6dc
Update copyright dates.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@435 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2010-03-10 11:38:49 +00:00
Dag-Erling Smørgrav
385eb53d63
Add support for dynamic modules that contain a struct pam_module.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@433 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2010-03-10 11:34:36 +00:00
Dag-Erling Smørgrav
2a4b841f25
-lfoo goes in LIBADD, not LDFLAGS.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@429 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2010-03-09 17:51:29 +00:00
Dag-Erling Smørgrav
45c15a555d
Portability tip.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@427 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2010-03-09 17:15:39 +00:00
Dag-Erling Smørgrav
0726eb9f8e
Fix doc: pam_strerror() ignores pamh.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@426 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2010-03-09 16:56:40 +00:00
Dag-Erling Smørgrav
1f70254313
Fix double-UTF
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@423 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2009-10-29 17:08:38 +00:00
Dag-Erling Smørgrav
e9776bfa73
Convert everything to UTF-8.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@422 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2009-10-18 22:19:57 +00:00
Dag-Erling Smørgrav
5a523baf2b
Update copyright
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@420 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2009-06-12 19:12:42 +00:00
Dag-Erling Smørgrav
d8194fe11a
Indentation nits
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@419 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-12-22 14:55:47 +00:00
Dag-Erling Smørgrav
9f0d6d6267
Update copyright, and coincidentially root out the last remaining vestige
...
of iso-8859-1 in favor of utf-8.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@417 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-02-14 18:36:22 +00:00
Dag-Erling Smørgrav
ba75190ad0
Convert to correct config.h idiom. We must include it before any other
...
header, as it may define symbols which modify the behaviour of those headers.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@416 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-02-14 18:33:24 +00:00
Dag-Erling Smørgrav
d0bf52fbb1
Remove a few more namespace violations. Only one remains, which we can't
...
remove that without breaking binary compatibility.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@415 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-02-14 18:24:25 +00:00
Dag-Erling Smørgrav
8865782b1d
Un-screwup the debugging code. Now the "debug" keyword will work even
...
if OPENPAM_DEBUG is not defined (doing so generates far more debugging
information than you will ever want)
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@414 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-02-14 18:06:26 +00:00
Dag-Erling Smørgrav
e42d5a34a3
I must have been drunk when I committed r380, because the cast for isspace()
...
is wrong, and I knew it...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@413 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2008-02-01 13:17:39 +00:00
Dag-Erling Smørgrav
fd5e5d917d
Update copyright.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@408 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2007-12-21 11:36:24 +00:00
Dag-Erling Smørgrav
911d657644
Get rid of the module cache; it serves little purpose, and makes OpenPAM
...
thread-unsafe.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@403 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2007-11-28 12:29:08 +00:00
Dag-Erling Smørgrav
e484c931ae
Constify.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@400 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2007-10-24 15:04:23 +00:00
Dag-Erling Smørgrav
119471eac7
Fix some bugs in the build system, and make 'make dist' work as expected.
...
Also add some configure options for developer use.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@395 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2007-06-03 20:26:18 +00:00
Dag-Erling Smørgrav
613f93be19
Silence warnings.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@394 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2007-06-03 15:43:18 +00:00
Dag-Erling Smørgrav
57aa7fdfae
Make sure automake knows about all the files we want to include in a dist.
...
Submitted by: Daniel Richard G. <skunk@iskunk.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@391 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2006-07-09 04:38:53 +00:00
Dag-Erling Smørgrav
4183fc1989
Add a configure option to turn debugging on by default.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@385 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2006-03-20 16:55:55 +00:00
Dag-Erling Smørgrav
b158155823
Plug memory leak.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@383 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2006-03-19 19:55:17 +00:00
Dag-Erling Smørgrav
bce6b0d2a5
Fix signedness mismatch, and use an explicit cast when calling ctype functions.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@380 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2006-03-14 14:42:09 +00:00
Dag-Erling Smørgrav
ce5921ba4c
Convert $P4$ tags to $Id$.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@320 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2006-02-16 20:33:19 +00:00
Dag-Erling Smørgrav
a6ea311d45
Make sure OPENPAM_MODULES_DIR has a trailing slash.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@311 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-06-10 18:51:37 +00:00
Dag-Erling Smørgrav
9787583d8d
If the module path is relative, prepend the module installation
...
directory which was specified at configure time.
