have long used the wrong ones because neither XSSO not Solaris defined
codes that fit the situation. Also, the definition was missing.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@928 185d5e19-27fe-0310-9dcf-9bff6b9f3609
when compiling code that calls the function, but also when compiling the
function itself. This means that NULL checks in the function trigger
condition-always-false warnings. We have a choice between disabling these
warnings, removing the __nonnull__ annotations, or removing the NULL checks.
We prefer to keep the annotations and warnings and remove the checks. In
all cases, passing NULL to the function in question will result in a
segmentation fault, which is often easier to debug than an error return,
especially when most of these checks were for the PAM handle, which can only
be NULL if the caller ignored an error return from pam_start().
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@913 185d5e19-27fe-0310-9dcf-9bff6b9f3609
for chains that are still empty after the requested policy was loaded.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@862 185d5e19-27fe-0310-9dcf-9bff6b9f3609
logic to prevent reuse of the same code or an earlier code within the
window, and make some minor type adjustments.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@693 185d5e19-27fe-0310-9dcf-9bff6b9f3609
- move libpam into lib/libpam
- move the OATH code into lib/liboath
- move oath.h into include/security
- update all pointers
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@646 185d5e19-27fe-0310-9dcf-9bff6b9f3609
Use it to control policy and module file checks. The default settings
correspond to the current behavior: disallow path separators in policy
names, but allow them in module names; verify ownership and permissions
for both policy files and modules.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@594 185d5e19-27fe-0310-9dcf-9bff6b9f3609
string, reallocating the string if necessary.
Add an openpam_readword() function that reads a single word from a
file according to the usual shell quoting rules.
Add an openpam_readlinev() function that uses openpam_readword() to
read an entire line and return a list of the words it contained.
Rewrite openpam_parse_chain() using openpam_readlinev(), which greatly
simplifies the code and ensures correct parsing of module option.
Thanks to Maëlle Lesage for pointing out the issue and writing an
early version of what became the main loop in openpam_readword().
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@547 185d5e19-27fe-0310-9dcf-9bff6b9f3609
Move prototype from "opempam_impl.h" to <security/openpam.h>.
Generate openpam_straddch(3) man page.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@535 185d5e19-27fe-0310-9dcf-9bff6b9f3609
is currently equivalent to PAM_LOG_DEBUG, and is used only by the
library call tracing macros (ENTER*() and RETURN*()). It should
eventually replace PAM_LOG_DEBUG throughout the library, except
perhaps for a few particularly interesting messages; PAM_LOG_DEBUG
will be reserved for modules.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@522 185d5e19-27fe-0310-9dcf-9bff6b9f3609
codes in a string with the values of selected PAM items. Use it for
prompts.
Furthermore, modify pam_get_user(3) and pam_get_authtok(3) to look for
module options named {user,authtok,oldauthtok}_prompt, as appropriate.
If found, these options take precedence over both the caller's prompt
and the PAM_{USER,AUTHTOK,OLDAUTHTOK}_PROMPT items. The usefulness of
these options is somewhat limited by the fact that the policy file
parser does not support quoted strings; that's next on the todo list.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@455 185d5e19-27fe-0310-9dcf-9bff6b9f3609
the sake of completeness. It is automatically set in pam_start(3).
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@443 185d5e19-27fe-0310-9dcf-9bff6b9f3609
call it with a NULL pamh in a cleanup / error-handling situation. Remove
OPENPAM_NONNULL, which may cause gcc to optimize away the NULL check.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@432 185d5e19-27fe-0310-9dcf-9bff6b9f3609