Relevant BUGIDs:

Purpose of commit: cleanup Commit summary: --------------- 2007-08-28 Steve Langasek <vorlon@debian.org> * configure.in: call AC_CHECK_HEADERS instead of AC_CHECK_HEADER for crack.h, so we get a HAVE_CRACK_H define. * modules/pam_cracklib/pam_cracklib.c: don't copy around the cracklib dictpath into a fixed-width buffer, when we can just point at the existing strings; and allow users to override the default cracklib path with -DCRACKLIB_DICT, required for compatibility with cracklib 2.7.
author: Steve Langasek <vorlon@debian.org> 2007-08-29 00:14:57 +0000
committer: Steve Langasek <vorlon@debian.org> 2007-08-29 00:14:57 +0000
commit: c783f0606e223915b947b564a2f53d2d4ff78d6b (patch)
tree: 9fa8bc1e9306fc639c63dc3f2970228dafa237e9
parent: af0308708c9308953542815f9e3a9dce7db09edc (diff)
download: pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.tar.gz
pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.tar.bz2
pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.zip
3 files changed, 22 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 9bfa7341..edf1c827 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2007-08-28  Steve Langasek <vorlon@debian.org>
+
+	* configure.in: call AC_CHECK_HEADERS instead of AC_CHECK_HEADER
+	for crack.h, so we get a HAVE_CRACK_H define.
+	* modules/pam_cracklib/pam_cracklib.c: don't copy around the
+	cracklib dictpath into a fixed-width buffer, when we can just
+	point at the existing strings; and allow users to override the
+	default cracklib path with -DCRACKLIB_DICT, required for
+	compatibility with cracklib 2.7.
+
 2007-08-27  Steve Langasek <vorlon@debian.org>
 
 	* modules/pam_limits/pam_limits.c: when building on non-Linux
diff --git a/configure.in b/configure.in
index 856c054c..6ac1f32b 100644
--- a/configure.in
+++ b/configure.in
@@ -317,7 +317,7 @@ AC_ARG_ENABLE([cracklib],
         AC_HELP_STRING([--disable-cracklib],[do not use cracklib]),
         WITH_CRACKLIB=$enableval, WITH_CRACKLIB=yes)
 if test x"$WITH_CRACKLIB" != xno ; then
-        AC_CHECK_HEADER([crack.h],
+        AC_CHECK_HEADERS([crack.h],
               AC_CHECK_LIB([crack], [FascistCheck], LIBCRACK="-lcrack", LIBCRACK=""))
 else
 	LIBCRACK=""
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index 6decf2bf..663c80dd 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -56,6 +56,10 @@
 extern char *FascistCheck(char *pw, const char *dictpath);
 #endif
 
+#ifndef CRACKLIB_DICT
+#define CRACKLIB_DICT NULL
+#endif
+
 /* For Translators: "%s%s" could be replaced with "<service> " or "". */
 #define PROMPT1 _("New %s%spassword: ")
 /* For Translators: "%s%s" could be replaced with "<service> " or "". */
@@ -95,7 +99,7 @@ struct cracklib_options {
         int min_class;
 	int use_authtok;
 	char prompt_type[BUFSIZ];
-        char cracklib_dictpath[PATH_MAX];
+        char *cracklib_dictpath;
 };
 
 #define CO_RETRY_TIMES  1
@@ -166,14 +170,15 @@ _pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
 	 } else if (!strncmp(*argv,"use_authtok",11)) {
 		 opt->use_authtok = 1;
 	 } else if (!strncmp(*argv,"dictpath=",9)) {
-	     strncpy(opt->cracklib_dictpath, *argv+9,
-		     sizeof(opt->cracklib_dictpath) - 1);
+	     opt->cracklib_dictpath = *argv+9;
+	     if (!*(opt->cracklib_dictpath)) {
+		 opt->cracklib_dictpath = CRACKLIB_DICT;
+	     }
 	 } else {
 	     pam_syslog(pamh,LOG_ERR,"pam_parse: unknown option; %s",*argv);
 	 }
      }
      opt->prompt_type[sizeof(opt->prompt_type) - 1] = '\0';
-     opt->cracklib_dictpath[sizeof(opt->cracklib_dictpath) - 1] = '\0';
 
      return ctrl;
 }
@@ -571,8 +576,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
     options.use_authtok = CO_USE_AUTHTOK;
     memset(options.prompt_type, 0, BUFSIZ);
     strcpy(options.prompt_type,"UNIX");
-    memset(options.cracklib_dictpath, 0,
-	   sizeof (options.cracklib_dictpath));
+    options.cracklib_dictpath = CRACKLIB_DICT;
 
     ctrl = _pam_parse(pamh, &options, argc, argv);
 
@@ -666,7 +670,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
             const char *crack_msg;
 
 	    D(("against cracklib"));
-            if ((crack_msg = FascistCheck(token1,options.cracklib_dictpath[0] == '\0'?NULL:options.cracklib_dictpath))) {
+            if ((crack_msg = FascistCheck(token1,options.cracklib_dictpath))) {
                 if (ctrl & PAM_DEBUG_ARG)
                     pam_syslog(pamh,LOG_DEBUG,"bad password: %s",crack_msg);
                 pam_error(pamh, _("BAD PASSWORD: %s"), crack_msg);
author	Steve Langasek <vorlon@debian.org>	2007-08-29 00:14:57 +0000
committer	Steve Langasek <vorlon@debian.org>	2007-08-29 00:14:57 +0000
commit	c783f0606e223915b947b564a2f53d2d4ff78d6b (patch)
tree	9fa8bc1e9306fc639c63dc3f2970228dafa237e9
parent	af0308708c9308953542815f9e3a9dce7db09edc (diff)
download	pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.tar.gz pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.tar.bz2 pam-c783f0606e223915b947b564a2f53d2d4ff78d6b.zip