Inspired by: NetBSD
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@308 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-06-09 21:32:00 +00:00
Dag-Erling Smørgrav
554a37183c
Better to use unsigned char when isspace() is involved.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@304 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-02-03 08:22:02 +00:00
Dag-Erling Smørgrav
3b5c3d5aab
Leave alarm() alone if openpam_ttyconv_timeout is zero or negative.
...
Also bobbit an unused variable.
Obtained from: NetBSD
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@301 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-02-01 12:00:02 +00:00
Dag-Erling Smørgrav
b8dd03287c
Additional healthy paranoia.
...
Obtained from: NetBSD
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@300 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-02-01 11:57:49 +00:00
Dag-Erling Smørgrav
cc2b3e94a9
Whitespace nits.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@294 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-31 15:32:02 +00:00
Dag-Erling Smørgrav
322e461278
Formatting and documentation nits.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@291 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-28 15:24:44 +00:00
Dag-Erling Smørgrav
5b853cf298
Use FREE() instead of free().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@290 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-28 15:21:35 +00:00
Dag-Erling Smørgrav
9d0dd0c39b
Add openpam_free_envlist(). I'm tired of freeing them by hand.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@289 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-28 14:47:41 +00:00
Dag-Erling Smørgrav
7adc56bb5f
Hard sentence breaks in inline documentation.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@288 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-28 14:08:44 +00:00
Dag-Erling Smørgrav
61e4fb1d75
Add explicit section numbers to sete[gu]id() / setgroups() cross-
...
references; otherwise, gendoc.pl incorrectly assumes they're in
section 3.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@284 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2005-01-28 13:57:45 +00:00
Dag-Erling Smørgrav
2486034511
Remove an unnecessary cast, obviating the need for <stdint.h> which
...
apparently isn't present on some platforms (e.g. Solaris 8)
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@281 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2004-07-27 12:07:13 +00:00
Dag-Erling Smørgrav
58b2c9d06a
s/accound/account/
...
Spotted by: rwatson
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@280 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2004-03-07 05:04:36 +00:00
Dag-Erling Smørgrav
38daa8ac23
Make the ENTER*() and RETURN*() macros safe from side-effects, and
...
solve the "dereferencing NULL pointer" warning.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@279 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2004-02-17 11:13:13 +00:00
Dag-Erling Smørgrav
e38d7ba072
I originally thought the XSSO was wrong to declare pam_get_data()'s
...
final argument as void ** rather than const void **, but having seen
the strict aliasing warnings gcc generates at higher -O levels, it
makes a lot more sense. Change the prototype and definition back to
what the XSSO specifies, and make the necessary changes to avoid
warnings in code that calls pam_get_data().
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@277 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-12-11 17:41:17 +00:00
Dag-Erling Smørgrav
4e4cdb38d4
I completely bungled the previous commit. Don't know what I was
...
thinking (or smoking) at the time. Really fix it this time.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@275 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-12-10 17:42:25 +00:00
Dag-Erling Smørgrav
924113f0c6
Belatedly fix confusion about the layout of resp, cf. similar changes
...
in OpenSSH-portable.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@274 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-11-19 09:36:36 +00:00
Dag-Erling Smørgrav
5985e60d5a
Solaris needs <limits.h> for NGROUPS_MAX. Don't bother making this
...
conditional as it's a standard header.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@267 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-07-14 15:31:38 +00:00
Dag-Erling Smørgrav
21f58dc32e
Use read(2) on fileno(stdin) rather than fgets(3). This make timeout
...
handling considerably simpler, eliminating the need for setjmp(3) and
evil global variables.
Portions submitted by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@264 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-07-14 14:17:47 +00:00
Dag-Erling Smørgrav
922d9cb144
Avoid side effects in macro arguments (don't I ever learn?); also
...
address some related style issues.
Submitted by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@262 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-18 11:41:27 +00:00
Dag-Erling Smørgrav
108a953440
Staticize the default prompts.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@261 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-18 11:41:15 +00:00
Dag-Erling Smørgrav
ba03913cf0
Checking the return value from pam_get_item(3) isn't enough, we also
...
have to check that the item isn't NULL.
Submitted by: marcus
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@258 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-18 11:14:58 +00:00
Dag-Erling Smørgrav
5de0bf6bae
Autoconfuse.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@251 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-09 01:29:37 +00:00
Dag-Erling Smørgrav
1c16675283
Paranoia: clear buffers before returning.
...
Submitted by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@250 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-09 00:47:28 +00:00
Dag-Erling Smørgrav
c25cf2c668
Remove debugging output.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@248 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-02 17:03:15 +00:00
Dag-Erling Smørgrav
049385996b
Give up trying to keep track of what has changed and what hasn't;
...
just slap a 2003 copyright on everything.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@245 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-01 14:34:11 +00:00
Dag-Erling Smørgrav
044448812b
Incorporate patches from Dmitry V. Levin which improve the policy
...
loader, reducing the number of times each file is read. Also fix
a few minor nits (such as making facility names and control flags
case insensitive like they are in Solaris).
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@243 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-01 14:23:25 +00:00
Dag-Erling Smørgrav
3326a91846
Cross-reference openpam_{get,set}_option(3).
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@242 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-06-01 14:05:15 +00:00
Dag-Erling Smørgrav
6c68711fe1
Continue improving the new configuration parser, particularly error
...
reporting: error messages relating to policy files now include line
numbers, and the parser will warn about invalid facility names.
Also fix an off-by-one bug in the option handling code.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@241 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-26 15:31:28 +00:00
Dag-Erling Smørgrav
0fe6f41f7c
Overhaul the configuration parser. This adds support for continuation
...
lines and policy inclusion.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@240 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-25 18:34:31 +00:00
Dag-Erling Smørgrav
49189d9bbc
Use RTLD_NOW where available, and define it to RTLD_LAZY otherwise.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@238 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-25 13:41:46 +00:00
Dag-Erling Smørgrav
592df31db1
Remove trailing semicolons from macros.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@236 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-25 12:53:36 +00:00
Dag-Erling Smørgrav
84ba876926
No need to explicitly clear pointers now that we use FREE().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@235 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-25 12:52:31 +00:00
Dag-Erling Smørgrav
df0aac6712
Return code paranoia: compare against 0 instead of -1.
...
Suggested by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@234 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 19:52:28 +00:00
Dag-Erling Smørgrav
7f62c5701c
Two more cases of asprintf(3) replacing malloc(3) + sprintf(3).
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@233 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 19:47:00 +00:00
Dag-Erling Smørgrav
570d0c7751
With one single exception (where the pointer is obviously being
...
immediately overwritten), replace all use of free(3) with a macro
that clears the pointer after freeing the memory it pointed to.
Suggested by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@232 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 19:44:29 +00:00
Dag-Erling Smørgrav
4ec4c17dcd
Reorganize. Document. Replace malloc() + sprintf() with asprintf().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@229 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 19:32:38 +00:00
Dag-Erling Smørgrav
151085d688
NOLIST doesn't actually do anything, and hasn't for quite a while.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@227 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 18:53:26 +00:00
Dag-Erling Smørgrav
3eeb089306
Allow libpam to build on Linux.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@226 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 18:51:33 +00:00
Dag-Erling Smørgrav
64d0536448
Add #include <grp.h> which I missed due to namespace pollution.
...
Submitted by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@224 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-24 18:32:33 +00:00
Dag-Erling Smørgrav
f013f77bff
Correct old paste-o.
...
Submitted by: Dmitry V. Levin <ldv@altlinux.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@222 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-23 23:47:31 +00:00
Dag-Erling Smørgrav
a59c768d3e
Update copyright dates for files that have changed this year. Also
...
change the copyright date on generated man pages from 2002 to 2001-2003
since work on this part of OpenPAM started in late 2001.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@221 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-13 14:54:04 +00:00
Dag-Erling Smørgrav
98f9303b57
Use RTLD_LAZY rather than RTLD_NOW (which apparently isn't supported
...
on all platforms, notably OpenBSD).
Submitted by: Mike Petullo <mike@flyn.org>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@216 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-13 14:42:04 +00:00
Dag-Erling Smørgrav
5ad9bf2e77
Propagate version numbers and installation directories throughout
...
the tree using Makefile.inc.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@214 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-13 14:37:12 +00:00
Dag-Erling Smørgrav
309a306cfd
Constify the return value from pam_getenv(3). This violates XSSO,
...
but I consider that a bug in the spec.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@211 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-01 23:10:49 +00:00
Dag-Erling Smørgrav
ef2e6d8690
If compiled with -DDEBUG, enable debugging right before calling a
...
module which has the "debug" option, and disable it upon return.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@210 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-01 18:20:03 +00:00
Dag-Erling Smørgrav
8dcae81fe3
Add a global variable controlling the output of debugging messages.
...
This allows modules etc. to emit PAM_LOG_DEBUG messages independently
of whether libpam was compiled with -DDEBUG.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@209 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-01 18:18:06 +00:00
Dag-Erling Smørgrav
a57c4713cf
Avoid dereferencing an unitialized dl handle. Also, add a cast to
...
avoid a warning about assigning void * to a function pointer.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@208 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-01 18:13:09 +00:00
Dag-Erling Smørgrav
01c7951719
Variable initialization issues.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@206 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-05-01 17:57:17 +00:00
Dag-Erling Smørgrav
c85f7eef5b
Avoid a NULL pointer dereference if PAM_CONV is non-NULL but its
...
conv member is NULL.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@205 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-16 12:09:51 +00:00
Dag-Erling Smørgrav
80c9bf5c74
Apparently, nobody ever uses pam_getenv(3), because nobody has ever
...
complained that it didn't work. Make it return a pointer to the
actual value of the requested environment variable.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@204 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-08 21:13:00 +00:00
Dag-Erling Smørgrav
b34ff41a8c
Nothing beats being an idiot! Avoid passing expressions with side
...
effects as arguments to macros. Also impose some sort of consistency
in the naming of variables that hold error codes.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@203 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-08 16:41:53 +00:00
Dag-Erling Smørgrav
ace4e1987e
If the saved effective uid is the same as the current effective uid,
...
just destroy the saved credentials and return.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@202 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-07 16:07:07 +00:00
Dag-Erling Smørgrav
4ad428dc12
If a set of saved credentials already exists when we are called, log
...
a debugging message and fail.
If the effective uid is non-zero but identical to the target uid,
save the current credentials and return without doing anything else.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@201 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-07 16:04:39 +00:00
Dag-Erling Smørgrav
a657d3746c
More debugging macros: ENTERI() (item type), ENTERN() (int),
...
ENTERS() (string). Rename RETURNI() to RETURNN() for consistency.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@200 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-02-02 13:10:00 +00:00
Dag-Erling Smørgrav
8423c93aa2
On second thought, use RETURNS() since environment variables are
...
strings.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@194 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-01-03 03:49:21 +00:00
Dag-Erling Smørgrav
022f6ea6fd
Use RETURNP() rather than RETURNC().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@193 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-01-03 03:47:06 +00:00
Dag-Erling Smørgrav
e8818402d5
Have prompt() return NULL if EOF occurred on stdin, instead of acting
...
as if the user had just pressed enter.
Obtained from: TrustedBSD
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@192 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-01-03 03:34:13 +00:00
Dag-Erling Smørgrav
82a6d21d8c
Fix a typo in the active version of RETURNC(), and a cosmetic nit
...
in the active version of RETURNI().
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@191 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-01-03 03:30:52 +00:00
Dag-Erling Smørgrav
fa370a5bde
Fix typo in debugging macro.
...
Submitted by: Mikko Tyolajarvi <mbsd@pacbell.net>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@189 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2003-01-03 03:17:16 +00:00
Dag-Erling Smørgrav
20a7a7ae90
Instrument entry and exit points.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@187 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-12 17:06:29 +00:00
Dag-Erling Smørgrav
bf8598063a
Record which primitive is currently executing before calling the
...
service module. Use that information to generate a much better
error message when indirect recursion is detected.
Instrument openpam_dispatch()'s entry and exit points.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@186 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-12 17:04:04 +00:00
Dag-Erling Smørgrav
b0ba976453
Declare _pam_func_name and _pam_err_name.
...
Add a member to the pam_handle structure indicating which primitive
is currently executing.
Add a ton of debugging macros.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@185 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-12 17:01:39 +00:00
Dag-Erling Smørgrav
2fb80ca71d
Add an array containing the API names for the PAM primitives.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@184 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-12 16:59:21 +00:00
Dag-Erling Smørgrav
7b3ff93221
Add an array of symbolic names for the PAM error codes.
...
Fix a minor style nit.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@183 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-12 16:58:28 +00:00
Dag-Erling Smørgrav
e9c79d25f0
Make the log level default to PAM_LOG_ERROR.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@175 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-12-04 15:15:03 +00:00
Dag-Erling Smørgrav
1d796b814b
Support /usr/local/etc/pam.conf, for completeness' sake.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@174 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-10-28 13:39:45 +00:00
Dag-Erling Smørgrav
fa4be69c1b
Write message to stdout, not stderr.
...
Submitted by: jmallett
Sponsored by: Rachel Hestilow <rachel@jerkcity.com>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@170 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-10-22 19:00:14 +00:00
Dag-Erling Smørgrav
913c1aaf47
Add the PAM_REPOSITORY item (from Solaris 9).
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@164 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-30 23:11:38 +00:00
Dag-Erling Smørgrav
bfd6af11ec
s/pam_info/pam_error/ in documentation.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@163 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-30 23:10:59 +00:00
Dag-Erling Smørgrav
a9b8bb1e92
Implement the "binding" control flag (from Solaris 9)
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@161 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-30 22:41:59 +00:00
Dag-Erling Smørgrav
d185910864
Include <sys/types.h> to define size_t.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@160 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-30 22:41:17 +00:00
Dag-Erling Smørgrav
1b829e63eb
Don't treat PAM_NEW_AUTHTOK_REQD as an error.
...
Try to emulate Solaris more closely.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@158 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-12 18:07:05 +00:00
Dag-Erling Smørgrav
ed3d5a8522
DBA update and minor whitespace fixes.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@157 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-06-07 18:22:57 +00:00
Dag-Erling Smørgrav
f414e56812
Split the summar page in two (one for the standard API, one for
...
extensions). Also add a page about the conversation system, and
remove that information from the pam_start page.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@153 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-28 00:58:47 +00:00
Dag-Erling Smørgrav
70792385d0
Conditionalize debugging messages in !STDC, !GNUC case.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@151 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-24 15:04:27 +00:00
Dag-Erling Smørgrav
859840dd61
GCC 3 is upon us.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@147 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-24 14:27:09 +00:00
Dag-Erling Smørgrav
6013f825ec
Add documentation.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@145 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-09 19:52:55 +00:00
Dag-Erling Smørgrav
082364c255
Initialize other to all-zeroes before using it.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@142 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-03 14:55:03 +00:00
Dag-Erling Smørgrav
472018b4e5
Fall in line with Solaris and Linux-PAM wrt use of the "other" policy:
...
use it to fill the gaps in incomplete policies as well as to replace
missing ones.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@137 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-05-02 06:08:02 +00:00
Dag-Erling Smørgrav
2cc6bad9fc
Don't reference vpath after it's been freed.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@136 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-24 22:50:40 +00:00
Dag-Erling Smørgrav
c1bd6712a0
Add colons so gendoc recognizes this as a list rather than a literal
...
section.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@132 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-17 23:51:34 +00:00
Dag-Erling Smørgrav
c51f824179
Set rsp to NULL before calling the conversation function, so we can
...
later detect if it hasn't been touched.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@130 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-17 07:26:16 +00:00
Dag-Erling Smørgrav
ad8d33ef88
Add a null conversation function.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@129 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-17 06:46:51 +00:00
Dag-Erling Smørgrav
2d7706551f
Additional debugging messages.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@127 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-15 08:30:42 +00:00
Dag-Erling Smørgrav
eeab6a40c4
Don't copy log messages to stderr, even #ifdef DEBUG.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@125 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-15 08:28:43 +00:00
Dag-Erling Smørgrav
b055d19eda
Print a newline after an error or info message.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@124 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-15 03:26:55 +00:00
Dag-Erling Smørgrav
2dc37c7bb2
Fix highly embarassing typo. This makes a good argument for using
...
verbose variable names.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@122 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-15 02:31:56 +00:00
Dag-Erling Smørgrav
61c8a26c60
More checks & documentation, and fix some markup nits.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@115 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-14 20:22:20 +00:00
Dag-Erling Smørgrav
2b0fbefd4a
Move the policy-loading code into a separate file.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@112 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-12 20:27:47 +00:00
Dag-Erling Smørgrav
56aafe38c0
Add openpam_{borrow,restore}_cred() (for temporarily switching to
...
user credentials) and openpam_free_data() (generic cleanup function
for pam_set_data() consumers)
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@106 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-08 13:42:13 +00:00
Dag-Erling Smørgrav
ff571b036c
If PAM_OLDAUTHTOK is set, we're asked for PAM_AUTHTOK, and we have
...
to prompt the user, prompt her twice and compare the responses.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@105 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-06 21:23:26 +00:00
Dag-Erling Smørgrav
c7010177aa
Check flags carefully, and add documentation.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@102 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-06 17:41:37 +00:00
Dag-Erling Smørgrav
c9f74afc91
Plug memory leak, reduce differences between these very similar
...
functions, and {add,tweak} documentation.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@101 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-06 17:17:44 +00:00
Dag-Erling Smørgrav
1eafe40ac3
Change pam_get_authtok()'s prototype so the caller can specify
...
what token it wants. Also introduce PAM_OLDAUTHTOK_PROMPT.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@100 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-06 17:05:21 +00:00
Dag-Erling Smørgrav
6a52d30938
Allocate the correct amount of memory for the environment list
...
(forgot to multiply by sizeof(char *)).
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@99 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-02 22:47:12 +00:00
Dag-Erling Smørgrav
8113558d3a
Fix braino that arose from confusion between data and dp. This
...
unbreaks the pam_ldap module.
Based on a patch by Joe Marcus Clarke <marcus@marcuscom.com>.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@98 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-04-01 14:13:56 +00:00
Dag-Erling Smørgrav
87b5599651
Suppress debug logs unless DEBUG is defined.
...
Sponsored by: DARPA, NAI Labs.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@95 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-14 20:54:16 +00:00
Dag-Erling Smørgrav
70efc25d1c
Fix a number of bugs in the module cache:
...
- Don't log dlopen() failures, since they're rarely interesting;
instead, log a failure if no module was found at all.
- When loading a versioned module, store its logical name in the
module structure rather than its physical name, since it will be
looked up by its logical name if it's needed again.
- Initialize module->next->prev when adding a module to the cache.
- Set modules to NULL when releasing the last module in the cache.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@94 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-07 20:22:38 +00:00
Dag-Erling Smørgrav
8c639c01ef
s/Technologies/Technology/ in copyright, and regenerate docs.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@93 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-07 18:12:45 +00:00
Dag-Erling Smørgrav
f2bc37d0d6
s/PAM_REINITIALISE_CRED/PAM_REINITIALIZE_CRED/
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@92 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-07 13:09:46 +00:00
Dag-Erling Smørgrav
321d3cfb35
Add missing #include <string.h>
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@91 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-07 12:57:35 +00:00
Dag-Erling Smørgrav
676eb4cd21
Correct markup nit.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@88 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-05 14:37:04 +00:00
Dag-Erling Smørgrav
b61ca53417
Move most of the dynamic loader code into a separate file, and add
...
support for module versioning. OpenPAM will prefer a PAM module with
the same version number as the library itself to one with no version
number at all.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@87 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-03-05 14:20:26 +00:00
Dag-Erling Smørgrav
6f75ed6572
$Id$ -> $P4$ + regenerate man pages.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@86 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-26 04:05:19 +00:00
Dag-Erling Smørgrav
7a936aa997
I was a little quick when I originally wrote this: the code only
...
supported setting new options. Add support for unsetting options
and changing the value of existing options.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@85 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-25 17:37:00 +00:00
Dag-Erling Smørgrav
6f078f6f97
Clear PAM_AUTHTOK after running the service modules.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@82 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-23 18:07:30 +00:00
Dag-Erling Smørgrav
8ea571eeba
- pam_sm_chauthtok() can return PAM_TRY_AGAIN.
...
- "sufficient" should not terminate the chain if the PAM_PRELIM_CHECK
flag is set.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@81 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-23 18:06:45 +00:00
Dag-Erling Smørgrav
ffabf53a8c
Document PAM_TRY_AGAIN as a valid return value (cf. XSSO pp. 72-73)
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@80 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-23 18:03:53 +00:00
Dag-Erling Smørgrav
274583fefd
Whitespace nit.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@76 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-22 22:04:30 +00:00
Dag-Erling Smørgrav
2d71f7049b
Respect echo_pass, try_first_pass, use_first_pass options.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@75 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-22 22:04:11 +00:00
Dag-Erling Smørgrav
5c3fadae16
Add openpam_get_option() and openpam_set_option().
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@74 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-22 21:33:49 +00:00
Dag-Erling Smørgrav
4b5df4ce1a
Mask signals while prompting the user (except for SIGINT and SIGTSTP),
...
and add timeout functionality (defaults to off).
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@72 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-22 20:35:00 +00:00
Dag-Erling Smørgrav
3fab86788d
Oops, don't build openpam_static() unless OPENPAM_STATIC_MODULES is
...
defined.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@71 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-20 15:35:17 +00:00
Dag-Erling Smørgrav
8c45582bf1
Move the linker set stuff into a separate file, and rename the
...
linker set for cosmetic reasons.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@70 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-20 15:33:11 +00:00
Dag-Erling Smørgrav
242138f031
Move PAM_NUM_ITEMS from openpam_impl.h to pam_constants.h so it
...
doesn't go stale again.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@69 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-20 15:26:40 +00:00
Dag-Erling Smørgrav
3d506282e3
Allow the PAM_AUTHTOK_PROMPT item to override the prompt specified by
...
the module.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@68 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-20 15:22:09 +00:00
Dag-Erling Smørgrav
246b7f5d29
Terminate the environment list, and log the number of variables.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@67 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-20 00:22:14 +00:00
Dag-Erling Smørgrav
645c7270fc
Add in-line documentation. Some functions still lack descriptions.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@63 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-18 19:31:10 +00:00
Dag-Erling Smørgrav
6b7c9e3837
The proper use of PAM_SYMBOL_ERR is to indicate an invalid argument
...
to pam_[gs]et_item(3).
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@61 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-18 12:26:17 +00:00
Dag-Erling Smørgrav
849893fd10
Log allocation failures.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@60 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 13:21:37 +00:00
Dag-Erling Smørgrav
c7df899506
Check *authtok - pam_get_item(3) will succeed even if the item is
...
NULL.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@58 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 02:19:05 +00:00
Dag-Erling Smørgrav
105c3d4de7
pam_get_item(3) expects a const void **, not a const void *. Also
...
check that the pam_conv structure it returns is not NULL.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@57 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 02:17:31 +00:00
Dag-Erling Smørgrav
104cfd8443
Add a missing 'continue' in the code for the PAM_SUCCESS case.
...
Add more debugging log messages.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@56 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 02:16:03 +00:00
Dag-Erling Smørgrav
39a1582d7e
Initialize tmp to NULL so that items can be cleared as intended.
...
Don't forget to fill the pam_conv structure after allocating it.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@55 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 02:14:55 +00:00
Dag-Erling Smørgrav
a9a4681bc5
Constify the last argument.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@54 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 02:12:20 +00:00
Dag-Erling Smørgrav
0ebca05841
Log a debug message before calling the service function.
...
Accept PAM_SUCCESS and PAM_ABORT as valid return codes, even though
the normal code path will not call _openpam_check_error_code() if
the module returns one of them.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@53 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 00:43:57 +00:00
Dag-Erling Smørgrav
f8ad159142
Oops, previous commit would cause sprintf() to overrun the malloc()ed
...
buffer by exactly one character. Add some slack.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@52 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 00:41:06 +00:00
Dag-Erling Smørgrav
1840f8c6fe
Trim whitespace off the end of the format string, and add exactly
...
one newline character.
If DEBUG is defined, echo the log message to STDERR.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@51 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 00:39:32 +00:00
Dag-Erling Smørgrav
ee40844c72
Sort the function names in the correct order (which is not the
...
alphabetical order).
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@50 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 00:37:01 +00:00
Dag-Erling Smørgrav
f62e36ce55
Fix an off-by-one bug that would in some circumstances trim off the
...
last character of a configuration line.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@49 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-13 00:34:23 +00:00
Dag-Erling Smørgrav
fad3985e61
Fix a showstopping NULL dereference in pam_set_item(3).
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@48 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-12 22:42:52 +00:00
Dag-Erling Smørgrav
a139b62d54
Introduce pam_v{info,error,prompt}().
...
Move OpenPAM API extensions into <security/openpam.h> to avoid
namespace pollution for apps or modules that do not use them.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@39 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-07 12:22:08 +00:00
Dag-Erling Smørgrav
aada9aaafe
Constify.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@38 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-06 16:03:39 +00:00
Dag-Erling Smørgrav
d5943da7f6
Provide a fallback for platforms that don't support varadic macros.
...
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@37 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-06 16:03:18 +00:00
Dag-Erling Smørgrav
f8a6c31c31
According to bde, it's OK to omit parentheses when taking the size
...
of an object rather than a type.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@35 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-06 13:25:36 +00:00
Dag-Erling Smørgrav
b55243b5c1
Whoa, don't forget to actually resolve symbols once we've located a
...
dynamic module.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@34 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-04 23:39:07 +00:00
Dag-Erling Smørgrav
e683738206
Behave more like Solaris when faced with an empty chain, or a chain
...
that lists modules that don't implement the required functionality.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@33 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-04 23:36:07 +00:00
Dag-Erling Smørgrav
4166f73f32
Add support for static linking. Also rename a handful of constants
...
to reduce the chance of every running into a naming conflict.
Sponsored by: DARPA, NAI Labs
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@32 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2002-02-04 23:22:40 +00:00